🔐 SSE MCP Server with JWT Authentication

This is a Model Context Protocol (MCP) SSE server with JWT-based authentication.
It allows you to expose multiple AI tools over an SSE transport, protected via secure Bearer Token flow.

Built with:

🚀 Node.js + Express
🧩 @modelcontextprotocol/sdk
🔒 JSON Web Tokens (JWT) for authentication
⚙️ Zod for input validation

✅ Fully tested with @modelcontextprotocol/inspector

📂 Project Structure

server/
├── index.ts          # Main Express + MCP server
├── .env              # Environment variables
├── package.json      # Project metadata & scripts
├── tsconfig.json     # TypeScript config
└── README.md         # You are here!

✨ Features

✅ Secure SSE connection using Bearer JWT token
✅ Dynamic Tool registration (echo, time, random number, etc.)
✅ Tested with MCP Inspector
✅ Logs all request lifecycle events
✅ Session management for /message endpoint
🚀 Ready to extend for production use

⚙️ Setup

1. Clone the repository

git clone https://github.com/anisirji/mcp-server-remote-setup-with-jwt-auth.git
cd mcp-server-remote-setup-with-jwt-auth

2. Install dependencies

npm install

3. Create `.env` file

echo "JWT_SECRET=your-secret-key" > .env

4. Run the server

npm run dev

✅ Server will run on:

http://localhost:3001/sse

🧪 Testing the server with MCP Inspector

Step 1 — Install MCP Inspector

📖 Official Docs: MCP Inspector

npx @modelcontextprotocol/inspector

Step 2 — Generate a token

Use cURL to get your JWT token:

curl "http://localhost:3001/auth/token?username=aniket&scope=mcp:access"

✅ Example response:

{
  "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}

Step 3 — Connect MCP Inspector

Open Inspector UI
Set Transport Type: SSE
URL:
```
http://localhost:3001/sse
```
Add Authorization Header:
```
Authorization: Bearer <your-token>
```
Click Connect

🎉 Success! Your server is now connected.

Step 4 — Test tools

Go to Tools tab in Inspector and click List Tools.

You will see:

✅ test
✅ echo
✅ get-time
✅ random-number

Test them and enjoy!

📖 API Reference

🔑 Generate Token

GET /auth/token?username=<username>&scope=mcp:access

🔌 SSE Endpoint (requires token)

GET /sse
Authorization: Bearer <token>

📩 Send Message to active session

POST /message?sessionId=<sessionId>
Authorization: Bearer <token>

🧩 Tools Reference

Tool Name	Description
`test`	Test connection (security check)
`echo`	Echo back provided message
`get-time`	Returns current server time
`random-number`	Returns random number (min/max)

🗓️ Upcoming Changes

Token revocation list (blacklist)
Role-based tool access (scope checks)
Session heartbeat / keep-alive
Rate limiting & logging
Dockerization for deployment

mcp server remote setup with jwt auth

🔐 SSE MCP Server with JWT Authentication

📂 Project Structure

✨ Features

⚙️ Setup

1. Clone the repository

2. Install dependencies

3. Create `.env` file

4. Run the server

🧪 Testing the server with MCP Inspector

Step 1 — Install MCP Inspector

Step 2 — Generate a token

Step 3 — Connect MCP Inspector

Step 4 — Test tools

📖 API Reference

🔑 Generate Token

🔌 SSE Endpoint (requires token)

📩 Send Message to active session

🧩 Tools Reference

🗓️ Upcoming Changes

📚 Useful Resources

👨‍💻 Maintainer

📄 License

🚀 Build. Secure. Empower.

mcp server remote setup with jwt auth

🔐 SSE MCP Server with JWT Authentication

📂 Project Structure

✨ Features

⚙️ Setup

1. Clone the repository

2. Install dependencies

3. Create .env file

4. Run the server

🧪 Testing the server with MCP Inspector

Step 1 — Install MCP Inspector

Step 2 — Generate a token

Step 3 — Connect MCP Inspector

Step 4 — Test tools

📖 API Reference

🔑 Generate Token

🔌 SSE Endpoint (requires token)

📩 Send Message to active session

🧩 Tools Reference

🗓️ Upcoming Changes

📚 Useful Resources

👨‍💻 Maintainer

📄 License

🚀 Build. Secure. Empower.

3. Create `.env` file