Skip to main content
🔐Drop-in OAuth Gateway

Secure your MCP server
with OAuth 2.1

Add enterprise-grade authentication to any MCP server in minutes.
No code changes required — just put it in front and you're protected.

Get StartedView on GitHub
Terminal
# Download and run MCP Auth Proxy
$mcp-auth-proxy \
  --external-url https://your-domain.com \
  --tls-accept-tos \
  --password changeme \
  -- npx -y @modelcontextprotocol/server-filesystem ./
✅ OAuth proxy started on port 443
🔐 Endpoint: https://your-domain.com/mcp

Why Choose MCP Auth Proxy?

Enterprise-grade security without the enterprise complexity

🔐

Drop-in OAuth Gateway

Add OAuth 2.1/OIDC authentication to any MCP server without code changes. Just put it in front of your existing server and you're protected.

🏢

Universal Identity Provider Support

Support for Google, GitHub, OIDC (Okta, Auth0, Azure AD, Keycloak, etc.), and password authentication. Choose your preferred identity provider with optional allow-lists for enhanced security.

🚀

All Transport Types

Works with stdio, SSE, and HTTP transports. For stdio, traffic is converted to /mcp. For SSE/HTTP, it's proxied as-is with authentication.

Get Started in Minutes

Deploy your secure MCP server with a single command

1

Download

Get the latest binary from our releases page

2

Configure

Set your domain and authentication providers

3

Deploy

Run the command and you're live with OAuth protection

Quick Start
# Download and run MCP Auth Proxy
mcp-auth-proxy \
  --external-url https://your-domain.com \
  --tls-accept-tos \
  --password changeme \
  -- npx -y @modelcontextprotocol/server-filesystem ./
Secure endpoint at https://your-domain.com/mcp

Battle-Tested Compatibility

Works seamlessly with all major MCP clients — no configuration needed

🤖
Claude - Web
Web
Verified
💻
Claude - Desktop
Desktop
Verified
🔨
Claude Code
IDE
Verified
🌐
ChatGPT - Web
Web
Verified
💻
ChatGPT - Desktop
Desktop
Verified
🐙
GitHub Copilot
IDE
Verified
Cursor
IDE
Verified