AgentReadyHomeAgent ListingPricing

← Agent Listing

mcpauth

MCP Tools and AgentsFreeOpen Source

Drop-in OAuth 2.1 + Dynamic Client Registration authentication middleware and token verification for MCP servers.

🛡️ AgentReady threat assessment

MAESTRO 7-layer threat model + OWASP AIVSS risk score for mcpauth, derived from its capabilities.

AIVSS 8.9 · High
View MAESTRO 7-layer threat model →

These scores are auto-generated from public information (the agent's own listing, docs, and repository) using the canonical OWASP AIVSS formula and the MAESTRO framework — an estimate for guidance, not a penetration test, audit, or certification. See the scoring methodology. Are you the vendor? Factual corrections are free.

Overview

mcpauth is a drop-in OAuth 2.1 and Dynamic Client Registration layer for MCP servers, providing authentication middleware and token verification (with a Python variant, getmcpauth). Security surface: it IS the auth boundary — it validates bearer tokens for other MCP servers, so its correctness directly gates access to everything behind it.

Key features

Use cases