v0.1 — open source, Apache 2.0

Secure your FastMCP server in two lines of Python

A production-grade framework built on top of FastMCP — authentication, observability, and sessions activate with a single config file.

Python 3.11+ Node.js & Go coming soon

the change

Two lines. That's it.

Point FastAuthMCP at your FastMCP app. Every tool call is now authenticated and observed.

server.py before
# Your existing FastMCP server
from fastmcp import FastMCP

app = FastMCP("Weather")

@app.tool()
def forecast(city: str) -> str:
    return get_weather(city)
server.py fastauthmcp ✨
# Same server, enterprise-grade
from fastauthmcp import FastMCP

app = FastMCP("Weather", config="fastauthmcp.yaml")

@app.tool()
def forecast(city: str) -> str:
    return get_weather(city)
Authentication
Per-Tool Authorization
OpenTelemetry
Sessions
Prometheus Metrics
Circuit Breaker
Token Exchange
Rate Limiting
Multi-IdP
Audit Logging
SOAP Support
Schema Export

configuration

One file controls everything

Toggle capabilities on and off. The middleware pipeline reconfigures in real time.

fastauthmcp.yaml
auth: provider: oidc
observability: tracing: true
sessions: ttl: 3600
MCP Client
Authentication
Observability
Sessions
FastMCP → Your Tools

Toggle switches to see the pipeline change

capabilities

Everything your MCP deployment needs

Authentication

Standards-based identity for every tool call. OAuth2 + OIDC + PKCE, automatic token refresh, platform-native storage.

OAuth2 OIDC PKCE Google Entra ID Okta Auth0 Keycloak

Observability

Full-stack visibility out of the box. OpenTelemetry traces, Prometheus metrics, structured JSON logs.

OpenTelemetry Prometheus Grafana

Built on FastMCP

FastAuthMCP doesn't fork — it wraps via composition. Your existing tools, prompts, and resources remain untouched. Remove FastAuthMCP and your app still works. It's a layer on top, never a lock-in.

Enterprise Ready

Hardened security defaults, log redaction, durable sessions, hot reload, and battle-tested middleware patterns.

Resilience Built In

Circuit breaker for all IDP calls, JWKS stale-while-revalidate caching, exponential backoff, and request coalescing.

Circuit Breaker Backoff + Jitter Coalescing

Token Exchange

RFC 8693 token exchange for cloud deployments. Built-in adapters for Google STS, Microsoft Entra OBO, and any OIDC provider.

RFC 8693 Google STS Entra OBO

comparison

Why FastAuthMCP over alternatives?

How FastAuthMCP compares to rolling your own auth or using an API gateway.

FastAuthMCP DIY Middleware API Gateway
Setup time 5 minutes Days to weeks Hours + infra
Code changes 0 (one import) Extensive 0 (external)
MCP-aware
OAuth2/OIDC built-in Build it
Token forwarding ✓ access_token() Build it Depends
Identity in tools ✓ identity() Manual
Per-tool authorization ✓ decorators Build it Route-level only
OpenTelemetry ✓ automatic Integrate Varies
Lock-in None N/A Vendor
Resilience ✓ circuit breaker Build it
Cost Free (Apache 2.0) Engineering time $ to $$$$

compatibility

Security & Interoperability Lab

34 automated scenarios validating FastAuthMCP against every major identity provider. Run it locally in 300ms.

./lab.sh
  Authentication
   ZITADEL Auth Code + PKCE → identity
   Keycloak Client Credentials → service identity
   Auth0 Auth Code + PKCE → identity
   Azure Entra ID + PKCE → identity
   Okta Client Credentials → service identity

  Authorization
   Admin role → tool allowed
   Viewer role → tool rejected

  Security
   Expired token → rejected
   Wrong issuer → rejected
   Wrong audience → rejected

  Result: 34 passed, 0 failed (300ms)

OIDC Provider Matrix

Generic OIDC (Mock)
ZITADEL
Keycloak
Auth0
Azure Entra ID
Okta

Interactive Lab UI

Chat with an LLM through FastAuthMCP-protected tools. See auth, authorization, and identity propagation in real time.

$ make lab-ui
┌──────────┬───────────────────────────┐
│ Config   │  👤 Who am I?             │
│          │  🤖 Checking identity...  │
│ Scenario │     🔧 whoami()           │
│ [Zitadel]│     → sub: user-001      │
│          │                           │
│ LLM:     │  👤 Am I an admin?        │
│ [OpenAI] │  🤖 Let me try...        │
│          │     🔧 admin_action()     │
│          │     → ❌ forbidden        │
├──────────┴───────────────────────────┤
│ 🔍 Logs                              │
└──────────────────────────────────────┘
$ ./lab.sh or make lab-ui

deployment scenarios

One codebase. Two deployment modes.

Your MCP tools call downstream APIs on behalf of the user. FastAuthMCP handles authentication for both local and cloud — same tool code, different config.

Local via stdio

Claude Desktop · Cursor · VS Code

WITHOUT FASTAUTHMCP

Hand-roll OAuth PKCE, build a local callback server, manage token refresh, store credentials securely, wire the token into every HTTP call. Days of work before your first tool.

WITH FASTAUTHMCP

fastauthmcp login → browser opens → token stored in Keychain → every tool call authenticated. 30 seconds.

fastauthmcp.yaml
auth:
  provider: oidc
  issuer: https://your-idp.example.com
  client_id: my-dev-app
  grant_type: authorization_code

access_token() in your tool → user-scoped, auto-refreshed, zero boilerplate

Cloud via HTTP/SSE

Claude · Gemini · Remote MCP

WITHOUT FASTAUTHMCP

Implement RFC 8693 token exchange, parse upstream tokens, POST to IDP, handle errors, add retry logic, build a circuit breaker. Weeks of security-sensitive code.

WITH FASTAUTHMCP

Platform passes user token → FastAuthMCP exchanges it at IDP → your tool gets a downstream-scoped token. Same tool code as local.

fastauthmcp.yaml
auth:
  provider: oidc
  issuer: https://your-idp.example.com
  client_id: my-cloud-mcp
  grant_type: token_exchange
  upstream_token_header: x-user-token
  token_exchange_audience: https://api.internal.com
  token_exchange_provider: rfc8693

Circuit breaker, exponential backoff, JWKS validation — all built in. No extra infrastructure.

Same tool code. Same access_token() call. Only the YAML changes.

Deploy locally during development with interactive login. Push to production with token exchange. Your tools never know the difference.

architecture

How a request flows

Each layer is independent. Enable or disable by config section.

1

MCP Client

Tool call arrives

2

FastAuthMCP Middleware

Auth → Observability → Sessions

3

FastMCP

Your tool executes

4

Response

After-hooks in reverse, result returned

identity providers

Works with the stack you already have

Zitadel
Entra ID
Google
Keycloak
Okta
Auth0

command line

Zero to authenticated in 3 commands

terminal

🚀 We just launched

FastAuthMCP is brand new and looking for early adopters and contributors. Try it with your MCP server, integrate your identity provider, write a plugin — we'd love your help building the future of secure MCP.