Tigris implemented OAuth authentication for their Model Context Protocol (MCP) server by creating an OpenID Connect (OIDC) man-in-the-middle pattern. The MCP server acts as both an OIDC provider and client, proxying authentication to Auth0 while managing its own session tokens. This approach solves the problem of dynamic OAuth clients flooding identity providers with duplicate entries. The implementation uses the oidc-provider library with Tigris as a key-value store for managing state including client credentials, sessions, and tokens. The authentication flow involves multiple handshakes between the MCP client, MCP server, and Auth0, ultimately allowing AI agents to securely access Tigris object storage.
Table of contents
MCP Authentication is easy, right? Our sins laid bare: Making our MCP Server an OIDC client backed by a kv store Issues we hit along the way Conclusion Sort: