Skip to main content

User Authentication Guide

This guide walks through implementing MCP Identity authentication in your application.

Overview

MCP Identity uses a simple OAuth-like flow:
  1. Your app requests an auth URL from MCP Rank
  2. User is redirected to Google (or other provider) to authorize
  3. After authorization, user is redirected back with tokens
  4. Your app uses tokens to make proxy requests

Web Application Example

Flask

FastAPI

CLI Application Example

For CLI apps, you can use a local callback server:

Token Storage

Database Storage

Refresh Handling

Security Best Practices

  1. Use HTTPS in production for redirect URIs
  2. Validate state parameter to prevent CSRF
  3. Encrypt tokens at rest in your database
  4. Handle token expiration gracefully
  5. Let users disconnect their accounts