auth
HTTP template with bearer-token verification on the MCP route.
Intended use case
Choose auth when you want the HTTP template plus route protection for /mcp.
Transport
Like http, it uses Streamable HTTP over Express.
Generated structure
Adds src/auth.ts on top of the HTTP template baseline.
Included capabilities
- all
httptemplate routes - auth middleware applied to
/mcp - unauthenticated
/and/health - Bearer token handling through
Authorizationheaders
Environment variables used by generated code
AUTH_ISSUERdefault:https://auth.example.comAUTH_AUDIENCEdefault: server nameAUTH_JWKS_URIno default
Important precision
The current implementation verifies bearer tokens with jose.jwtVerify and only initializes a signing key when AUTH_JWKS_URI is set.
Do not treat this template as a complete authorization-flow scaffold. It is a route-protection starting point and needs real JWKS-backed configuration to work correctly.
Generated client config
The generated .vscode/mcp.json includes an Authorization header placeholder using ${env:AUTH_TOKEN}.