mcp-front
🥈SilverAuth proxy for Model Context Protocol servers. Adds authentication to MCP tools like Claude.ai, Claude Code, Cursor, and Gemini. Benefits operations teams by securing access to AI agents and workflows. Integrates with existing MCP infrastructure.
4420Updated 2mo ago
Intermediate30min to implementautomation
Saves ~60 min per use
Quick InstallView Source
git clone https://github.com/stainless-api/mcp-front.gitWorks with:
Claude
Overview
About This Skill
mcp-front is an authentication gateway that sits between Claude and internal MCP servers, enabling secure access without internet exposure. It handles multi-user OAuth authentication (Google, Azure AD, GitHub, OIDC) and validates users belong to your organization before proxying requests. The tool isolates each user's session, supports per-user API key management for services like Notion and Linear, and enforces per-service token scoping using RFC 8707 audience claims. Operations teams use mcp-front to grant Claude access to internal databases, APIs, and tools while maintaining organization-wide access control and data security.
How to Use
["Install and configure the MCP Front proxy on your server using the official documentation. Ensure your MCP server is running and accessible at the specified address.","Choose an authentication method (API key, OAuth, or JWT) and generate the required credentials. For JWT, use a tool like `jwt.io` to create a token with the appropriate claims.","Update the proxy configuration file (e.g., `mcp-front-config.json`) with the server details, authentication settings, and rate limits. Example:\n```json\n{\n \"server_name\": \"my-mcp-server\",\n \"server_address\": \"localhost:8080\",\n \"auth_method\": \"JWT\",\n \"credentials\": \"your_jwt_token_here\",\n \"target_endpoint\": \"http://localhost:3000/mcp\",\n \"rate_limit\": 100\n}\n```","Start the proxy service and verify it is running. Use a tool like `curl` or Postman to send a test request to the proxy endpoint, including the required authentication headers.","Monitor the proxy logs for any errors or unauthorized access attempts. Adjust rate limits or authentication settings as needed based on usage patterns."]
Use Cases
Give Claude access to internal databases and APIs securely for your team
Add multi-user authentication to MCP servers without modifying them
Manage per-user API keys for external services like Notion and Linear
Enforce organization-based access control for internal tools
Tags
Setup & Installation
Quick Install
No install command available. Check the GitHub repository for manual installation instructions.
Alternative Install (Git Clone)
git clone https://github.com/stainless-api/mcp-frontRequirements
- Claude Code or compatible AI agent
- Works with: Claude
Quick Start Guide
1
Install the Skill
Copy the install command above and run it in your terminal.
2
Open Your AI Agent
Launch Claude Code, Cursor, or your preferred AI coding agent.
3
Try It Out
Use the prompt template or examples below to test the skill.
4
Customize
Adapt the skill to your specific use case and workflow.
Usage Examples
Prompt Template
Configure the MCP Front proxy to secure access to [MCP_SERVER_NAME] running on [SERVER_ADDRESS:PORT]. Set up [AUTH_METHOD] authentication (e.g., API key, OAuth, JWT) with [CREDENTIALS]. Ensure the proxy routes requests to [TARGET_ENDPOINT] while enforcing rate limits of [RATE_LIMIT] requests per minute. Test the setup by sending a sample request to [TEST_ENDPOINT].
Example Output
```json
{
"status": "success",
"proxy_config": {
"server_name": "code-analysis-mcp",
"server_address": "localhost:8080",
"auth_method": "JWT",
"credentials": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
"target_endpoint": "http://localhost:3000/mcp",
"rate_limit": "100",
"test_results": {
"request_sent": {
"endpoint": "/analyze-code",
"method": "POST",
"headers": {
"Authorization": "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
"Content-Type": "application/json"
},
"body": {
"language": "python",
"code": "def hello(): return 'world'"
}
},
"response": {
"status_code": 200,
"body": {
"analysis": "Code is syntactically correct and follows PEP 8 guidelines.",
"suggestions": ["Consider adding docstrings."]
}
}
}
}
}
```
The MCP Front proxy is now successfully configured to secure access to the code analysis MCP server. The JWT authentication is enforced, and the proxy correctly routes requests to the target endpoint while maintaining the rate limit. The test request to `/analyze-code` was processed without errors, returning a valid analysis of the provided Python code. The response includes actionable feedback, demonstrating that the proxy is functioning as expected. Operations teams can now securely expose this MCP server to authorized clients like Claude Code or Cursor without exposing the underlying server directly.Apply to these tools
Browse all tools
Gemini
Google's multimodal AI model and assistant
Cursor
The AI Code Editor for productive developers
Mode
Unlock data insights with interactive dashboards and collaborative analytics capabilities.
Front
AI and human support for seamless service at scale
Claude
AI assistant built for thoughtful, nuanced conversation
Stack Auth
Authenticate users with open-source tools
Compatible MCP servers
Browse all MCP servers
Find the right skills for your stack
Take a free 3-minute scan and get personalized AI skill recommendations.
Take free scan