Expand description
Authentication support for MCP servers.
This module provides the core auth abstractions used across all transports. Each auth scheme is gated behind a feature flag so you only compile what you use:
| Feature | Provider | Credential type |
|---|---|---|
auth-bearer | BearerTokenProvider | Authorization: Bearer <token> |
auth-apikey | ApiKeyProvider | X-Api-Key: <key> or ?api_key= |
auth-basic | BasicAuthProvider | Authorization: Basic <b64> |
auth-oauth2 | [OAuth2Provider] | Bearer token (introspection or JWT/JWKS) |
auth-mtls | [MtlsProvider] | Client certificate (mTLS) |
| (always) | CustomHeaderProvider | Any custom header |
| (always) | CompositeAuthProvider | Try multiple providers in order |
§Quick start
use mcp_kit::auth::{BearerTokenProvider, CompositeAuthProvider};
use mcp_kit::auth::composite::IntoDynProvider;
let provider = CompositeAuthProvider::new(vec![
BearerTokenProvider::new(["my-secret"]).into_dyn(),
]);Re-exports§
pub use composite::CompositeAuthProvider;pub use composite::IntoDynProvider;pub use credentials::Credentials;pub use custom::CustomHeaderProvider;pub use identity::AuthenticatedIdentity;pub use provider::AuthFuture;pub use provider::AuthProvider;pub use provider::DynAuthProvider;pub use bearer::BearerTokenProvider;pub use apikey::ApiKeyProvider;pub use basic::BasicAuthProvider;