Skip to main content
auth0Provider wires authentication through Auth0. Auth0 carries the audience in the authorize request rather than as a resource indicator, so it also requires this server’s public URL as serverUrl.

Example

server.ts
import { McpServer, auth0Provider } from "skybridge/server";

const server = new McpServer(
  { name: "personal-shopper", version: "0.0.1" },
  { capabilities: {} },
  {
    oauth: await auth0Provider({
      domain: process.env.AUTH0_DOMAIN,
      audience: process.env.AUTH0_API_IDENTIFIER,
      serverUrl: process.env.SERVER_URL,
    }),
  },
);

Signature

auth0Provider(opts: Auth0ProviderOptions): Promise<OAuthConfig>;

Parameters

opts

  • domain is the tenant domain, for example acme.us.auth0.com.
  • audience is the API Identifier from the Auth0 dashboard, bound into the token’s aud claim.
  • serverUrl is this server’s public URL, required for Auth0.
It also accepts the shared CustomProviderOptions options: scopes, requiredScopes, and metadataOverrides. Requires Dynamic Client Registration enabled on the tenant.

Returns

A Promise for the OAuthConfig you pass to the oauth constructor option.

Connect an Identity Provider

Set up sign-in with a hosted provider

Authenticate Users

Add sign-in to your app end to end

customProvider

Wire OAuth from any IdP’s discovery document