Skip to main content
clerkProvider wires authentication through Clerk. Clerk access tokens carry no aud claim, so there is no audience option.

Example

server.ts
import { McpServer, clerkProvider } from "skybridge/server";

const server = new McpServer(
  { name: "personal-shopper", version: "0.0.1" },
  { capabilities: {} },
  {
    oauth: await clerkProvider({
      domain: process.env.CLERK_FRONTEND_API,
    }),
  },
);

Signature

clerkProvider(opts: ClerkProviderOptions): Promise<OAuthConfig>;

Parameters

opts

domain is the Clerk Frontend API URL, for example acme.clerk.accounts.dev or a production custom domain. There is no audience option: Clerk binds no audience to its tokens. It also accepts the shared CustomProviderOptions options: baseUrl, serverUrl, scopes, requiredScopes, and metadataOverrides. Requires Dynamic Client Registration enabled on the instance, and the OAuth application set to issue JWT access tokens (opaque tokens can’t be verified).

Returns

A Promise for the OAuthConfig you pass to the oauth constructor option.

Connect an Identity Provider

Set up sign-in with a hosted provider

Authenticate Users

Add sign-in to your app end to end

customProvider

Wire OAuth from any IdP’s discovery document