Build Mcp Server

Name: Build Mcp Server
Author: anthropics

anthropics/claude-plugins-official

Wire Claude-supported OAuth and API-key auth into remote MCP servers so connectors work in Claude.ai without unsupported grant types.

Overview

Build MCP Server Auth is an agent skill for the Build phase that documents Claude-supported MCP authentication tiers and implementation patterns for remote connectors.

Install

npx skills add https://github.com/anthropics/claude-plugins-official --skill build-mcp-server

What is this skill?

Maps Claude-supported auth types: oauth_dcr, oauth_cimd, oauth_anthropic_creds, custom_connection, and none
Documents unsupported flows: static_bearer and client_credentials without user consent
Single callback URL for all surfaces: https://claude.ai/api/mcp/auth_callback
Three-tier model from no-auth/static API key through full OAuth remote hosting
Explains why remote hosting simplifies OAuth redirects, token storage, and refresh
Documents 5 Claude-supported auth type rows in the reference table
Defines 3 auth tiers from no-auth/static key through full OAuth remote hosting

Compatible agents: Claude Code, Cursor, Codex, any compatible agent

Adoption & trust: 2.7k installs on skills.sh; 29.6k GitHub stars; 2/3 security scanners passed (skills.sh audits).

What problem does it solve?

You are building an MCP server but OAuth redirects, token refresh, and Claude’s limited auth matrix make it unclear which flow will actually connect in production.

Who is it for?

Solo builders publishing or self-hosting MCP servers that must authenticate to third-party APIs under Claude.ai’s OAuth and API-key rules.

Skip if: Pure local stdio tools with no upstream identity, or integrations that rely only on user-pasted bearer tokens or machine-only client_credentials without consent.

When should I use this skill?

Building or reviewing authentication for a remote MCP server that must connect through Claude’s MCP client.

What do I get? / Deliverables

You implement an auth tier and callback configuration that matches Claude’s supported types so users can connect without dead-end grant or bearer-token approaches.

Auth flow choice aligned with Claude-supported types
Env-based API key or OAuth callback configuration for production

Recommended Skills

Microsoft Foundrymicrosoft/azure-skills

Microsoft Foundry skill guides agents through the full Azure AI Foundry lifecycle—containerizing agents, pushing to ACR,…377k installs·1.2k stars

Azure Aimicrosoft/azure-skills

azure-ai is a Prism-oriented quick reference for Microsoft Azure AI work, with the published body centered on the Azure …375k installs·1.2k stars

Azure Hosted Copilot Sdkmicrosoft/azure-skills

Azure Hosted Copilot SDK is Microsoft's entry skill for repos using @github/copilot-sdk—it detects CopilotClient usage, …346k installs·1.2k stars

Lark Eventlarksuite/cli

Lark real-time subscription skill via lark-cli event consume for building bots and streaming webhook-style agent workers…208k installs·13.7k stars

Running Claude Code Via Litellm Copilotxixu-me/skills

Running Claude Code via LiteLLM Copilot walks through pointing Claude Code at a local LiteLLM proxy that forwards Anthro…200k installs·61 stars

Setup Matt Pocock Skillsmattpocock/skills

One-time per-repo setup so Matt Pocock engineering skills share correct issue tracker, triage strings, and domain docume…180k installs·121k stars

Journey fit

Primary fit

BuildAgent skills & templates

MCP server construction and connector auth is core agent-tooling work during the Build phase before you ship a hosted integration. Authentication callbacks, token storage, and upstream keys are implemented on the MCP server itself—squarely agent-tooling, not generic backend CRUD.

Also useful

ShipSecurity

How it compares

Reference skill for connector auth design—not a code generator or MCP transport scaffold by itself.

Common Questions / FAQ

Who is build-mcp-server for?

Indie and solo developers building MCP servers for Claude Code or Claude.ai who need correct OAuth DCR/CIMD, partner creds, custom connection, or static env API keys.

When should I use build-mcp-server?

During Build agent-tooling when you choose remote vs local MCP, pick an auth type for a directory entry, or debug why Claude rejects your OAuth flow; also when Ship security review asks how tokens and callbacks are handled.

Is build-mcp-server safe to install?

It is documentation-oriented procedural knowledge; review the Security Audits panel on this Prism page before trusting the parent plugin repo in your agent environment.

SKILL.md

READMESKILL.md - Build Mcp Server

# Auth for MCP Servers

Auth is the reason most people end up needing a **remote** server even when a local one would be simpler. OAuth redirects, token storage, and refresh all work cleanly when there's a real hosted endpoint to redirect back to.

## Claude-specific authentication

Claude's MCP client supports a specific set of auth types — not every spec-compliant flow works. Full reference: https://claude.com/docs/connectors/building/authentication

| Type | Notes |
|---|---|
| `oauth_dcr` | Supported. For high-volume directory entries, prefer CIMD or Anthropic-held creds — DCR registers a new client on every fresh connection. |
| `oauth_cimd` | Supported, recommended over DCR for directory entries. |
| `oauth_anthropic_creds` | Partner provides `client_id`/`client_secret` to Anthropic; user-consent-gated. Contact `mcp-review@anthropic.com`. |
| `custom_connection` | User supplies URL/creds at connect time (Snowflake-style). Contact `mcp-review@anthropic.com`. |
| `none` | Authless. |

**Not supported:** user-pasted bearer tokens (`static_bearer`); pure machine-to-machine `client_credentials` grant without user consent.

**Callback URL** (single, all surfaces): `https://claude.ai/api/mcp/auth_callback`

---

## The three tiers

### Tier 1: No auth / static API key

Server reads a key from env. User provides it once at setup. Done.

```typescript
const apiKey = process.env.UPSTREAM_API_KEY;
if (!apiKey) throw new Error("UPSTREAM_API_KEY not set");
```

Works for local stdio, MCPB, and remote servers alike. If this is all you need, stop here.

### Tier 2: OAuth 2.0 via CIMD (preferred per spec 2025-11-25)

**Client ID Metadata Document.** The MCP host publishes its client metadata at an HTTPS URL and uses that URL *as* its `client_id`. Your authorization server fetches the document, validates it, and proceeds with the auth-code flow. No registration endpoint, no stored client records.

Spec 2025-11-25 promoted CIMD to SHOULD (preferred). Advertise support via `client_id_metadata_document_supported: true` in your OAuth AS metadata.

**Server responsibilities:**

1. Serve OAuth Authorization Server Metadata (RFC 8414) at `/.well-known/oauth-authorization-server` with `client_id_metadata_document_supported: true`
2. Serve an MCP-protected-resource metadata document pointing at (1)
3. At authorize time: fetch `client_id` as an HTTPS URL, validate the returned client metadata, proceed
4. Validate bearer tokens on incoming `/mcp` requests

```
┌─────────┐  client_id=https://...  ┌──────────────┐   upstream OAuth   ┌──────────┐
│ MCP host│ ──────────────────────> │ Your MCP srv │ ─────────────────> │ Upstream │
└─────────┘ <─── bearer token ───── └──────────────┘ <── access token ──└──────────┘
```

### Tier 3: OAuth 2.0 via Dynamic Client Registration (DCR)

**Backward-compat fallback** — spec 2025-11-25 demoted DCR to MAY. The host discovers your `registration_endpoint`, POSTs its metadata to register itself as a client, gets back a `client_id`, then runs the auth-code flow.

Implement DCR if you need to support hosts that haven't moved to CIMD yet. Same server responsibilities as CIMD, but instead of fetching the `client_id` URL you run a registration endpoint that stores client records.

**Client priority order:** pre-registered → CIMD (if AS advertises `client_id_metadata_document_supported`) → DCR (if AS has `registration_endpoint`) → prompt user.

---

## Hosting providers with built-in DCR/CIMD support

Several MCP-focused hosting providers handle the OAuth plumbing for you — you implement tool logic, they run the authorization server. Check their docs for current capabilities. If the user doesn't have strong hosting preferences, this is usually the fastest path to a working OAuth-protected server.

---

## Local servers and OAuth

Local stdio servers **can** do OAuth (open a browser, catch the redirect on a localhost port, stash the token in the OS keychain). It's fragile:

- Breaks in headless/remote environments
- Every u

What is this skill?

Maps Claude-supported auth types: oauth_dcr, oauth_cimd, oauth_anthropic_creds, custom_connection, and none

Documents unsupported flows: static_bearer and client_credentials without user consent

Single callback URL for all surfaces: https://claude.ai/api/mcp/auth_callback

Three-tier model from no-auth/static API key through full OAuth remote hosting

Explains why remote hosting simplifies OAuth redirects, token storage, and refresh

Documents 5 Claude-supported auth type rows in the reference table

Defines 3 auth tiers from no-auth/static key through full OAuth remote hosting

Compatible agents: Claude Code, Cursor, Codex, any compatible agent

Adoption & trust: 2.7k installs on skills.sh; 29.6k GitHub stars; 2/3 security scanners passed (skills.sh audits).

Who is it for?

Solo builders publishing or self-hosting MCP servers that must authenticate to third-party APIs under Claude.ai’s OAuth and API-key rules.

Skip if: Pure local stdio tools with no upstream identity, or integrations that rely only on user-pasted bearer tokens or machine-only client_credentials without consent.

Journey fit

Primary fit

BuildAgent skills & templates

Also useful

ShipSecurity

SKILL.md

READMESKILL.md - Build Mcp Server

# Auth for MCP Servers

Auth is the reason most people end up needing a **remote** server even when a local one would be simpler. OAuth redirects, token storage, and refresh all work cleanly when there's a real hosted endpoint to redirect back to.

## Claude-specific authentication

Claude's MCP client supports a specific set of auth types — not every spec-compliant flow works. Full reference: https://claude.com/docs/connectors/building/authentication

| Type | Notes |
|---|---|
| `oauth_dcr` | Supported. For high-volume directory entries, prefer CIMD or Anthropic-held creds — DCR registers a new client on every fresh connection. |
| `oauth_cimd` | Supported, recommended over DCR for directory entries. |
| `oauth_anthropic_creds` | Partner provides `client_id`/`client_secret` to Anthropic; user-consent-gated. Contact `mcp-review@anthropic.com`. |
| `custom_connection` | User supplies URL/creds at connect time (Snowflake-style). Contact `mcp-review@anthropic.com`. |
| `none` | Authless. |

**Not supported:** user-pasted bearer tokens (`static_bearer`); pure machine-to-machine `client_credentials` grant without user consent.

**Callback URL** (single, all surfaces): `https://claude.ai/api/mcp/auth_callback`

---

## The three tiers

### Tier 1: No auth / static API key

Server reads a key from env. User provides it once at setup. Done.

```typescript
const apiKey = process.env.UPSTREAM_API_KEY;
if (!apiKey) throw new Error("UPSTREAM_API_KEY not set");
```

Works for local stdio, MCPB, and remote servers alike. If this is all you need, stop here.

### Tier 2: OAuth 2.0 via CIMD (preferred per spec 2025-11-25)

**Client ID Metadata Document.** The MCP host publishes its client metadata at an HTTPS URL and uses that URL *as* its `client_id`. Your authorization server fetches the document, validates it, and proceeds with the auth-code flow. No registration endpoint, no stored client records.

Spec 2025-11-25 promoted CIMD to SHOULD (preferred). Advertise support via `client_id_metadata_document_supported: true` in your OAuth AS metadata.

**Server responsibilities:**

1. Serve OAuth Authorization Server Metadata (RFC 8414) at `/.well-known/oauth-authorization-server` with `client_id_metadata_document_supported: true`
2. Serve an MCP-protected-resource metadata document pointing at (1)
3. At authorize time: fetch `client_id` as an HTTPS URL, validate the returned client metadata, proceed
4. Validate bearer tokens on incoming `/mcp` requests

```
┌─────────┐  client_id=https://...  ┌──────────────┐   upstream OAuth   ┌──────────┐
│ MCP host│ ──────────────────────> │ Your MCP srv │ ─────────────────> │ Upstream │
└─────────┘ <─── bearer token ───── └──────────────┘ <── access token ──└──────────┘
```

### Tier 3: OAuth 2.0 via Dynamic Client Registration (DCR)

**Backward-compat fallback** — spec 2025-11-25 demoted DCR to MAY. The host discovers your `registration_endpoint`, POSTs its metadata to register itself as a client, gets back a `client_id`, then runs the auth-code flow.

Implement DCR if you need to support hosts that haven't moved to CIMD yet. Same server responsibilities as CIMD, but instead of fetching the `client_id` URL you run a registration endpoint that stores client records.

**Client priority order:** pre-registered → CIMD (if AS advertises `client_id_metadata_document_supported`) → DCR (if AS has `registration_endpoint`) → prompt user.

---

## Hosting providers with built-in DCR/CIMD support

Several MCP-focused hosting providers handle the OAuth plumbing for you — you implement tool logic, they run the authorization server. Check their docs for current capabilities. If the user doesn't have strong hosting preferences, this is usually the fastest path to a working OAuth-protected server.

---

## Local servers and OAuth

Local stdio servers **can** do OAuth (open a browser, catch the redirect on a localhost port, stash the token in the OS keychain). It's fragile:

- Breaks in headless/remote environments
- Every u

Overview

Install

What is this skill?

What problem does it solve?

Who is it for?

When should I use this skill?

What do I get? / Deliverables

Recommended Skills

Journey fit

Who is build-mcp-server for?

When should I use build-mcp-server?

Is build-mcp-server safe to install?

SKILL.md

This week for builders

Overview

Install

What is this skill?

What problem does it solve?

Who is it for?

When should I use this skill?

What do I get? / Deliverables

Recommended Skills

Journey fit

Who is build-mcp-server for?

When should I use build-mcp-server?

Is build-mcp-server safe to install?

SKILL.md