What are the requirements for Auth MCP Remote?

Auth MCP Remote requires the following environment variables: AUTH0_DOMAIN (required), AUTH0_AUDIENCE (required), RESOURCE_SERVER_URL (required), GOOGLE_CLIENT_ID (optional), GOOGLE_CLIENT_SECRET (optional). You'll also need a compatible MCP client like Claude Desktop or Claude Code.

Is Auth MCP Remote free to use?

Yes, Auth MCP Remote is open source and free to use. You can find the source code on GitHub.

What MCP clients support Auth MCP Remote?

Auth MCP Remote works with any MCP-compatible client including Claude Desktop (Anthropic's official desktop app), Claude Code (CLI tool), Cursor, and other editors with MCP support.

How do I configure Auth MCP Remote?

Configure Auth MCP Remote by adding it to your MCP client's config file. For Claude Desktop, edit claude_desktop_config.json and add the server configuration. See the Configuration section above for a ready-to-use example.

Auth MCP Remote MCP Server

Q: What tools does Auth MCP Remote provide?

greet: Provides a greeting for the authenticated user.. list_my_recent_emails: Lists recent emails for the logged-in user.. link_my_gmail: Links a Gmail account to the current Auth0 user using a refresh token..

Q: How do I install Auth MCP Remote?

Install Auth MCP Remote by running: git clone && cd auth-mcp-remote && uv sync

Add it to Claude Code

Run this in a terminal.

Run in terminal

claude mcp add -e "AUTH0_DOMAIN=${AUTH0_DOMAIN}" -e "AUTH0_AUDIENCE=${AUTH0_AUDIENCE}" -e "RESOURCE_SERVER_URL=${RESOURCE_SERVER_URL}" auth-mcp-remote -- uv run main.py

Required:AUTH0_DOMAINAUTH0_AUDIENCERESOURCE_SERVER_URL+ 2 optional

README.md

A remote MCP server protected by Auth0 OAuth with Gmail integration.

Auth MCP Server

A remote MCP (Model Context Protocol) server protected by Auth0 OAuth. It exposes tools for the authenticated user (greet, writing prompts) and optional Gmail access (list recent emails for the logged-in user).

Prerequisites

Python 3.13+
uv (install)
Auth0 account (for MCP authentication)
Google Cloud project (only if you want Gmail tools)

End-to-end setup

1. Clone and install

git clone <your-repo-url>
cd auth-mcp-remote
uv sync

2. Auth0 setup (required)

You need an Auth0 Application and API so MCP clients can authenticate.

Create an Auth0 account at auth0.com and open the Dashboard.
Create an API (this is your “audience”):
- Applications → APIs → Create API
- Name: e.g. Auth MCP Server
- Identifier: e.g. https://your-server.example.com/mcp (use your real MCP URL; this is your Audience)
- Signing Algorithm: RS256 → Create
Create an Application (for the MCP client):
- Applications → Applications → Create Application
- Name: e.g. MCP Client
- Type: Machine to Machine (or Native for local clients)
- Choose your API and authorize it; grant scopes: openid, profile, email
- Note the Client ID and Client Secret if you need them for the client
Note your Auth0 domain (e.g. your-tenant.auth0.com) from the Auth0 Dashboard.
Environment variables (see step 5 below): you will set:
- AUTH0_DOMAIN = your tenant domain (e.g. your-tenant.auth0.com)
- AUTH0_AUDIENCE = the API Identifier you set (e.g. https://your-server.example.com/mcp)
- RESOURCE_SERVER_URL = same as audience, or the public URL where your MCP server is reached (e.g. https://your-server.example.com/mcp)

3. Google Cloud setup (optional, for Gmail tools)

Only needed if you want list_my_recent_emails and link_my_gmail.

Create or select a project in Google Cloud Console.
Enable Gmail API:
- APIs & Services → Library → search Gmail API → Enable.
Configure OAuth consent screen:
- APIs & Services → OAuth consent screen.
- User type: External → Create.
- App information: name (e.g. dibya-mcp-gmail), support email, developer contact → Save and Continue.
- Scopes → Add or Remove Scopes → add https://www.googleapis.com/auth/gmail.readonly → Save and Continue.
- Test users (if in Testing mode): add the Gmail addresses that will use the app (e.g. your own) → Save and Continue.
- Summary → Back to Dashboard.
Create OAuth 2.0 credentials:
- APIs & Services → Credentials → Create Credentials → OAuth client ID.
- Application type: Desktop app (or Web application with redirect URI below).
- Name: e.g. MCP Gmail.
- If Web application: under Authorized redirect URIs add exactly: http://localhost:8080/.
- Create → copy Client ID and Client Secret.
Environment variables (see step 5): you will set:
- GOOGLE_CLIENT_ID = OAuth client Client ID
- GOOGLE_CLIENT_SECRET = OAuth client Client Secret

4. Get a Gmail refresh token (optional, for Gmail tools)

The MCP server needs a refresh token issued by your OAuth client (tokens from Google OAuth Playground will not work).

Add redirect URI in Google Cloud (if not already):
- APIs & Services → Credentials → your OAuth 2.0 Client ID.
- Under Authorized redirect URIs add: http://localhost:8080/ (with trailing slash) → Save.
Run the one-time script from the project root:
```
uv run python scripts/get_gmail_refresh_token.py
```
- The script prints the exact redirect URI to add if needed.
- Press Enter to open the browser; sign in with the Google account whose Gmail you want to use.
- After consent, the script prints a refresh token. Copy it.
Link Gmail in the MCP server (after the server is running and you are authenticated with Auth0):
- Call the MCP tool link_my_gmail with that refresh token. The server stores it for your Auth0 user so list_my_recent_emails can work.

5. Environment variables

In the project root, create a .env file (see .env.example):

Required (Auth0):

AUTH0_DOMAIN=your-tenant.auth0.com
AUTH0_AUDIENCE=https://your-server.example.com/mcp
RESOURCE_SERVER_URL=https://your-server.example.com/mcp

Optional (Gmail):

GOOGLE_CLIENT_ID=xxx.apps.googleusercontent.com
GOOGLE_CLIENT_SECRET=xxx

Optional: GMAIL_TOKEN_STORE_PATH=.gmail_tokens.json (default; where per-user refresh tokens are stored).

6. Run the server

uv run python main.py

Server runs at http://0.0.0.0:8000/mcp (or the URL you use in produc

Tools (3)

greetProvides a greeting for the authenticated user.

list_my_recent_emailsLists recent emails for the logged-in user.

link_my_gmailLinks a Gmail account to the current Auth0 user using a refresh token.

Environment Variables

AUTH0_DOMAINrequiredYour Auth0 tenant domain

AUTH0_AUDIENCErequiredThe API Identifier set in Auth0

RESOURCE_SERVER_URLrequiredThe public URL where your MCP server is reached

GOOGLE_CLIENT_IDOAuth client ID for Gmail access

GOOGLE_CLIENT_SECRETOAuth client secret for Gmail access

Configuration

claude_desktop_config.json

{"mcpServers": {"auth-mcp-remote": {"command": "uv", "args": ["run", "main.py"], "env": {"AUTH0_DOMAIN": "your-tenant.auth0.com", "AUTH0_AUDIENCE": "https://your-server.example.com/mcp", "RESOURCE_SERVER_URL": "https://your-server.example.com/mcp"}}}}

Try it

→Greet me to confirm my authentication status.

→List my recent emails to see if I have any urgent messages.

→Link my Gmail account using the refresh token I generated.

Frequently Asked Questions

What are the key features of Auth MCP Remote?

Secure authentication via Auth0 OAuth 2.0. Integration with Gmail API for reading emails. Remote-capable architecture for distributed AI clients. Support for custom writing prompts and greetings.

What can I use Auth MCP Remote for?

Managing email workflows securely through an AI assistant. Building authenticated AI agents that interact with personal data. Centralizing AI tool access across multiple client applications.

How do I install Auth MCP Remote?

Install Auth MCP Remote by running: git clone <your-repo-url> && cd auth-mcp-remote && uv sync

What MCP clients work with Auth MCP Remote?

Auth MCP Remote works with any MCP-compatible client including Claude Desktop, Claude Code, Cursor, and other editors with MCP support.

Turn this server into reusable context

Keep Auth MCP Remote docs, env vars, and workflow notes in Conare so your agent carries them across sessions.

Need the old visual installer? Open Conare IDE.

Open Conare

View all communication servers →