mcp-madness

codercatdev/mcp-madness

3.2

If you are the rightful owner of mcp-madness and would like to certify it and/or have it hosted online, please leave a comment on the right or send an email to dayong@mcphub.com.

MCP-Madness is a server designed to facilitate communication and data exchange between clients and servers using the Model Context Protocol (MCP).

Welcome to MCP Madness!

THIS IS VERY MUCH FOR TESTING!!!

Env variables

Update .env.local as needed:

example: my-website.com

# All FusionAuth details FUSIONAUTH_ISSUER=http://localhost:9011 FUSIONAUTH_URL=http://localhost:9011 # This is for the auth on Next.js not MCP FUSIONAUTH_CLIENT_ID="e9fdb985-9173-4e01-9d73-ac2d60d1dc8e" FUSIONAUTH_CLIENT_SECRET="super-secret-secret-that-should-be-regenerated-for-production" FUSIONAUTH_TENANT_ID=d7d09513-a3f5-401c-9685-34ab6c552453 NEXTAUTH_SECRET="abcdefg" # This is for MCP FUSIONAUTH_TENANT_ID_FOR_DCR= FUSIONAUTH_API_KEY_FOR_DCR=

Getting Started

First, run the development server:

npm run dev
# or
yarn dev
# or
pnpm dev
# or
bun dev

Open http://localhost:3000 with your browser to see the result.

About MCP Madness

MCP Madness is a proxy for FusionAuth to show off the capabilities of FusionAuth both as a MCP Server but also as the OAuth for any MCP Server. This app is firstly using NextAuth.js to handle the OAuth flow with FusionAuth. This allows users to log in with their FusionAuth credentials and manage their sessions securely. For the actual application you might want to use to setup your UI to call any of the MCP endpoints you want to use.

TODO: We will be adding more features to this app to show off the capabilities of FusionAuth as a MCP Server. Stay tuned!

Security

The MCP Tools used in this example allow for EVERYTHING to happen on your FusionAuth instance. I highly recommend reading the docs to understand how to set up your API keys and permissions to prevent this from being a security risk.

Endpoints

/mcp

This endpoint proxies requests to the MCP endpoints on your FusionAuth instance. It requires authentication and will return a 401 if the user is not logged in.

/.well-known/oauth-authorization-server

This endpoint proxies the MCP protected resource metadata from your FusionAuth instance. This is used by the MCP client to first get the meta data about the MCP server.

/register

This endpoint proxies the registration requests to your FusionAuth instance and creates an application. It then returns the client ID and client secret to the user. This is used by the MCP client to register itself with the MCP server.

/oauth2/authorize

This endpoint is directly on FusionAuth. It is used by the MCP client to initiate the OAuth flow and send the user to the FusionAuth instance to authorize the application. You can find more information about this endpoint in the FusionAuth OAuth docs. You will then get redirected back to the MCP client with an authorization code.

/oauth2/token

This endpoint is directly on FusionAuth. It is used by the MCP client to exchange the authorization code for an access token. You can find more information about this endpoint in the FusionAuth OAuth docs.

Testing

Running Next.js

Run the Next.js app locally with npm run dev and navigate to http://localhost:3000. You can then log in with your FusionAuth credentials and test the MCP endpoints.

Clients

MCP Inspector

To test the MCP server you can use the MCP Inspector.

Claud Desktop
{
  "mcpServers": {
    "fusionauth": {
      "command": "npx",
      "args": [
        "mcp-remote",
        "http://localhost:3000/mcp"
      ]
    }
  }
}