mcp-oauth2-aws-cognito

mcp-oauth2-aws-cognito

3.4
securitycloud_platforms

If you are the rightful owner of mcp-oauth2-aws-cognito and would like to certify it and/or have it hosted online, please leave a comment on the right or send an email to henry@mcphub.com.

This repository demonstrates how to secure a Model Context Protocol (MCP) server using OAuth 2.1 authorization flows with AWS Cognito, implemented entirely with Node.js and Express.js.

The project showcases the integration of a Model Context Protocol (MCP) server with AWS Cognito using OAuth 2.1 authorization flows. It acts as a Resource Server (RS) while AWS Cognito functions as the Authorization Server (AS). The implementation includes OAuth 2.1 Authorization Code Flow with PKCE, Protected Resource Metadata (PRM) document discovery, dynamic discovery of Authorization Server metadata, and Dynamic Client Registration (DCR) support. Two client implementations are provided: a static client with pre-configured credentials and an auto-discovery client with dynamic registration. The architecture involves a client sending requests to the MCP server, which responds with metadata for authorization, allowing the client to perform OAuth flows and access protected resources.

Features

  • OAuth 2.1 Authorization Code Flow with PKCE
  • Protected Resource Metadata (PRM) document discovery
  • Dynamic discovery of Authorization Server metadata
  • Dynamic Client Registration (DCR) support
  • Integration with AWS Cognito as Authorization Server

Related MCP Servers

View all security servers →
gateway

gateway

4.0

by centralmind

CentralMind Gateway is a tool designed to expose databases to AI agents via MCP or OpenAPI protocols, providing secure, LLM-optimized APIs.

databases
ida-pro-mcp

ida-pro-mcp

3.7

by mrexodia

Simple MCP Server to allow vibe reversing in IDA Pro.

developer_tools
LitterBox

LitterBox

3.7

by BlackSnufkin

LitterBox is a controlled sandbox environment for security professionals to develop and test payloads, offering advanced analysis capabilities.

security
kubectl-mcp-server

kubectl-mcp-server

3.7

by rohitg00

Kubectl MCP Server is a Model Context Protocol server for Kubernetes, enabling AI assistants to interact with Kubernetes clusters using natural language.

os_automation
osv-mcp

osv-mcp

3.7

by StacklokLabs

An MCP server providing access to the OSV database for querying vulnerability information.

databases
code-sandbox-mcp

code-sandbox-mcp

3.6

by Automata-Labs-team

A secure sandbox environment for executing code within Docker containers. This MCP server provides AI applications with a safe and isolated environment for running code while maintaining security through containerization.

security
win-cli-mcp-server

win-cli-mcp-server

3.6

by SimonB97

MCP server for secure command-line interactions on Windows systems, enabling controlled access to PowerShell, CMD, Git Bash shells, and remote systems via SSH.

os_automation
BloodHound-MCP-AI

BloodHound-MCP-AI

3.6

by MorDavid

BloodHound-MCP is a Model Context Protocol Server integration for BloodHound, enabling natural language analysis of Active Directory data.

security
ida-mcp-server-plugin

ida-mcp-server-plugin

3.6

by taida957789

IDA Pro MCP Server is a plugin that allows remote querying and control of IDA Pro through the Model Context Protocol (MCP) interface.

developer_tools
WireMCP

WireMCP

3.6

by 0xKoda

WireMCP is a Model Context Protocol server that enhances Large Language Models with real-time network traffic analysis capabilities using tools built on Wireshark's `tshark`.

security
jadx-mcp-server

jadx-mcp-server

3.6

by zinja-coder

JADX-MCP-SERVER is a fully automated MCP server designed to work with the JADX-AI-MCP Plugin for analyzing Android APKs using LLMs like Claude.

ai_chatbot
MCP2Lambda

MCP2Lambda

3.6

by danilop

MCP2Lambda allows LLMs to interact with AWS Lambda functions as tools, enabling access to real-time and private data, execution of custom code, and interaction with external services.

cloud_platforms
dynatrace-mcp

dynatrace-mcp

3.5

by dynatrace-oss

This remote MCP server allows interaction with the Dynatrace observability platform, bringing real-time observability data directly into your development workflow.

monitoring
mcp-virustotal

mcp-virustotal

3.5

by BurtTheCoder

The VirusTotal MCP Server is a Model Context Protocol server designed for querying the VirusTotal API, providing comprehensive security analysis tools with automatic relationship data fetching.

security
jadx-mcp-plugin

jadx-mcp-plugin

3.5

by mobilehackinglab

The Jadx MCP Plugin provides a Java-based plugin for Jadx, exposing its API over HTTP to enable interaction with MCP clients like Claude, facilitating AI-assisted security analysis of Android apps.

security
MCP_Security

MCP_Security

3.5

by fr0gger

A Model Context Protocol (MCP) server for querying the ORKL API, providing tools for fetching and analyzing threat reports, threat actors, and sources.

security
aws-security-mcp

aws-security-mcp

3.5

by groovyBugify

AWS Security MCP is a Model Context Protocol server that allows AI assistants to autonomously inspect and analyze AWS infrastructure for security issues.

security
sonarqube-mcp-server

sonarqube-mcp-server

3.5

by sapientpants

A Model Context Protocol (MCP) server that integrates with SonarQube to provide AI assistants with access to code quality metrics, issues, and analysis results.

developer_tools
GhidraMCP

GhidraMCP

3.5

by 13bm

A Ghidra plugin that implements the Model Context Protocol (MCP) for AI-assisted binary analysis.

developer_tools
Snyk

Snyk

3.5

by snyk

MCP (Model Context Protocol) is an open protocol that standardizes how applications share context with large language models.

security
binja-lattice-mcp

binja-lattice-mcp

3.5

by Invoke-RE

BinjaLattice is a secure communication protocol for Binary Ninja that enables interaction with external Model Context Protocol (MCP) servers and tools.

developer_tools
pentest-mcp

pentest-mcp

3.5

by DMontgomery40

Pentest MCP is a Model Context Protocol server that integrates essential pentesting tools into a unified natural language interface, allowing security professionals to execute, chain, and analyze multiple tools through conversational commands.

security
vercel-mcp-server

vercel-mcp-server

3.5

by Quegenx

A powerful Model Context Protocol (MCP) server for managing Vercel deployments with comprehensive features.

cloud_platforms
chucknorris

chucknorris

3.5

by pollinations

The C̷h̷u̷c̷k̷N̷o̷r̷r̷i̷s̷ MCP Server is a tool designed to enhance LLMs using specialized prompts and dynamic schema adaptation, primarily for security research.

security
ExternalAttacker-MCP

ExternalAttacker-MCP

3.5

by MorDavid

ExternalAttacker is a Model Context Protocol (MCP) server designed for external attack surface management, integrating automated scanning with a natural language interface.

security
cve-search_mcp

cve-search_mcp

3.5

by roadwy

A Model Context Protocol (MCP) server for querying the CVE-Search API, providing access to CVE data, vendor and product browsing, and more.

security
volatility-mcp

volatility-mcp

3.5

by Gaffx

Volatility MCP integrates Volatility 3 with FastAPI and MCP for seamless memory forensics.

security