nextjs-vercel-mcp-server

Nitzperetz/nextjs-vercel-mcp-server

3.2

If you are the rightful owner of nextjs-vercel-mcp-server and would like to certify it and/or have it hosted online, please leave a comment on the right or send an email to henry@mcphub.com.

This document provides a structured summary of a Model Context Protocol (MCP) server using Vercel's MCP Handler and Descope's Node SDK.

Tools
1
Resources
0
Prompts
0

Next.js MCP Server with Vercel MCP Handler and Descope Node SDK

Descope Banner

Introduction

This example shows how to build an MCP server using the Vercel MCP Handler with Descope's Node SDK for session validation. The server provides a simple echo tool and demonstrates how to integrate Descope authentication with the Model Context Protocol (MCP) using Vercel's serverless functions.

Key Components

  • Vercel's mcp-handler: Handles the MCP protocol communication and serverless function deployment
  • Descope Node SDK: Validates user sessions and provides authentication context
  • Echo Tool: A simple example tool that returns a "Hello, world!" message

Deployment

Deploy with Vercel

You can connect to the server using the MCP Inspector or any other MCP client. Be sure to include the /api/mcp path in the connection URL.

Requirements

Before proceeding, make sure you have the following:

Running the Server

First, add the environment variables in a .env file at the root:

NEXT_PUBLIC_DESCOPE_PROJECT_ID=      # Your Descope project ID
NEXT_PUBLIC_DESCOPE_BASE_URL=        # Your Descope base URL (optional, defaults to https://api.descope.com)

Then, install dependencies:

npm i

Finally, run the server:

npm run dev

The server will start on port 3000 (or the port specified in your environment variables).

API Endpoints

  • GET/POST /api/[transport]: Handles incoming MCP protocol messages (supports SSE and HTTP transports)

Authentication

The server uses Descope's Node SDK for session validation. The verifyToken function:

  1. Extracts the bearer token from the request
  2. Uses the Descope Node SDK to validate the session
  3. Returns authentication context including user scopes and client ID
  4. All MCP endpoints require a valid bearer token

Managing API Keys and OAuth Tokens for Tools

If you want Descope to manage your API keys or OAuth tokens for your MCP, you can use functions in the Node SDK to fetch outbound app tokens at either a user or tenant level:

// Fetch user token with specific scopes
const userToken =
  await descopeClient.management.outboundApplication.fetchTokenByScopes(
    "my-app-id",
    "user-id",
    ["read", "write"],
    { withRefreshToken: false },
    "tenant-id"
  );

// Fetch latest user token
const latestUserToken =
  await descopeClient.management.outboundApplication.fetchToken(
    "my-app-id",
    "user-id",
    "tenant-id",
    { forceRefresh: false }
  );

// Fetch tenant token with specific scopes
const tenantToken =
  await descopeClient.management.outboundApplication.fetchTenantTokenByScopes(
    "my-app-id",
    "tenant-id",
    ["read", "write"],
    { withRefreshToken: false }
  );

// Fetch latest tenant token
const latestTenantToken =
  await descopeClient.management.outboundApplication.fetchTenantToken(
    "my-app-id",
    "tenant-id",
    { forceRefresh: false }
  );

Available Tools

  • echo: Returns a simple "Hello, world!" message