Authentication
Authentication overview
Most real APIs need a key. easyMCP supports three patterns — pick the one that matches your trust model.
The three patterns
- Static credentials — one key shared by everyone using your MCP server. Good for internal tools and demos.
- End-user credentials — each user supplies their own key the first time they connect. Good for SaaS APIs.
- OAuth — full OAuth 2.0 flow with refresh tokens, handled by easyMCP. Good for consumer integrations like Google or Notion.
Where credentials live
Secrets are encrypted at rest and only decrypted in-memory at the moment of a tool call. easyMCP staff cannot read them.