Authentication

End-user credentials

Each user brings their own credentials — perfect for wrapping SaaS APIs in an MCP server.

How it works

Mark a project secret as per-user. The first time a client connects, easyMCP returns an MCP auth_required response prompting the user to paste their key. The key is encrypted and bound to that user's MCP session.

Why it matters

If one user's key is compromised, the rest of your users are unaffected. Audit logs show exactly which user's credentials made each call.