Is Oauth Music Streaming Mcp Server safe to use?

Oauth Music Streaming Mcp Server has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.

How do I install Oauth Music Streaming Mcp Server?

Oauth Music Streaming Mcp Server can be installed by cloning its GitHub repository and following the setup instructions in the README.

What AI clients work with Oauth Music Streaming Mcp Server?

Oauth Music Streaming Mcp Server is compatible with Claude Desktop, Cursor, Claude Code, and most MCP clients that support stdio transport. It uses stdio transport.

Is Oauth Music Streaming Mcp Server actively maintained?

Oauth Music Streaming Mcp Server is less actively maintained — last commit was 175 days ago.

🎧 Spotify OAuth 2.0 Authorization Server (with MCP Authentication)

Secure OAuth 2.0 and MCP-compliant authorization server bridging Spotify’s Web API with Model Context Protocol (MCP) tool servers — built for scale, observability, and developer experience.

🧭 Overview

This repository implements a custom OAuth 2.0 Authorization Server that bridges authentication between:

Spotify Web API (user identity & consent)
Model Context Protocol (MCP) servers exposing Spotify tool integrations

Built with ASP.NET Core 8, it delivers a secure and extensible authentication layer using:

PKCE-based Authorization Code Flow
Dynamic Client Registration
RSA-signed JWT bearer tokens
OpenID Connect Discovery
MCP Authorization Compliance per specification 2025-03-26

🚀 Key Features

1. OAuth 2.0 Authorization Code with PKCE (Spotify Integration)

Implements Spotify’s Authorization Code with PKCE flow for secure public-client authentication.

Flow Summary:

Client starts /authorize with code_challenge=S256
Server redirects to Spotify for user consent
Spotify returns an auth code → /spotify-callback
Server exchanges Spotify code for access/refresh tokens
MCP issues its own JWT-bound token (/token)

Sequence Diagram

This ensures that no secrets are exposed client-side and that token exchanges are verified using code_verifier and S256.

var spotifyTokenRequest = new SpotifyTokenRequest
{
    GrantType = "authorization_code",
    Code = code,
    RedirectUri = redirectUri,
    CodeVerifier = verifier
};

2. Dynamic Client Registration (RFC 7591 §3.3)

Enables runtime client onboarding without manual setup.

Example Request:

POST /register
Content-Type: application/json

{
  "client_name": "my-mcp-client",
  "redirect_uris": ["https://localhost:3000/callback"],
  "grant_types": ["authorization_code"],
  "response_types": ["code"],
  "scope": "mcp:tools openid profile email"
}

Response:

{
  "client_id": "abc123",
  "registration_access_token": "securetoken",
  "registration_client_uri": "https://localhost:8080/register/abc123"
}

💡 Why it matters

Dynamic registration allows multi-tenant tool ecosystems to register securely at runtime — ideal for automated AI agent provisioning and decentralized MCP tool discovery.

📘 Reference: RFC 7591 §3.3

3. RSA-Signed Bearer Tokens (JWT)

Access tokens are minted as RSA-signed JWTs using a PEM private key, encapsulated by t

... View full README on GitHub

Oauth Music Streaming Mcp Server

Quick Install

Should you use this server?

Test This Server

Score Breakdown

MCPpedia Score

Security

Help improve this page

Reviews

Frequently Asked Questions

Similar servers

MCPpedia

MediaWiki MCP Server

Apple Docs Mcp

io.github.xkumakichi/xaip-mcp-server

Discussion