Is Oauth Music Streaming Mcp Server safe to use?

Oauth Music Streaming Mcp Server has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.

How do I install Oauth Music Streaming Mcp Server?

Oauth Music Streaming Mcp Server can be installed by cloning its GitHub repository and following the setup instructions in the README.

What AI clients work with Oauth Music Streaming Mcp Server?

Oauth Music Streaming Mcp Server is compatible with claude-desktop, cursor, claude-code. It uses sse and http transport.

Is Oauth Music Streaming Mcp Server actively maintained?

Oauth Music Streaming Mcp Server is less actively maintained — last commit was 227 days ago.

Oauth Music Streaming Mcp Server

Name: Oauth Music Streaming Mcp Server
Author: roynjeru

by roynjeru

An OAuth Server for the music-streaming-mcp-server

0 tools GitHub

No known CVEs

No license

Stale

Last commit 227d ago

Works with most clients

Transport: sse, http

0 tools

Grade F

Edit this pageView history

Entertainment Security

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopsse, http · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "oauth-music-streaming-mcp-server": {
      "command": "<see-readme>",
      "args": []
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/oauth-music-streaming-mcp-server)](https://mcppedia.org/s/oauth-music-streaming-mcp-server)

Read me

What Oauth Music Streaming Mcp Server does

Secure OAuth 2.0 and MCP-compliant authorization server bridging Spotify’s Web API with Model Context Protocol (MCP) tool servers — built for scale, observability, and developer experience.

Test This Server

No automated test available for this server. Check the GitHub README for setup instructions.

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

26/100across 5 weighted dimensions

How we score →

0255075100

−74

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

No package registry to scan.

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is Oauth Music Streaming Mcp Server safe to use?: Oauth Music Streaming Mcp Server has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.
How do I install Oauth Music Streaming Mcp Server?: Oauth Music Streaming Mcp Server can be installed by cloning its GitHub repository and following the setup instructions in the README.
What AI clients work with Oauth Music Streaming Mcp Server?: Oauth Music Streaming Mcp Server is compatible with claude-desktop, cursor, claude-code. It uses sse and http transport.
Is Oauth Music Streaming Mcp Server actively maintained?: Oauth Music Streaming Mcp Server is less actively maintained — last commit was 227 days ago.

Similar servers

Others in entertainment / security

View all →

com.mux/mcp94

The official MCP Server for the Mux API

179 7

Mcp Tts93

MCP Server for Text to Speech

59 15

Evil Mcp Server93

An evil MCP server used for redteam testing

30 1

Ida Pro Mcp92

AI-powered reverse engineering assistant that bridges IDA Pro with language models through MCP.

9.0k 3

MCP Security Weekly

Get CVE alerts and security updates for Oauth Music Streaming Mcp Server and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?

Edit this pageView history

Entertainment Security

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopsse, http · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "oauth-music-streaming-mcp-server": {
      "command": "<see-readme>",
      "args": []
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/oauth-music-streaming-mcp-server)](https://mcppedia.org/s/oauth-music-streaming-mcp-server)

Read me

What Oauth Music Streaming Mcp Server does

Secure OAuth 2.0 and MCP-compliant authorization server bridging Spotify’s Web API with Model Context Protocol (MCP) tool servers — built for scale, observability, and developer experience.

Test This Server

No automated test available for this server. Check the GitHub README for setup instructions.

README

🎧 Spotify OAuth 2.0 Authorization Server (with MCP Authentication)

Secure OAuth 2.0 and MCP-compliant authorization server bridging Spotify’s Web API with Model Context Protocol (MCP) tool servers — built for scale, observability, and developer experience.

🧭 Overview

This repository implements a custom OAuth 2.0 Authorization Server that bridges authentication between:

Spotify Web API (user identity & consent)
Model Context Protocol (MCP) servers exposing Spotify tool integrations

Built with ASP.NET Core 8, it delivers a secure and extensible authentication layer using:

PKCE-based Authorization Code Flow
Dynamic Client Registration
RSA-signed JWT bearer tokens
OpenID Connect Discovery
MCP Authorization Compliance per specification 2025-03-26

🚀 Key Features

1. OAuth 2.0 Authorization Code with PKCE (Spotify Integration)

Implements Spotify’s Authorization Code with PKCE flow for secure public-client authentication.

Flow Summary:

Client starts /authorize with code_challenge=S256
Server redirects to Spotify for user consent
Spotify returns an auth code → /spotify-callback
Server exchanges Spotify code for access/refresh tokens
MCP issues its own JWT-bound token (/token)

This ensures that no secrets are exposed client-side and that token exchanges are verified using code_verifier and S256.

var spotifyTokenRequest = new SpotifyTokenRequest
{
    GrantType = "authorization_code",
    Code = code,
    RedirectUri = redirectUri,
    CodeVerifier = verifier
};

2. Dynamic Client Registration (RFC 7591 §3.3)

Enables runtime client onboarding without manual setup.

Example Request:

POST /register
Content-Type: application/json

{
  "client_name": "my-mcp-client",
  "redirect_uris": ["https://localhost:3000/callback"],
  "grant_types": ["authorization_code"],
  "response_types": ["code"],
  "scope": "mcp:tools openid profile email"
}

Response:

{
  "client_id": "abc123",
  "registration_access_token": "securetoken",
  "registration_client_uri": "https://localhost:8080/register/abc123"
}

💡 Why it matters

Dynamic registration allows multi-tenant tool ecosystems to register securely at runtime — ideal for automated AI agent provisioning and decentralized MCP tool discovery.

📘 Reference: RFC 7591 §3.3

3. RSA-Signed Bearer Tokens (JWT)

Access tokens are minted as RSA-signed JWTs using a PEM private key, encapsulated by t

... View full README on GitHub

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

26/100across 5 weighted dimensions

How we score →

0255075100

−74

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

No package registry to scan.

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is Oauth Music Streaming Mcp Server safe to use?: Oauth Music Streaming Mcp Server has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.
How do I install Oauth Music Streaming Mcp Server?: Oauth Music Streaming Mcp Server can be installed by cloning its GitHub repository and following the setup instructions in the README.
What AI clients work with Oauth Music Streaming Mcp Server?: Oauth Music Streaming Mcp Server is compatible with claude-desktop, cursor, claude-code. It uses sse and http transport.
Is Oauth Music Streaming Mcp Server actively maintained?: Oauth Music Streaming Mcp Server is less actively maintained — last commit was 227 days ago.