npm - @prmichaelsen/mcp-auth - Versions diffs - 7.0.3 → 7.0.4 - Mend

@prmichaelsen/mcp-auth 7.0.3 → 7.0.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/README.md +41 -0
package/package.json +1 -1

package/README.md CHANGED Viewed

@@ -150,6 +150,47 @@ const tokenResolver = new JWTTokenResolver({ authProvider });
 - ❌ Larger JWT size
 - ❌ Tokens exposed in JWT payload
+### JWTAuthProvider (Static Servers) ⭐ NEW
+For servers that manage their own data and only need user identification:
+```typescript
+import { wrapServer, JWTAuthProvider } from '@prmichaelsen/mcp-auth';
+const wrapped = wrapServer({
+  serverFactory: (accessToken, userId) => {
+    // accessToken will be empty string - use userId only
+    return createMyStaticServer(userId);
+  },
+  authProvider: new JWTAuthProvider({
+    jwtSecret: process.env.JWT_SECRET
+  }),
+  // No tokenResolver needed! ✨
+  resourceType: 'my-service',
+  transport: {
+    type: 'sse',
+    port: 3000,
+    cors: true,
+    corsOrigin: process.env.CORS_ORIGIN
+  }
+});
+```
+**Perfect for:**
+- ✅ Multi-tenant SaaS with own database
+- ✅ User-scoped services
+- ✅ Internal tools without external APIs
+- ✅ Static data management servers
+**Benefits:**
+- ✅ Simplest configuration
+- ✅ No external credential management
+- ✅ JWT validation only (userId extraction)
+- ✅ Complete user isolation via ephemeral instances
 ### APITokenResolver (API-Based)
 For resolving tokens via tenant manager API:

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@prmichaelsen/mcp-auth",
-  "version": "7.0.3",
+  "version": "7.0.4",
   "description": "Authentication and multi-tenancy framework for MCP servers",
   "type": "module",
   "main": "dist/index.js",