MCP Authentication
PraisonAI MCP Server supports multiple authentication methods per the MCP 2025-11-25 specification, including OAuth 2.1 with PKCE, OpenID Connect Discovery, and API Key authentication.Protocol Version
This feature implements MCP Protocol Version 2025-11-25.Authentication Methods
Python API
OIDC Discovery
OAuth 2.1 with PKCE
API Key Authentication
Scope Management
CLI Usage
Start Server with API Key
Generate API Key
Validate API Key
Scoped API keys via --keys-file
Give each caller a least-privilege key. praisonai mcp serve --keys-file <path> loads a JSON array of per-key scopes and enforces them per JSON-RPC method.
- A key whose
scopesfield is omitted defaults to wildcard (["*"]). - An explicit empty list (
"scopes": []) is honored as a no-permission key — it is not widened to wildcard. - A
"*"grant satisfies every requirement.
The scalar
--api-key is wrapped internally as a single wildcard-scoped key, so --api-key and --keys-file share the exact same enforcement path.Operation → scope map
Each JSON-RPC method maps to a required scope (OPERATION_SCOPES):
Insufficient scope response
When a caller’s key lacks the required scope, the server returns JSON-RPC error-32001 insufficient_scope, and (over HTTP) a WWW-Authenticate challenge carrying the missing scope:
Backward compatible. When no auth is configured,
granted_scopes is None and scope enforcement is a no-op (“allow all”) — existing setups are unchanged.One shared key or per-team scopes?
Available Scopes
WWW-Authenticate Challenge
Security Best Practices
- Always use PKCE - Required for OAuth 2.1
- Validate origins - Use
--allowed-originsfor HTTP transport - Rotate API keys - Regularly rotate keys
- Minimal scopes - Request only needed scopes
- Secure storage - Never commit keys to version control
Environment Variables
Related
- MCP Elicitation - URL mode for OAuth flows
- PraisonAI MCP Server - Full documentation
- MCP Tasks API - Protected operations

