/
Contact usSee pricingStart building
Node
​

    About Stytch

    Introduction
    Integration Approaches
      Full-stack overview
      Frontend (pre-built UI)
      Frontend (headless)
      Backend
    Migrations
      Migration overview
      Migrating users statically
      Migrating users dynamically
      Additional migration considerations
      Zero-downtime deployment
      Defining external IDs for users
      Exporting from Stytch
    Custom Domains
      Overview

    Authentication

    DFP Protected Auth
      Overview
      Setting up DFP Protected Auth
      Handling challenges
    Magic Links
    • Email Magic Links

      • Getting started with the API
        Getting started with the SDK
        Replacing your password reset flow
        Building an invite user flow
        Add magic links to an existing auth flow
        Adding PKCE to a Magic Link flow
        Magic Link redirect routing
    • Embeddable Magic Links

      • Getting started with the API
    MFA
      Overview
      Backend integration
      Frontend integration
    Mobile Biometrics
      Overview
    M2M Authentication
      Authenticate an M2M Client
      Rotate client secrets
      Import M2M Clients from Auth0
    OAuth
    • Identity providers

      • Overview
        Provider setup
      Getting started with the API (Google)
      Add Google One Tap via the SDK
      Email address behavior
      Adding PKCE to an OAuth flow
    Connected AppsBeta
      Setting up Connected Apps
      About Remote MCP Servers
    • Resources

      • Integrate with AI agents
        Integrate with MCP servers
        Integrate with CLI Apps
    Passcodes
      Getting started with the API
      Getting started with the SDK
    • Toll fraud

      • What is SMS toll fraud?
        How you can prevent toll fraud
      Unsupported countries
    Passkeys & WebAuthn
    • Passkeys

      • Passkeys overview
        Set up Passkeys with the frontend SDK
    • WebAuthn

      • Getting started with the API
        Getting started with the SDK
    Passwords
      Getting started with the API
      Getting started with the SDK
      Password strength policy
    • Email verification

      • Overview
        Email verification before password creation
        Email verification after password creation
    Sessions
      How to use sessions
      Backend integrations
      Frontend integrations
      Custom claims
      Custom claim templates
      Session tokens vs JWTs
      How to use Stytch JWTs
    TOTP
      Getting started with the API
      Getting started with the SDK
    Web3
      Getting started with the API
      Getting started with the SDK

    Authorization

    Implement RBAC with metadata

    3rd Party Integrations

    Planetscale
    Supabase
    Feathery
    Unit

    Testing

    E2E testing
    Sandbox values
Get support on SlackVisit our developer forum

Contact us

Consumer Authentication

/

Guides

/

Authentication

/

Connected Apps

/

About Remote MCP Servers

Use Stytch for Remote MCP Server authorization

Introduction

The growing popularity of Artificial Intelligence (AI) and Large Language Models (LLM) has driven an industry-wide trend towards more humanist experiences with our IT tools. Along with this shift there has been a parallel movement in how those tools interact with each other. As AI gets increasingly sophisticated in communicating with us it is simultaneously growing more capable in what it can do for us.

Within the ecosystem of a particular provider interconnectivity often already exists between tools. For example, Google has integrated Gemini in many of its own applications. Users can ask Gemini to create a task, for instance, and Gemini has the capability to create a new item in Google Keep. Apple Intelligence can summarize your emails and help you respond in Apple Mail. AI that can take actions on behalf of users instead of simply talking to them is a clear direction of progress.

The ability to bring this type of interconnectedness to the ecosystem at large has huge potential benefits for users of AI. This next-generation connectivity between tools has been in active development through a number of different means, but one promising specification that we'll cover here is Anthropic's Model Context Protocol (MCP)

About MCP

MCP is a specification for how AI agents can communicate with, and discover the capabilities of, servers which implement specific functionality. Whereas an LLM may not natively have the capability to perform certain actions, such as sending email, if it can communicate with an MCP server that advertises this capability it is empowered to delegate the implementation of email sending to that server. Naturally, this type of interaction can extend beyond email to whatever services implementers wish to create.

For a short while, MCP was a local-to-machine protocol that enabled a federation of locally hosted services to operate together. The success of this model has inspired a major upcoming extension, Remote MCP, which is poised to bring this kind of service federation to servers across the Internet.

Authorization and authentication becomes increasingly important as MCP becomes remote and servers become publicly available on the Internet. Stytch supports handling the auth process for MCP servers to create a seamless experience for securing access to their services.

Authorization with MCP

From the purposes of implementing authorization with Stytch, MCP servers are a type of Connected App. Stytch supports enabling Dynamic Client Registration in the Connected Apps dashboard. This means, rather than configuring a client app manually, remote MCP Servers can add themselves as a client app in Stytch. After the app registers it operates as a standard Connected Apps client in Stytch, including user management and, when developing a B2B app, Role-Based Access Control.

Remote MCP Servers with Cloudflare

MCP is designed as a Remote Procedure Call (RPC) interprocess communication between applications which originally were running on the same machine using standard interprocess communication methods. This provides an efficient and responsive experience between the MCP client and server. Remote MCP extends this concept by using HTTP as a transport layer with Server-Sent Events and HTTP POST requests to exchange messages.

This is different from HTTP's base idioms and there are few out-of-the-box tools and web services that yet operate according to this protocol. To provide a foundation for creating MCP servers Cloudflare has implemented Remote MCP servers as Cloudflare workers. This is one of the fastest and easiest ways to create a responsive and always-available serverless remote MCP server which can serve requests to the LLM / MCP Client of your choice. This server can then handle the incoming request in a number of ways, such as connecting to other web services to implement functionality for the LLM.

Introduction

About MCP

Authorization with MCP

Remote MCP Servers with Cloudflare