Skip to content

add --skip-auth flag #33

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

add --skip-auth flag #33

wants to merge 1 commit into from

Conversation

@kjosk
Copy link
Contributor

@kjosk kjosk commented Apr 18, 2025

Add --skip-auth flag for trusted environments

Background

While mcp-remote's primary purpose is to provide OAuth authentication capabilities to clients connecting to MCP servers (enabling stdio-only MCP clients to connect to remote authenticated servers), there are valid use cases where the tool can be beneficial even without authentication, particularly in trusted environments.

Changes

This PR introduces the --skip-auth flag which allows mcp-remote to operate as a simple SSE connection proxy, bypassing all authentication-related processes. This addition:

  • Enables usage in development environments where authentication is not required
  • Simplifies setup in trusted networks
  • Reduces overhead when working with non-authenticated MCP servers

Use Case

The original purpose of mcp-remote is to bridge the gap between stdio-only MCP clients and remote authenticated servers by providing OAuth capabilities. However, there are several scenarios where direct SSE connection capabilities are valuable:

  1. Cloud Desktop Environment Support: Currently, Cloud Desktop does not support remote connections natively. In development environments where Cloud Desktop is used with local MCP servers, mcp-remote can serve as a simple SSE connection proxy without the need for authentication overhead.

  2. Development Environments: In local development setups or internal networks where authentication is not required, the authentication layer becomes unnecessary overhead.

  3. Testing and Debugging: When testing MCP server implementations or debugging connection issues, having a simple SSE proxy without authentication complexity can be beneficial.

The --skip-auth flag allows developers to utilize mcp-remote's SSE connection proxy capabilities directly in these trusted environments, making it particularly valuable for Cloud Desktop users who need remote connection functionality.

Implementation

The implementation is minimally invasive and maintains the existing authentication flow as the default behavior. The --skip-auth flag simply bypasses the authentication-related processes when specified, allowing the tool to function as a straightforward SSE connection proxy.

Documentation

Updated README.md to clarify:

  1. The tool's primary role in enabling stdio-only MCP clients to connect to remote authenticated servers
  2. The intended use case for the --skip-auth flag in trusted environments where authentication is not needed
  3. How this flag enables Cloud Desktop users to establish remote connections in development environments
  4. How this flag allows the tool to be used as a simple SSE connection proxy while maintaining its core authentication bridging capabilities

@geelen
Copy link
Owner

geelen commented Apr 18, 2025

Hi @kissrobber, can you try mcp-remote@next? It's the code in #32 , which delays the auth flow until it sees a 401. This should mean that if your server doesn't need authentication, it never activates that code. I'd prefer if that behaviour was automatic rather than add a new flag, if possible.

@geelen geelen closed this May 5, 2025
@xiongtx xiongtx mentioned this pull request Jun 20, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@kjosk @geelen