Building Secure MCP Severs in 2025: OAuth Authentication
Production ready patterns for securing FastAPI-based MCP servers with enterprise identity providers
Modern MCP (Model Context Protocol) servers require robust authentication that balances security with developer experience. As organizations increasingly adopt AI-assisted development tools, securing these servers becomes critical for protecting sensitive data and ensuring compliance.
In this issue of Agentic Engineering Newsletter, I will show you how to implement enterprise-grade OIDC authentication for MCP servers using Keycloak, FastAPI, and FastMCP. You’ll learn production-validated patterns from a real-world implementation, complete with examples, code samples and explanations of how this works.
If you are a platform engineer, backend developer, or DevOps implementing secure MCP servers in enterprise environments, I think you will find this guide very useful.
We will use Keycloak as our IDP (Identity provider), simply because it is very feature rich and very easy to setup. The principles however are the same for any IDP that you choose to use. One huge benefit of setting up your own is that you have full control over all of its functionality and it is easier to learn how IDP works when you can tweak many settings and observe the results.
Using an IDP allows you to completely offload user management and authentication from your MCP server (the server is referred to as having the role of “resource server”) and focus on the features that you want to develop while having top grade granular access control available to you.
The access control is handled through tokens that are signed by the IDP and which contain claims which you can then use in your MCP server to decide what the user has access to. Your MCP server can easily verify that the token has been issued by the IDP by verifying its signature against the IDP provided public keys.
Table of Contents
1️⃣ Architecture Overview: Modern OAuth 2.1 + OIDC for MCP
2️⃣ OAuth 2.1 & RFC 9700 Security Standards (2025)
3️⃣ Keycloak realm and client setup
4️⃣ OIDC flow in the server (authorization, token, validation)
5️⃣ Token validation and claims usage
6️⃣ Role-based authorization in MCP tools
7️⃣ Local development and testing
8️⃣ MCP Server: with OAuth integration towards IDP
9️⃣ MCP Client: to test our MCP server
🔟 Further resources
Let’s jump right into it!
Keep reading with a 7-day free trial
Subscribe to Agentic Engineering to keep reading this post and get 7 days of free access to the full post archives.