Authprobe

v1.0.0Securitystable

authprobe pinpoints MCP OAuth failures

authauthorizationjwt-authenticationmcpmcp-auth
Share:
14
Stars
0
Downloads
0
Weekly
0/5

What is Authprobe?

Authprobe is a Model Context Protocol (MCP) server that allows AI assistants like Claude, Cursor, and VS Code to authprobe pinpoints mcp oauth failures

authprobe pinpoints MCP OAuth failures

This server falls under the Security category on MCPgee, the world's largest MCP server directory with 33,000+ servers.

Features

  • authprobe pinpoints MCP OAuth failures

Use Cases

Diagnose OAuth authentication failures
Debug MCP authorization issues
authprobe

Maintainer

LicenseApache-2.0
Languagego
Versionv1.0.0
UpdatedMay 2, 2026
Statushealthy
Maintenanceactive

Works with

ClaudeOpenAIwindowsmacoslinux

Installation

Manual Installation

npx authprobe

Configuration

Configuration Details

Config File

claude_desktop_config.json

Performance

Response Metrics

Response Time< 200ms
ThroughputMedium

Resource Usage

Memory UsageLow
CPU UsageLow

How to Set Up and Use Authprobe

Authprobe is a Go-based MCP OAuth diagnostics tool that pinpoints exactly where MCP server OAuth flows diverge from specification. It walks the full discovery funnel — from the initial 401 + WWW-Authenticate probe through Protected Resource Metadata, authorization server discovery, token exchange, and Dynamic Client Registration — and reports each step as PASS or FAIL with the exact wire-level trace. MCP server authors, client implementers, and platform security teams use it to triage auth regressions before rollout and generate reproducible evidence bundles for cross-team handoffs.

Prerequisites

  • Go 1.21 or higher installed (for go install method), or Docker for the container method
  • An MCP server with OAuth configured and accessible at a known URL
  • Optional: an OpenAI or Anthropic API key for LLM-powered RFC compliance explanations
1

Install authprobe

Install authprobe using the Go toolchain, the install script, or Docker. The install script places the binary in ~/.local/bin.

# Option A: Go toolchain
go install github.com/authprobe/authprobe/cmd/authprobe@latest

# Option B: Install script (no sudo needed)
curl -fsSL https://raw.githubusercontent.com/authprobe/authprobe/main/scripts/install.sh | sh

# Option C: Docker
docker pull ghcr.io/authprobe/authprobe:latest
2

Verify the installation

Check that authprobe is installed and on your PATH.

authprobe --version
3

Run a basic OAuth scan

Point authprobe at your MCP server URL to scan the full OAuth discovery funnel. It will walk all 6 steps and report PASS/FAIL for each.

authprobe scan https://mcp.example.com/mcp
4

Get verbose trace output on failure

Use --explain and --trace-failure to get the full request/response wire trace and RFC-based explanation of what went wrong.

authprobe scan https://mcp.example.com/mcp --explain --trace-failure
5

Configure authprobe as an MCP server

Run authprobe as an MCP server itself via stdio transport so AI assistants can invoke OAuth scans as MCP tools.

authprobe mcp --transport stdio
6

Add to Claude Desktop config

Register the authprobe MCP server in claude_desktop_config.json so Claude can run OAuth diagnostic scans on demand.

{
  "mcpServers": {
    "authprobe": {
      "command": "authprobe",
      "args": ["mcp", "--transport", "stdio"]
    }
  }
}

Authprobe Examples

Client configuration

Claude Desktop configuration to run authprobe as an MCP server over stdio, enabling Claude to trigger OAuth scans as tools.

{
  "mcpServers": {
    "authprobe": {
      "command": "authprobe",
      "args": ["mcp", "--transport", "stdio"]
    }
  }
}

Prompts to try

Example CLI invocations and prompts for diagnosing MCP OAuth failures with authprobe.

- "Scan https://mcp.example.com/mcp and tell me which OAuth step is failing"
- Run: authprobe scan https://mcp.example.com/mcp --json -
- Run: authprobe scan https://mcp.example.com/mcp --explain --trace-failure
- Run: OPENAI_API_KEY=sk-... authprobe scan https://mcp.example.com/mcp --explain --trace-failure --llm-max-tokens=1080
- Run: authprobe scan --stdio-command 'npx -y @modelcontextprotocol/server-everything' --tool-list
- "Check if this MCP server's Protected Resource Metadata is RFC 9728 compliant"

Troubleshooting Authprobe

authprobe not found after 'go install'

Ensure your Go bin directory is on your PATH. Run 'echo $GOPATH/bin' (or '$HOME/go/bin' if GOPATH is unset) and add it to your shell profile. Then run 'authprobe --version' to verify.

Scan step [2] MCP initialize + tools/list always fails

This step requires the MCP server to return a valid 401 with a WWW-Authenticate header first. If step [1] passes but step [2] fails, check that your server correctly handles the initialize request when unauthenticated and returns the appropriate error response.

LLM explanation flag (--explain) returns no output

Set either OPENAI_API_KEY or ANTHROPIC_API_KEY in your environment before running the scan. Without an API key, --explain falls back to RFC-text-only explanations. Use --llm-max-tokens to increase the response length if output is truncated.

Frequently Asked Questions about Authprobe

What is Authprobe?

Authprobe is a Model Context Protocol (MCP) server that authprobe pinpoints mcp oauth failures It connects AI assistants to external tools and data sources through a standardized interface.

How do I install Authprobe?

Follow the installation instructions on the Authprobe GitHub repository. Clone the repo, install dependencies, and add the server config to your AI client.

Which AI clients work with Authprobe?

Authprobe works with all major MCP-compatible AI clients including Claude Desktop, Claude Code, Cursor, VS Code (GitHub Copilot), Windsurf, and Cline.

Is Authprobe free to use?

Yes, Authprobe is open source and available under the Apache-2.0 license. You can use it freely in both personal and commercial projects.

Authprobe Alternatives — Similar Security Servers

Looking for alternatives to Authprobe? Here are other popular security servers you can use with Claude, Cursor, and VS Code.

Casdoor

13.6k

An open-source Agent-first Identity and Access Management (IAM) /LLM MCP & agent gateway and auth server with web UI supporting OpenClaw, MCP, OAuth, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID, Google Workspace, Azure AD

ghidraMCP

9.0k

An Model Context Protocol server that enables LLMs to autonomously reverse engineer applications by exposing Ghidra's decompilation and analysis tools. It allows AI agents to list code structures, rename methods, and analyze binaries directly through

HexStrike AI

8.9k

HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug bounty automation, and security research. Seamlessly b

IDA Pro MCP

8.7k

Enables AI-assisted reverse engineering in IDA Pro by providing tools to analyze binaries, decompile functions, manage comments, search patterns, and interact with the IDA database through natural language.

Anthropic Cybersecurity Skills

6.6k

754 structured cybersecurity skills for AI agents · Mapped to 5 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND & NIST AI RMF · agentskills.io standard · Works with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI & 20+ platform

Hooker

5.1k

🔥🔥 hooker is a Frida-based reverse engineering toolkit for Android. It offers a user-friendly CLI, universal scripts, auto hook generation, memory roaming to detect activities/services, one-click SOCKS5 proxy setup, Frida JustTrustMe, and BoringSSL u

Browse More Security MCP Servers

Explore all security servers available in the MCPgee directory. Each server includes setup guides for Claude, Cursor, and VS Code.

Quick Config Preview

{ "mcpServers": { "authprobe": { "command": "npx", "args": ["-y", "authprobe"] } } }

Add this to your claude_desktop_config.json or .cursor/mcp.json

Read the full setup guide →

Ready to use Authprobe?

Browse our complete directory of 33,000+ MCP servers, read setup guides for your editor, and start building with the Model Context Protocol.

33,000+ ServersFree & Open SourceStep-by-Step Guides