๐Ÿš€ Everything is free โ€” help us improve! Submit feedback and shape the platform.
โ† Model Context Protocol/M-049Add Authentication to an MCP Server๐Ÿ“– Guide๐Ÿ…Rank 07ยท The Strategist
๐ŸงชTDD Challengeยทintermediateยทโฑ๏ธ 30โ€“45mยทโญ 200 XP

M-049Add Authentication to an MCP Server

Description

Nebula Corp's MCP server is wide open โ€” any client can call any tool. Build an authentication middleware that validates API keys, checks permissions per tool, and rejects unauthorized requests. The middleware should sit between incoming requests and the handler, enforcing access control before any tool executes.

Test Cases (4)

Admin can access any tool
Admin should access restricted tools
Input:testAdminAccess()
Expected:CONTAINS:admin
User blocked from admin tools
Regular user should be blocked from admin tools
Input:testUserBlocked()
Expected:CONTAINS:UNAUTHORIZED
Missing auth header rejected
Requests without auth should be rejected
Input:testMissingAuth()
Expected:CONTAINS:Missing
Invalid key rejected
Invalid API keys should be rejected
Input:testInvalidKey()
Expected:CONTAINS:Invalid

Related Lessons

๐Ÿ“–Security and Authenticationmodel-context-protocolโ†—
Click Run / Check to validate your solution