Context

Restrict access to your MCP servers with scoped tokens and identity-based authorization. Descope ensures that only trusted agents or users can send commands to your backend services.

---

How it works?

1. Enforce access to MCP endpoints with JWT validation.
2. Apply fine-grained access controls using roles and scopes.

---

Links

• Introducing Descope MCP Auth SDKs
• MCP Express SDK
• Deploy Secure Remote MCP Servers With Descope and Fly.io
• Video walkthrough of the sample app