Skip to main content

fastmcp.server.auth.providers.propelauth

PropelAuth authentication provider for FastMCP. Example: 
from fastmcp import FastMCP
from fastmcp.server.auth.providers.propelauth import PropelAuthProvider

auth = PropelAuthProvider(
    auth_url="https://auth.yourdomain.com",
    introspection_client_id="your-client-id",
    introspection_client_secret="your-client-secret",
    base_url="https://your-fastmcp-server.com",
    required_scopes=["read:user_data"],
)

mcp = FastMCP("My App", auth=auth)

Classes

PropelAuthTokenIntrospectionOverrides

PropelAuthProvider

PropelAuth resource server provider using OAuth 2.1 token introspection. This provider validates access tokens via PropelAuth’s introspection endpoint and forwards authorization server metadata for OAuth discovery. For detailed setup instructions, see: https://docs.propelauth.com/mcp-authentication/overview Methods:

get_routes 

get_routes(self, mcp_path: str | None = None) -> list[Route]
Get routes for this provider. Includes the standard routes from the RemoteAuthProvider (protected resource metadata routes (RFC 9728)), and creates an authorization server metadata route that forwards to PropelAuth’s route Args:
  • mcp_path: The path where the MCP endpoint is mounted (e.g., “/mcp”) This is used to advertise the resource URL in metadata.

verify_token 

verify_token(self, token: str) -> AccessToken | None
Verify token and check the aud claim against the configured resource.