mcp-sse-authenticated-cloud-run
This project enables secure hosting of a custom MCP server on Google Cloud Run, using IAM Authentication to connect clients over the internet. It provides a proxy-based solution due to current authentication limitations, enhancing security with Google Cloud IAM access controls.
What is the primary security mechanism for the MCP server?
The primary security mechanism is Google Cloud IAM Authentication, which ensures that only authenticated users can access the MCP server.
Can I use basic authentication or API keys with this setup?
No, this setup does not support basic authentication or API keys. It relies on network layer security through a proxy and Google Cloud IAM.
What should I do if I encounter connection issues?
Verify that the Cloud Run URL in mcp_proxy.ts matches your deployed service and check Cloud Run logs for any server-side errors.
Is the MCP server publicly accessible?
No, the MCP server is not publicly accessible without authentication, ensuring that only authorized users can connect.
How can team members access the MCP server?
Team members need to have Google Cloud SDK access to connect to the MCP server through the local proxy.