@AuthPlane profile picture
AuthPlane @AuthPlane

Open source OAuth 2.1 authorization for MCP servers. Self-hosted. One binary. Production-grade MCP auth in under 10 minutes.

Joined May 2026
  • Tweets 13
  • Following 3
  • Followers 12
1 Photos and videos
Pinned Tweet
AuthPlane@AuthPlane
8h
Today we're launching AuthPlane. An open-source OAuth 2.1 authorization server purpose-built for MCP. Up and running in less than 10 minutes with a single Docker run command. Repo ๐Ÿ‘‡ bit.ly/AuthPlaneX ๐Ÿงต
0:05
1
2
4
53
Under the hood: OAuth 2.1 with mandatory PKCE, straight from the RFCs. Tokens are short-lived and audience-bound. A token minted for one server is useless anywhere else.
1
1
1
20
Scopes go down to the tool level. One agent reads issues. Another creates PRs. Neither can do more. Every token carries agent identity the full delegation chain. DPoP binding means a stolen token can't be replayed.
1
1
1
29
It's not an IdP. Not a gateway. Not a vault. It's the authorization server that MCP was always supposed to have. Start it, run it, break it, tell us what's missing. Repo ๐Ÿ‘‡ bit.ly/AuthPlaneX #MCP #OAuth #AIAgents #OpenSource
18
Most agents in prod run on a static API key copied into a .env file. One shared key. Never rotated. Never scoped. Never audited. One leak exposes everything. A compromised agent has god-mode.
1
1
2
15
more replies
AuthPlane sits between MCP clients (Claude Desktop, Claude Code, custom agents) and your servers. It brokers identity, consent, and token issuance, turning a security gap into production-grade auth in <10 min.
1
1
2
30
And when something breaks? No record of which agent did what, on whose behalf. IT can't see these connections, let alone govern them. The agent ecosystem is repeating every auth mistake the web spent 15 years fixing.
1
1
2
13
But agents aren't toys anymore. They're calling real databases, email, file systems, and internal APIs. No auth = unauthorized data access, privilege escalation, data exfiltration, and unintended actions firing in prod.
1
1
3
14
Today we're launching AuthPlane. An open-source OAuth 2.1 authorization server purpose-built for MCP. Up and running in less than 10 minutes with a single Docker run command. Repo ๐Ÿ‘‡ bit.ly/AuthPlaneX ๐Ÿงต
0:05
1
2
4
53
The state of MCP auth right now: โ†’ 50% of MCP servers have no auth at all โ†’ 100% of the rest have at least one auth flaw Adding auth is error-prone and tedious, so it gets shipped as an afterthought.
1
1
2
14
Most agents in prod run on a static API key copied into a .env file. One shared key. Never rotated. Never scoped. Never audited. One leak exposes everything. A compromised agent has god-mode.
1
2
15
And when something breaks? No record of which agent did what, on whose behalf. IT can't see these connections, let alone govern them. The agent ecosystem is repeating every auth mistake the web spent 15 years fixing.
2
13
Load more