HTTP OAuth MCP Server

HTTP OAuth MCP server enabling AI agents to make authenticated HTTP requests to OAuth-protected APIs — managing OAuth 2.0 token acquisition and refresh flows, forwarding authenticated requests to REST APIs, and providing a generic gateway for agents to access any OAuth-secured service without embedding auth logic in the agent itself.

Evaluated Mar 06, 2026 (0d ago) vcurrent
Homepage ↗ Repo ↗ Developer Tools oauth http mcp-server api-gateway authentication rest-api
⚙ Agent Friendliness
68
/ 100
Can an agent use this?
🔒 Security
78
/ 100
Is it safe for agents?
⚡ Reliability
66
/ 100
Does it work consistently?

Score Breakdown

⚙ Agent Friendliness

MCP Quality
68
Documentation
70
Error Messages
65
Auth Simplicity
65
Rate Limits
70

🔒 Security

TLS Enforcement
90
Auth Strength
80
Scope Granularity
72
Dep. Hygiene
70
Secret Handling
75

HTTPS required. OAuth client credentials must be secured. Token in memory. Scope management critical. Community MCP.

⚡ Reliability

Uptime/SLA
68
Version Stability
65
Breaking Changes
65
Error Recovery
65
AF Security Reliability

Best When

An agent needs to access OAuth-protected REST APIs without a dedicated MCP server — the OAuth HTTP server handles token management and authenticated requests generically.

Avoid When

The target API has a dedicated MCP server with typed tools — use the dedicated server for better reliability and error handling.

Use Cases

  • Accessing OAuth-protected REST APIs from automation agents
  • Making authenticated API calls without embedding OAuth logic in agents
  • Integrating enterprise APIs with OAuth 2.0 from business workflow agents
  • Building generic API bridges for OAuth services from integration agents
  • Testing OAuth-protected endpoints during development from developer agents
  • Wrapping third-party APIs that don't have dedicated MCP servers from utility agents

Not For

  • APIs using API key authentication (use generic HTTP MCP servers)
  • GraphQL APIs (this is REST/HTTP focused)
  • Teams needing dedicated, typed MCP tools for specific services

Interface

REST API
Yes
GraphQL
No
gRPC
No
MCP Server
Yes
SDK
No
Webhooks
No

Authentication

Methods: oauth2
OAuth: Yes Scopes: Yes

OAuth 2.0 configuration required: client_id, client_secret, token_url, scopes. Manages token acquisition and refresh automatically. Configure per target API.

Pricing

Model: free
Free tier: Yes
Requires CC: No

Free, open source community MCP from snaggle-ai.

Agent Metadata

Pagination
none
Idempotent
Partial
Retry Guidance
Not documented

Known Gotchas

  • OAuth configuration complexity is high — client_id, client_secret, token_url all required per API
  • Token refresh errors may cause silent failures — implement error detection in agent
  • Generic HTTP tool means agents get untyped responses — parsing logic must be in agent
  • OAuth flow type (authorization_code, client_credentials) must match target API exactly
  • Secrets (client_secret) must be secured — use environment variables, never hardcode
  • Community MCP from snaggle-ai — limited documentation for complex OAuth scenarios

Alternatives

mcp-server-any-openapi mcp-reticle generic-http-mcp

Full Evaluation Report

Detailed scoring breakdown, competitive positioning, security analysis, and improvement recommendations for HTTP OAuth MCP Server.

$99
API endpoint ↗ Agent guide ↗ Report inaccuracy

Scores are editorial opinions as of 2026-03-06.

5229
Packages Evaluated
26151
Need Evaluation
173
Need Re-evaluation
Community Powered