MCP HubMCP Hub
nahmanmate

better-auth-mcp-server

by: nahmanmate

better auth mcp server

16created 27/01/2025
Visit
auth

📌Overview

Purpose: To provide an enterprise-grade authentication management solution with robust security and multiple protocol support.

Overview: The Better Auth MCP Server is designed to streamline the authentication process while prioritizing security. It supports various authentication protocols and features advanced capabilities to enhance the overall user authentication experience.

Key Features:

  • Secure Credential Management: Utilizes AES-256 encryption for managing user credentials, ensuring that sensitive data remains protected.

  • Multi-Protocol Authentication: Supports a variety of authentication protocols including OAuth2, SAML, and LDAP, allowing for flexible integration in diverse environments.

  • Real-time Threat Detection: Incorporates features for monitoring authentication flows and detecting potential security threats in real-time, equipping organizations with proactive defense mechanisms.

  • Project Analysis Tools: Offers tools to analyze the project's structure, existing authentication methods, and provides a step-by-step migration plan for upgrades.

  • Testing & Security Checks: Facilitates testing of various authentication flows and runs security checks aligned with OWASP standards to maintain high security levels.

Better Auth MCP Server

Overview

The Better Auth MCP Server is an enterprise-grade authentication solution providing:

  • 🔐 Secure credential management with AES-256 encryption
  • ⚙️ Multi-protocol authentication (OAuth2, SAML, LDAP)
  • 🛡️ Real-time threat detection and prevention

Features

Core Tools

  • analyze_project: Analyze project structure for authentication setup recommendations.
  • setup_better_auth: Configure authentication providers with project ID and API key.
  • analyze_current_auth: Detect existing auth.js/next-auth implementations.
  • generate_migration_plan: Create a step-by-step migration path.

Testing & Security

  • test_auth_flows: Validate login/register/reset/2FA flows.
  • test_security: Run OWASP-aligned security checks.
  • analyze_logs: Review authentication system logs for issues.
  • monitor_auth_flows: Real-time authentication monitoring.

Available Resources

  • better-auth://config: Current Better-Auth configuration settings.
  • better-auth://logs: Authentication system logs.

Development

Clone and Install

git clone https://github.com/better-auth-mcp-server/better-auth-mcp-server.git
cd better-auth-mcp-server
npm install

Build the Server

npm run build

Development with Auto-Rebuild

npm run watch

Configuration

Environment Variables

# Required
BETTER_AUTH_PROJECT_ID=your-project-id
BETTER_AUTH_API_KEY=your-api-key

# Optional
BETTER_AUTH_ENV=development|staging|production
LOG_LEVEL=info|debug|error

Security Best Practices

  1. API Key Management

    • Store API keys in environment variables.
    • Rotate keys regularly.
    • Use different keys per environment.

  2. Access Control

    • Implement rate limiting.
    • Configure IP allowlists.
    • Use the principle of least privilege.

  3. Monitoring

    • Enable audit logging.
    • Monitor authentication failures.
    • Set up alerts for suspicious activity.

Installation

Installing via Smithery

Automatically install Better Auth MCP Server for Claude Desktop using Smithery:

npx -y @smithery/cli install @nahmanmate/better-auth-mcp-server --client claude

Configuration for Claude Desktop

Add the server config to claude_desktop_config.json:

{
  "mcpServers": {
    "better-auth-mcp-server": {
      "command": "node",
      "args": ["/path/to/better-auth-mcp-server/build/index.js"],
      "disabled": false,
      "alwaysAllow": []
    }
  }
}

Debugging

To facilitate debugging for MCP servers that communicate over stdio, use the MCP Inspector:

npm run inspector

Usage Examples

Project Setup

// Initialize Better-Auth in your project
await mcp.useTool('setup_better_auth', {
  projectPath: './my-next-app',
  config: {
    projectId: process.env.BETTER_AUTH_PROJECT_ID,
    apiKey: process.env.BETTER_AUTH_API_KEY
  }
});

// Test core authentication flows
await mcp.useTool('test_auth_flows', {
  flows: ['login', 'register', '2fa']
});

Migration from Auth.js/NextAuth

// Analyze current auth implementation
await mcp.useTool('analyze_current_auth', {
  projectPath: './my-next-app'
});

// Generate migration steps
await mcp.useTool('generate_migration_plan', {
  projectPath: './my-next-app',
  currentAuthType: 'next-auth'
});