Authentication in MCP-Cloud

This section covers authentication mechanisms used in MCP-Cloud, including Firebase Authentication, API tokens, and OAuth integration.

Authentication Overview

MCP-Cloud implements a multi-layered authentication system to ensure secure access to both the platform interface and the deployed MCP servers. The authentication system is designed to balance security with ease of use, providing multiple authentication methods for different use cases.

Authentication Methods

MCP-Cloud supports the following authentication methods:

1. Firebase Authentication - Primary authentication for web UI access
2. API Tokens - For programmatic access and integrations
3. OAuth Integration - For third-party application access
4. Session-based Authentication - For persistent web sessions

Key Security Features

• Multi-factor Authentication (MFA) - Optional additional layer of security
• Role-based Access Control (RBAC) - Granular permissions based on user roles
• JWT Token Validation - Secure token verification for API access
• API Rate Limiting - Protection against abuse and DoS attacks
• Audit Logging - Comprehensive logging of authentication events

Table of Contents

• Overview - Detailed explanation of authentication architecture
• Firebase Authentication - Implementation and usage guide
• API Token Authentication - Creating and using API tokens
• OAuth Integration - Setting up OAuth for third-party applications

Authentication Flow

Below is a high-level overview of the authentication flow in MCP-Cloud:

User/Client                                          MCP-Cloud
    │                                                    │
    │  1. Authentication Request                         │
    │  (credentials or token)                            │
    │ ───────────────────────────────────────────────────>
    │                                                    │
    │  2. Validate Credentials/Token                     │
    │  (Firebase Auth/API Token/OAuth)                   │
    │                                                    │
    │  3. Generate Session or JWT                        │
    │                                                    │
    │  4. Authentication Response                        │
    │  (token, session cookie, etc.)                     │
    │ <───────────────────────────────────────────────────
    │                                                    │
    │  5. Subsequent API Requests                        │
    │  (with token in Authorization header)              │
    │ ───────────────────────────────────────────────────>
    │                                                    │
    │  6. Validate Token                                 │
    │                                                    │
    │  7. Check Permissions                              │
    │                                                    │
    │  8. API Response                                   │
    │ <───────────────────────────────────────────────────
    │                                                    │

Integrating with Workflow Tools

When integrating MCP-Cloud with workflow management tools like n8n, there are two primary authentication methods:

1. API Token Authentication - Best for most integrations
2. OAuth Integration - Best for user-context operations

Each method has its own advantages depending on your specific use case, which are detailed in the respective sections of this documentation.

© 2025 mcp-cloud.ai

↑