You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
So I’ve been messing around with FastMCP recently for some LLM tooling stuff, and one thing I ran into was that at the moment (v2.6.0) it only supports simple JWT Bearer Auth out of the box.
I wanted to use Supabase Auth instead (since it’s clean and already handling signup/login in my frontend), but there wasn’t really a drop-in integration for FastMCP. So I hacked one together and wrote a quick tutorial on how to do it.
👉 Here’s the article on Medium for the full step-by-step guide and source code.
🔧 TL;DR – How to hook up Supabase Auth with FastMCP:
You basically need to:
Subclass BearerAuthProvider from FastMCP
Override load_access_token(token) — that’s where you can put your own logic to perform the token validation -> note you can put any custom logic you want here! so you can extend this for other providers too, or your own logic
Inside that function, make a request to Supabase’s auth/v1/user endpoint with the token
If it’s valid, return a proper AccessToken object
If not, return None or raise TokenInvalidException
Then wire up that auth provider when you spin up your FastMCP server.
I also dropped in a sample tool to extract user info from the token using FastMCP’s get_access_token() util.
Super clean once it’s up and running — and the MCP Inspector tool makes testing it easy too. Just plug in your Supabase generated JWT and you're good.
Interested to hear what MCPs you guys are building!
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
Uh oh!
There was an error while loading. Please reload this page.
-
Hey!
So I’ve been messing around with FastMCP recently for some LLM tooling stuff, and one thing I ran into was that at the moment (v2.6.0) it only supports simple JWT Bearer Auth out of the box.
I wanted to use Supabase Auth instead (since it’s clean and already handling signup/login in my frontend), but there wasn’t really a drop-in integration for FastMCP. So I hacked one together and wrote a quick tutorial on how to do it.
👉 Here’s the article on Medium for the full step-by-step guide and source code.
https://medium.com/@dimi/tutorial-how-to-use-supabase-auth-with-your-fastmcp-server-6fb826573d98
🔧 TL;DR – How to hook up Supabase Auth with FastMCP:
You basically need to:
Subclass BearerAuthProvider from FastMCP
Override load_access_token(token) — that’s where you can put your own logic to perform the token validation -> note you can put any custom logic you want here! so you can extend this for other providers too, or your own logic
Inside that function, make a request to Supabase’s auth/v1/user endpoint with the token
If it’s valid, return a proper AccessToken object
If not, return None or raise TokenInvalidException
Then wire up that auth provider when you spin up your FastMCP server.
I also dropped in a sample tool to extract user info from the token using FastMCP’s get_access_token() util.
Super clean once it’s up and running — and the MCP Inspector tool makes testing it easy too. Just plug in your Supabase generated JWT and you're good.
Interested to hear what MCPs you guys are building!
Beta Was this translation helpful? Give feedback.
All reactions