MCP & Connectors
How do you authenticate MCP connectors in Claude.ai?
QUICK ANSWER
In local environments, MCP servers authenticate via environment variables passed directly in the server config file. For remote, network-based MCP servers using Server-Sent Events (SSE), authentication is handled via Bearer tokens in the HTTP Authorization headers or customized query parameters.
Authentication Configuration Patterns
Depending on whether the server is local or remote, auth details are specified in your claude_desktop_config.json configuration file.
1. Local Stdio Auth (via Environment Variables)
Pass API keys or database passwords within the env block of the server configuration:
{
"mcpServers": {
"github-mcp": {
"command": "npx",
"args": ["-y", "@modelcontextprotocol/server-github"],
"env": {
"GITHUB_PERSONAL_ACCESS_TOKEN": "ghp_yourPersonalAccessTokenHere"
}
}
}
}
2. Remote HTTP SSE Auth (via Authorization Headers)
If utilizing a remote connection manager, supply HTTP request headers in the connection profile definition:
{
"mcpServers": {
"remote-knowledge-base": {
"command": "npx",
"args": ["-y", "@modelcontextprotocol/client-sse", "--url", "https://api.example.com/mcp/sse"],
"env": {
"SSE_AUTH_HEADER": "Bearer mcp_secure_token_abcdef123456"
}
}
}
}
Verified against: MCP CLI Connector v1.1