Skip to content
Log InContact
Sign Up
Back to Templates

MCP with Next.js and Descope

Run an Model Context Protocol (MCP) server on Vercel with Next.js and Descope.

DeployView Demo
descope-mcp

Next.js MCP Server with Vercel MCP Handler and Descope Node SDK

Introduction

This example shows how to build an MCP server using the Vercel MCP Handler with Descope's Node SDK for session validation. The server provides a simple echo tool and demonstrates how to integrate Descope authentication with the Model Context Protocol (MCP) using Vercel's serverless functions.

Key Components

  • Vercel's mcp-handler: Handles the MCP protocol communication and serverless function deployment
  • Descope Node SDK: Validates user sessions and provides authentication context
  • Echo Tool: A simple example tool that returns a "Hello, world!" message

Deployment

You can connect to the server using the MCP Inspector or any other MCP client. Be sure to include the /api/mcp path in the connection URL.

Requirements

Before proceeding, make sure you have the following:

Running the Server

First, add the environment variables in a .env file at the root:

NEXT_PUBLIC_DESCOPE_PROJECT_ID=      # Your Descope project ID
NEXT_PUBLIC_DESCOPE_BASE_URL=        # Your Descope base URL (optional, defaults to https://api.descope.com)

Then, install dependencies:

npm i

Finally, run the server:

npm run dev

The server will start on port 3000 (or the port specified in your environment variables).

API Endpoints

  • GET/POST /api/[transport]: Handles incoming MCP protocol messages (supports SSE and HTTP transports)

Authentication

The server uses Descope's Node SDK for session validation. The verifyToken function:

  1. Extracts the bearer token from the request
  2. Uses the Descope Node SDK to validate the session
  3. Returns authentication context including user scopes and client ID
  4. All MCP endpoints require a valid bearer token

Managing API Keys and OAuth Tokens for Tools

If you want Descope to manage your API keys or OAuth tokens for your MCP, you can use functions in the Node SDK to fetch outbound app tokens at either a user or tenant level:

// Fetch user token with specific scopes
const userToken =
  await descopeClient.management.outboundApplication.fetchTokenByScopes(
    "my-app-id",
    "user-id",
    ["read", "write"],
    { withRefreshToken: false },
    "tenant-id"
  );


// Fetch latest user token
const latestUserToken =
  await descopeClient.management.outboundApplication.fetchToken(
    "my-app-id",
    "user-id",
    "tenant-id",
    { forceRefresh: false }
  );


// Fetch tenant token with specific scopes
const tenantToken =
  await descopeClient.management.outboundApplication.fetchTenantTokenByScopes(
    "my-app-id",
    "tenant-id",
    ["read", "write"],
    { withRefreshToken: false }
  );


// Fetch latest tenant token
const latestTenantToken =
  await descopeClient.management.outboundApplication.fetchTenantToken(
    "my-app-id",
    "tenant-id",
    { forceRefresh: false }
  );

Available Tools

  • echo: Returns a simple "Hello, world!" message
GitHub Repodescope/ai
Use Cases
AuthenticationAI
Stack
Next.jsTailwind

Related Templates

ChatGPT app with Next.js

Ship a ChatGPT app on Vercel with Next.js and Model Context Protocol (MCP).
ChatGPT app with Next.js

MCP with Vercel Functions

Run an Model Context Protocol (MCP) server on Vercel.
MCP with Vercel Functions

MCP with Next.js

Run an Model Context Protocol (MCP) server on Vercel with Next.js.
MCP with Next.js