Docker MCP works great locally, but it’s tough to use securely once you move it to a shared server or a cloud environment. Since it currently assumes a local "trust everything" model, it’s wide open to anyone who can reach the network port. We’re currently using a VPN to hide it, but that doesn't help with granular access or multi-user setups.
It would be a huge help if we could add a basic authorization layer directly to the SSE transport.
Specifically:
- simple Bearer Tokens: a way to start the server with a secret key (e.g., --token your-secret-here)
- handshake Validation: the server should check for this token before it starts handing out tool definitions or executing commands
- multi-user Support: it would be cool to support a list of tokens so we can see which dev or agent is doing what.
Real-world Context
Right now, we've had to build a custom Express.js "middleman" gateway just to check tokens against our secrets manager before proxying the request to the MCP server. If this were a native feature, it would make deploying secure, centralized MCP nodes much easier for teams.
What do you think?
Docker MCP works great locally, but it’s tough to use securely once you move it to a shared server or a cloud environment. Since it currently assumes a local "trust everything" model, it’s wide open to anyone who can reach the network port. We’re currently using a VPN to hide it, but that doesn't help with granular access or multi-user setups.
It would be a huge help if we could add a basic authorization layer directly to the SSE transport.
Specifically:
Real-world Context
Right now, we've had to build a custom Express.js "middleman" gateway just to check tokens against our secrets manager before proxying the request to the MCP server. If this were a native feature, it would make deploying secure, centralized MCP nodes much easier for teams.
What do you think?