about local MCP server update

Question

I read the below aritcle. It’s awesome!!

https://blog.box.com/box-community-mcp-server-updates-you-didnt-know-you-needed

I have two questions:

the authentication parameter is --box-auth, not --auth, right?
I can’t connect n8n MCP Client that’s endpoint is set to http://0.0.0.0:8001/sse. I need set it to http:host.docker.internal:8001/sse. do you use a local docker and a local mcp server or not?
If I set Authentication parameter “None”, the MCP Client can’t connect local MCP Server. the local MCP server displays the below error:
1. WARNING:middleware:No token configured, rejecting all requests
  INFO: 127.0.0.1:53381 - "GET /sse HTTP/1.1" 401 Unauthorized

rbarbosa Box · Answer

Hi ​@mtatsumiBetween a publication delay and a fast pace update on the community MCP server, things got a little out of sync.However the Github README.md is up to date.Ever since we implemented the HTTP/SSE transports we’ve been worrying about not having any sort of authentication between the MCP clients and the MCP server. So we implemented a simple token authentication between those, independent of the Box API authentication.Let’s first take a look at the available community MCP server parameters:uv run src/mcp_server_box.py --helpYou get:usage: mcp_server_box.py [-h] [--transport {stdio,sse,streamable-http}] [--host HOST] [--port PORT]                         [--box-auth {oauth,ccg}] [--no-mcp-server-auth]Box Community MCP Serveroptions:  -h, --help            show this help message and exit  --transport {stdio,sse,streamable-http}                        Transport type (default: stdio)  --host HOST           Host for SSE/HTTP transport (default: 0.0.0.0)  --port PORT           Port for SSE/HTTP transport (default: 8001)  --box-auth {oauth,ccg}                        Authentication type for Box API (default: oauth)  --no-mcp-server-auth  Disable authentication (for development only)We now have an extra parameters, --no-mcp-server-auth, that will turn off MCP Client to MCP Server authentication, This is not recommended.Note that if using STDIO, authentication is ignored.So to your question, how would this work, specifically with n8n.You start by generating a strong token, (essentially a strong password), there are plenty of on-line services to do this, for example this API Key Generator.Once you have an API Key, you add it to your .env file. For example:BOX_CLIENT_ID = YOUR_CLIENT_IDBOX_CLIENT_SECRET = YOUR_CLIENT_SECRETBOX_REDIRECT_URL = http://localhost:8000/callbackBOX_MCP_SERVER_AUTH_TOKEN = YOUR_BOX_MCP_SERVER_AUTH_TOKENIn n8n you create a credential of type Bearer Auth, and paste your API Key.Then you adjust the configuration of your MCP client in n8n, switching the authentication to Baerer Auth, and selecting the credential you just created:Run your MCP server using something like:uv run src/mcp_server_box.py --transport sse --box-auth oauthYou get:INFO:middleware:Setting up auth middleware wrapper for transport: sseINFO:middleware:Wrapped sse_app methodStarting Box Community MCP SSE Server on 0.0.0.0:8001INFO:middleware:wrapped_sse_app called with mount_path=NoneINFO:middleware:Adding middleware to app: 4394996736INFO:middleware:Added OAuth discovery endpointINFO:middleware:Middleware added. App middleware count: 1INFO:     Started server process [24150]INFO:     Waiting for application startup.INFO:     Application startup complete.INFO:     Uvicorn running on http://0.0.0.0:8001 (Press CTRL+C to quit)Now you can interact with n8n, for example:Hope this helps clarify the current authentication.To your other point relative to the docket container, you should be able to expose whatever port you desire, and map it to the port inside the container. From there it should be transparent to the MCP Client.Cheers

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded