TaskManager MCP Server

Overview

A Model Context Protocol (MCP) server providing secure, OAuth-protected access to TaskManager’s task and project management functionality. This server enables AI agents like Claude Code to safely manage tasks through standardized MCP tools while maintaining proper authentication and authorization boundaries.

Security Architecture

Two-Layer OAuth Design

The server implements a sophisticated OAuth architecture with clear separation of concerns:

• Authorization Server: Handles OAuth flows, dynamic client registration (RFC 7591), and token management
• Resource Server: Provides MCP tools protected by OAuth token validation via introspection (RFC 7662)
• Delegated Authentication: Auth server delegates to TaskManager’s OAuth, then issues MCP-specific tokens

OAuth Security Features

Comprehensive implementation of OAuth 2.0 security standards:

• PKCE Support: Proof Key for Code Exchange protects authorization codes from interception
• Token Introspection: Real-time token validation between resource and auth servers
• Dynamic Client Registration: RFC 7591 compliant automatic client credential generation
• Public Client Support: Secure handling of browser-based and CLI clients without secrets
• Optional RFC 8707: Strict resource parameter validation for enhanced security

MCP Integration

Protected Tools

AI agents access TaskManager through OAuth-protected MCP tools:

• get_all_projects() - Retrieve project listings
• get_all_tasks() - Retrieve task listings
• create_task() - Create new tasks with full metadata support

Client Compatibility

Works with MCP-compatible AI tools:

• Claude Code: Direct integration via streamable HTTP transport
• Claude Desktop: Configuration-based MCP server connection
• MCP Inspector: Testing and debugging OAuth flows

AI Security Applications

Secure AI Agent Integration

Demonstrates production patterns for AI agent authentication:

• Principle of Least Privilege: Scoped tokens limit AI agent capabilities
• Audit Trail: Token-based access enables comprehensive logging
• Revocable Access: Token introspection allows real-time access control
• Defense in Depth: Multiple validation layers protect task data

OAuth Flow Security

MCP Client → Auth Server → TaskManager OAuth → Auth Server → MCP Client
                ↓
            (issues token)
                ↓
MCP Client → Resource Server (validates token via introspection)

Technical Implementation

Docker Deployment

Production-ready containerized architecture:

• Auth Server Container: Port 9000, handles all OAuth operations
• Resource Server Container: Port 8001, serves MCP tools
• Nginx Reverse Proxy: SSL termination and CORS handling
• Python 3.13: Modern Python with uv for fast dependency management

Security Considerations

While implementing security best practices, the server includes educational features:

• Comprehensive debug logging for development
• In-memory token storage (configurable for production)
• Detailed error messages for troubleshooting OAuth flows

This project demonstrates how to build secure MCP servers that give AI agents controlled access to sensitive functionality while maintaining proper security boundaries.