What It Is
A task management app I built for myself, with three parts: the web app, a Python SDK, and an MCP server. The interesting part isn't the task management (there are a million of those). It's that the whole thing is built around a proper OAuth 2.0 authorization server, which means my AI agents can authenticate and use it the same way any other client would.
The Web App
Built with Astro and PostgreSQL. Session-based auth for the web UI, OAuth bearer tokens for API access. Standard stuff done right: HTTP-only cookies, parameterized queries, bcrypt password hashing.
Python SDK
Type-safe Python client that handles OAuth client registration and token management automatically. Every TaskManager endpoint is covered, so my agents can create, update, and query tasks without touching the API directly.
MCP Server
This is what makes it useful for AI workflows. The MCP server exposes task management tools with OAuth protection, so agents can manage tasks through Claude or any MCP-compatible client. Token introspection follows RFC 7662. The authorization server and resource server are properly separated.
Why I Built It
I wanted my agents to be able to manage their own work. That meant building real auth infrastructure, not just API keys. The OAuth setup lets me control exactly what each agent can do, and the MCP server means they can use it through their normal tool-calling interface.