The Model Context Protocol (MCP) is a new, standardized way to provide context and tools to your LLMs, and SecureMCP makes building secure, enterprise-ready MCP servers and clients simple and intuitive. Create secure tools, expose protected resources, define authenticated prompts, and connect components with enterprise-grade security built-in.

# server.py
from securemcp import SecureMCP
from securemcp.auth import JWTProvider
from securemcp.policy import RoleBasedAccess

mcp = SecureMCP("Secure Demo 🔒")

# Configure authentication
mcp.auth_provider = JWTProvider(secret_key="your-secret-key")

# Configure access control
mcp.access_control = RoleBasedAccess()

@mcp.tool(requires_auth=True, roles=["user", "admin"])
def add(a: int, b: int) -> int:
    """Add two numbers - requires authentication"""
    return a + b

if __name__ == "__main__":
    mcp.run()

Run the server locally:

securemcp run server.py

SecureMCP's complete documentation is available at purecipher.com, including detailed security guides, API references, and enterprise deployment patterns. This readme provides only a high-level overview.

Documentation is also available in llms.txt format, which is a simple markdown standard that LLMs can consume easily.

There are two ways to access the LLM-friendly documentation:

• llms.txt is essentially a sitemap, listing all the pages in the documentation.
• llms-full.txt contains the entire documentation. Note this may exceed the context window of your LLM.

• What is MCP?
• Why SecureMCP?
• Security Features
• Credits
• Contributing

The Model Context Protocol (MCP) lets you build servers that expose data and functionality to LLM applications in a secure, standardized way. It is often described as "the USB-C port for AI", providing a uniform way to connect LLMs to resources they can use. It may be easier to think of it as an API, but specifically designed for LLM interactions. MCP servers can:

• Expose data through Resources (think of these sort of like GET endpoints; they are used to load information into the LLM's context)
• Provide functionality through Tools (sort of like POST endpoints; they are used to execute code or otherwise produce a side effect)
• Define interaction patterns through Prompts (reusable templates for LLM interactions)
• And more!

SecureMCP provides a high-level, Pythonic interface for building, managing, and interacting with these servers with enterprise-grade security.

The MCP protocol is powerful but implementing it securely in enterprise environments involves complex security considerations - authentication, authorization, audit logging, data encryption, compliance requirements, and secure deployment patterns. SecureMCP handles all the security complexities and enterprise requirements, so you can focus on building secure tools that meet compliance standards.

SecureMCP extends FastMCP - the excellent, fast, and Pythonic MCP framework by Prefect - with comprehensive enterprise-grade security features. While FastMCP provides outstanding server-building capabilities and developer experience, SecureMCP adds a complete security-focused ecosystem including advanced authentication systems, role-based access control, audit logging, data encryption, compliance tools, and secure deployment patterns.

SecureMCP aims to be:

🔒 Secure: Enterprise-grade security built-in from the ground up

🛡️ Compliant: Meets SOC2, HIPAA, and other compliance requirements

🏢 Enterprise-Ready: Designed for production environments with strict security needs

🔍 Auditable: Comprehensive logging and monitoring for security compliance

SecureMCP provides comprehensive security features designed for enterprise environments:

• Multiple Auth Providers: JWT, OAuth2, SAML, LDAP, and custom authentication
• Role-Based Access Control: Fine-grained permissions and role management
• Multi-Factor Authentication: Support for MFA and 2FA
• Session Management: Secure session handling with configurable timeouts

• End-to-End Encryption: TLS/SSL encryption for all communications
• Data Encryption at Rest: Encrypt sensitive data stored by the server
• Input Validation: Comprehensive input sanitization and validation
• Output Filtering: Prevent data leakage through response filtering

• Audit Logging: Comprehensive logging of all operations and access
• Compliance Frameworks: Built-in support for SOC2, HIPAA, GDPR, and more
• Security Monitoring: Real-time security event monitoring and alerting
• Data Retention: Configurable data retention policies

• Container Security: Secure container deployment with minimal attack surface
• Network Security: Configurable network policies and firewall rules
• Secret Management: Secure handling of API keys, certificates, and secrets
• Health Checks: Security-focused health monitoring and reporting

SecureMCP is built on the solid foundation of FastMCP by Prefect. We extend our sincere gratitude to the FastMCP team for creating an excellent, fast, and Pythonic framework for building MCP servers and clients.

FastMCP provides:

• High-level, Pythonic interface for MCP development
• Comprehensive tool, resource, and prompt management
• Multiple transport protocols (STDIO, HTTP, SSE)
• Client libraries and testing frameworks
• OpenAPI and FastAPI integration
• And much more!

SecureMCP adds enterprise-grade security features on top of this excellent foundation, making it suitable for production environments with strict security and compliance requirements.

Contributions are the core of open source! We welcome improvements and security enhancements.

1. Fork the repository on GitHub.
2. Create a feature branch from main.
3. Make your changes, including tests and documentation updates.
4. Ensure tests and pre-commit hooks pass.
5. Commit your changes and push to your fork.
6. Open a pull request against the main branch of PureCipher/xsecuremcp.

Please open an issue or discussion for questions or suggestions before starting significant work!