Skip to content

Add browser based authentication using Taboola's SSO #1

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
henryabra wants to merge 11 commits into
base: main
Choose a base branch
from
Open

Add browser based authentication using Taboola's SSO #1

henryabra wants to merge 11 commits into from

Conversation

@henryabra
Copy link

@henryabra henryabra commented Jul 23, 2025

Browser Authentication Flow

Summary

Added browser-based authentication support to allow users to authenticate without API credentials, making the MCP server more accessible.

Changes

  • Added browser authentication flow: Users can now authenticate via Taboola SSO in their browser when API credentials aren't available
  • Dynamic tool availability: The get_auth_token tool is now conditionally shown only when client credentials are configured
  • Improved documentation: Restructured README to clearly present three authentication options (browser auth, MCP config credentials, or environment variables)
  • Enhanced user experience: Browser auth is recommended as the simplest option for getting started

Technical Details

  • Implemented browser_authenticate and clear_auth_token tools for managing browser-based authentication
  • Added OAuth callback server that handles the authentication flow
  • Authentication state is determined at startup: uses RealizeAuth when credentials exist, falls back to BrowserAuth otherwise
  • Updated tool registry to dynamically filter available tools based on configuration

This change makes the Realize MCP server more user-friendly by removing the requirement for API credentials upfront, while maintaining support for traditional credential-based authentication for automated workflows.

henryabra and others added 11 commits July 23, 2025 00:28
@henryabra
Added browser authentication flow
15665d4
@henryabra
Fixed state extraction on success/failure flows
9936435 
Fixed server cleanup on failure flow
@henryabra
Added more time to authenticate
e0cf466 
Added system termination signal listening to clean up callback server (if running)
@henryabra
Update README to reflect browser authentication and restructure for c…
8bf6f7c 
…larity.
@henryabra
Added a direct installation button for cursor IDE
b56b762
@henryabra
Minor readme change
bb5bcd2
@henryabra
- Refactored registry tool loading to conditionally include `get_auth…
9554af5 
…_token` based on client credentials configuration.

- Fixed state extraction logic in OAuth callback to handle both buggy and correct formats.
- Fixed handler support for `clear_auth_token` in `realize_server.py`.
- Fixed campaign handlers to use correct API endpoint paths (`/items` instead of `/campaign_items`).
@henryabra
- Reintroduced browser_authenticate tool with conditional inclusion…
17a814d 
… based on client credentials.

- Added `tools/assets` to package data for proper asset management.
- Enhanced documentation to reflect browser-based authentication flow and updated installation details.
@henryabra
- Migrated browser_auth_handlers functionality to auth_handlers f…
a71ad3e 
…or better modularity.

- Updated registry to reference the new `auth_handlers` namespace.
- Refactored tests to support both credential and browser-based authentication tools.
- Added `tomli` dependency for Python versions below 3.11.
@henryabra
- Added comprehensive tests for BrowserAuth covering token lifecycl…
3084a6a 
…e, header generation, and error handling.

- Introduced tests for `browser_authenticate` and `clear_auth_token` handlers.
- Verified browser-based authentication integration with system and tool availability logic.
@henryabra
Added is_token_valid tool to check authentication token status
04e9cac
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@henryabra