The MCP Guide
Connect to servers

Local vs remote servers, and authentication

The local-versus-remote choice shapes distribution, security, and auth. Here is how to decide and what authentication looks like for each.

Local servers #

A local server runs on the user's machine over stdio. It is private by default, needs no network auth, and reads any credentials from its environment. The tradeoff is distribution: every user installs and configures it themselves.

Remote servers #

A remote server is hosted once and reached over Streamable HTTP by many users. It is easy to distribute and update centrally, but now it is a network service that must authenticate and authorize each caller.

Authorization with OAuth 2.1 #

MCP's authorization model for remote servers is built on OAuth 2.1. The client obtains an access token through a standard OAuth flow and presents it on each request; the server validates it. This means a remote server can safely act on behalf of a specific user without ever seeing their password, and tokens can be scoped and revoked.

Rule of thumb

Start local while you build and test. Move to remote when you need to share a server across a team or ship it to users who should not manage credentials themselves.

Resources & further reading

  • OAuth 2.1 oauth.netThe authorization framework remote MCP servers use to authenticate clients.
  • MCP specification MCPThe authoritative protocol spec: messages, capabilities, transports, and lifecycle.