mcparmory-github 1.0.0

MCP server for GitHub

GitHub MCP Server

Base URL: https://api.github.com

API Info

• API License: MIT — https://spdx.org/licenses/MIT
• Contact: Support — https://support.github.com/contact?tags=dotcom-rest-api
• Terms of Service: https://docs.github.com/articles/github-terms-of-service

---

Install

Quick Start (recommended)

OAUTH2_CLIENT_ID=YOUR_OAUTH2_CLIENT_ID \
OAUTH2_CLIENT_SECRET=YOUR_OAUTH2_CLIENT_SECRET \
OAUTH2_SCOPES=YOUR_OAUTH2_SCOPES \
BEARER_TOKEN=YOUR_BEARER_TOKEN \
JWT_PRIVATE_KEY=YOUR_JWT_PRIVATE_KEY \
JWT_ISSUER_ID=YOUR_JWT_ISSUER_ID \
uvx mcparmory-github

With pip

pip install mcparmory-github
OAUTH2_CLIENT_ID=YOUR_OAUTH2_CLIENT_ID \
OAUTH2_CLIENT_SECRET=YOUR_OAUTH2_CLIENT_SECRET \
OAUTH2_SCOPES=YOUR_OAUTH2_SCOPES \
BEARER_TOKEN=YOUR_BEARER_TOKEN \
JWT_PRIVATE_KEY=YOUR_JWT_PRIVATE_KEY \
JWT_ISSUER_ID=YOUR_JWT_ISSUER_ID \
mcparmory-github

MCP Client Configuration

Add to your MCP client config (e.g. Claude Desktop, Cursor, Codex):

{
  "mcpServers": {
    "github": {
      "command": "uvx",
      "args": ["mcparmory-github"],
      "env": {
        "OAUTH2_CLIENT_ID": "YOUR_OAUTH2_CLIENT_ID",
        "OAUTH2_CLIENT_SECRET": "YOUR_OAUTH2_CLIENT_SECRET",
        "OAUTH2_SCOPES": "YOUR_OAUTH2_SCOPES",
        "BEARER_TOKEN": "YOUR_BEARER_TOKEN",
        "JWT_PRIVATE_KEY": "YOUR_JWT_PRIVATE_KEY",
        "JWT_ISSUER_ID": "YOUR_JWT_ISSUER_ID"
      }
    }
  }
}

Set OAUTH2_SCOPES to a comma-separated list of scopes your app requires (e.g. OAUTH2_SCOPES=scope_a,scope_b). Open .env to see all available scopes with descriptions.

---

Credentials

Set the following environment variables (via MCP client env config, shell export, or .env file):

• OAUTH2_CLIENT_ID — OAuth2 client ID
• OAUTH2_CLIENT_SECRET — OAuth2 client secret
• OAUTH2_SCOPES — OAuth2 scopes (comma-separated)
• BEARER_TOKEN — Bearer token
• JWT_PRIVATE_KEY — Path to .pem file or inline PEM key
• JWT_ISSUER_ID — Issuer ID (App ID, Team ID, etc.) Do not commit credentials to version control.

OAuth2

Add this redirect URI to your OAuth provider's allowed redirect URIs:

http://localhost:9400/callback

If you change OAUTH2_CALLBACK_PORT in .env, update the redirect URI to match.

On first use, a browser window opens automatically for OAuth authorization. Grant access when prompted — tokens are saved to tokens/oauth2_tokens.json and refreshed automatically.

Re-authorization: Delete tokens/oauth2_tokens.json and restart the server.

JWT Bearer

This server uses JWT Bearer authentication — tokens are generated automatically from a private key.

Set JWT_PRIVATE_KEY to either:

• File path: /path/to/private-key.pem
• Inline PEM: paste the full PEM content with newlines replaced by \n

Set JWT_ISSUER_ID to the application/issuer ID provided by the API (e.g. GitHub App ID).

Optional settings (see .env for details): algorithm (default RS256), expiry (default 600s), audience, key ID, token exchange URL.

---

Run Locally

First, configure your credentials in .env (see Credentials above).

pip install -r requirements.txt
python server.py

Connect MCP Client

Edit .mcp.json and replace <SERVER_DIR> with the absolute path to this directory, then add to your MCP client configuration.

Example (if server is at /home/user/mcp-servers/github):

{
  "mcpServers": {
    "github": {
      "command": "python",
      "args": ["/home/user/mcp-servers/github/server.py"]
    }
  }
}

---

Docker

First, configure your credentials in .env (see Credentials above).

docker build -t github .
mkdir -p tokens
docker run -p 8000:8000 -p 9400:9400 -v ./tokens:/app/tokens --env-file .env github

Before running, make sure ports 8000, 9400 are free. If you changed the callback port in .env, update the -p port mapping and your OAuth provider's redirect URI to match.

On first run, the server prints an authorization URL — check docker logs for the URL. Open it in your browser to complete OAuth consent. Tokens are persisted to ./tokens/ via the volume mount so re-authorization is not needed on subsequent runs. For Docker, use SSE transport in your MCP client config:

{
  "mcpServers": {
    "github": {
      "type": "sse",
      "url": "http://localhost:8000/sse"
    }
  }
}

---

Files

• .env - Credentials and server configuration
• .mcp.json - MCP client config template
• Dockerfile - Container build
• LICENSE - MIT license for this generated code
• requirements.txt - Python dependencies
• README.md - This file
• server.py - MCP server entry point
• _auth.py - Authentication handlers
• _models.py - Request/response models
• _validators.py - Input validation

Note: Files starting with . are hidden by default on macOS/Linux. Use ls -a in terminal or enable "Show hidden files" in your file manager to see .env and .mcp.json.

---

_{Generated by MCP Blacksmith · Quickstart docs · Report a bug}