github-mcp-server icon indicating copy to clipboard operation
github-mcp-server copied to clipboard
verified publisher icon github

feat: add token source flag, gh cli auth

Open gillisandrew opened this issue 8 months ago • 4 comments

This PR adds support for using the GitHub CLI's token. Users pass --token-source gh to enable it (defaulting to "env" token source). It also includes a couple of changes that should make it straightforward to publish a GitHub CLI extension (#215) that uses "gh" as the default source.

gillisandrew avatar Apr 11 '25 21:04 gillisandrew

Wondering if this should be leveraging cli/go-gh like it is or potentially instances of the MCP server being their own OAuth applications i.e. having their own client ID which could be implemented using this

pauldthomson avatar Jun 02 '25 06:06 pauldthomson

@pauldthomson Definitely agree, there should be some tooling provided by github-mcp-server to acquire the token so users aren't stuck generating PATs.

There is a broader discussion to be had about how fine-grained authorization could be handled by the server, given many users want to grant varying levels of access to different resources (e.g. read-write access to current repo, but read-only access to other repos). It could go a long way to addressing the perennial claims of github-mcp-server being "exploited" by poisoned prompts to extract private data.

gillisandrew avatar Jun 02 '25 17:06 gillisandrew

This PR adds support for using the GitHub CLI's token

raj4036 avatar Jul 31 '25 06:07 raj4036

X

jojkoloski avatar Jul 31 '25 19:07 jojkoloski