Authentication

How Authentication Works

When you connect to the neuroflash MCP server from Claude Desktop or another MCP client, authentication is handled automatically using OAuth 2.0. The client opens a browser window where you log in with your neuroflash account. After login, the session is established and you can start using the tools immediately.

OAuth 2.0 + PKCE

The server implements the standard OAuth 2.0 authorization flow with PKCE (Proof Key for Code Exchange), which prevents token interception. Your credentials are never shared with the MCP client — authentication goes directly through neuroflash's identity provider. Sessions are short-lived and automatically refreshed.

Authentication Flow

🔒

You connect to the MCP server from your client

Browser opens automatically for authentication

Log in with your neuroflash account

Session established — the client receives a token

Ready to use — start asking questions

No manual token management is required. The MCP client handles the entire flow transparently.