Authentication
How to authenticate with the Model Context Protocol Service API using JWT tokens.
Overview
All endpoints (except Health) require a Bearer JWT token. The tenantId is extracted from the JWT claims automatically via the @CurrentTenant() decorator.
ECS Fargate Deployment
mcp-svc runs on AWS ECS Fargate (not Lambda). The staging ALB endpoint is available at https://eventzr-staging-alb-134677813.us-east-1.elb.amazonaws.com/mcp/v1
Obtaining a JWT Token
Login via auth-svcbash
curl -X POST https://535ubezkse.execute-api.us-east-1.amazonaws.com/auth/v1/login \
-H "Content-Type: application/json" \
-d '{
"email": "dev@eventzr.com",
"password": "Password123!"
}'
# Response:
# {
# "data": {
# "accessToken": "eyJhbGciOiJSUzI1NiIs...",
# "refreshToken": "eyJhbGciOiJSUzI1NiIs...",
# "expiresIn": 3600
# }
# }Use the token with mcp-svcbash
export TOKEN="<access-token-from-response>"
# List tools
curl https://eventzr-staging-alb-134677813.us-east-1.elb.amazonaws.com/mcp/v1/tools \
-H "Authorization: Bearer $TOKEN" \
-H "x-tenant-id: 00000000-0000-0000-0000-000000000001"
# Register a tool
curl -X POST https://eventzr-staging-alb-134677813.us-east-1.elb.amazonaws.com/mcp/v1/tools \
-H "Authorization: Bearer $TOKEN" \
-H "Content-Type: application/json" \
-H "x-tenant-id: 00000000-0000-0000-0000-000000000001" \
-d '{
"service_key": "events.describe",
"name": "event-description-generator",
"display_name": "Event Description Generator",
"description": "Generates engaging event descriptions using AI for any event type",
"callback_url": "https://api.eventzr.com/tools/describe",
"input_schema": { "type": "object", "properties": { "title": { "type": "string" } } },
"tags": ["events", "ai", "content"]
}'Test Credentials
Staging Environment Credentials
Use these credentials to test the API in the Scalar playground above.
| Role | Password | Tenant ID | |
|---|---|---|---|
| Developer | dev@eventzr.com | Password123! | 00000000-...-000001 |
| Admin | admin@eventzr.com | Password123! | 00000000-...-000001 |
Standard Headers
| Header | Required | Description |
|---|---|---|
Authorization | Yes | Bearer JWT token |
Content-Type | POST/PATCH | application/json |
x-request-id | No | Request trace ID (UUID), auto-generated if absent |
x-tenant-id | Recommended | Tenant UUID for explicit tenant filtering |
Idempotency-Key | No | Idempotency key for write operations (24h TTL) |
Response Envelope
Standard response formatjson
{
"data": { ... },
"error": null,
"page": {
"next_cursor": "eyJwYWdlIjoyLCJsaW1pdCI6MjB9",
"has_more": true,
"limit": 20
},
"meta": {
"request_id": "550e8400-e29b-41d4-a716-446655440000"
}
}