
Model Context Protocol (MCP) servers are landing on the public internet faster than anyone is securing them: a 2025 Knostic scan found roughly 1,862 of them exposed with no authentication at all, and Astrix Research's analysis of more than 5,200 open source MCP servers found that only 8.5% implement OAuth. This course is about not being one of them, without writing auth code into every server you build.
A new lesson is published every week until the course is complete.
You'll work hands-on, in live playgrounds, with Pomerium, an open source identity and context-aware access proxy that brings zero-trust access to applications and services. Its native MCP support lets it act as an MCP gateway. Everything runs on free infrastructure: open source tooling, MCP Inspector as the client, and at most a free GitHub account for the identity and API lessons. No paid accounts are required. The playgrounds use Pomerium's hosted authenticate service for quick setup and testing; in production, configure Pomerium to use your production identity provider. The reverse tunnel you'll build in the first lesson also exists as a hosted service, pom.run, where a single ssh -R command does the whole job; this course builds the self-hosted version, so you own every moving part.
The course builds in three arcs:
Each lesson is a self-contained playground with verified tasks, and later lessons build on the patterns (and occasionally the configs) of earlier ones, so taking them in order works best. A capstone challenge at the end lets you prove the whole toolkit against a fleet of MCP servers.
By the end, you'll be able to take any MCP server or app, yours or someone else's, and put authentication, authorization, and an audit trail in front of it without touching its code.
Writes about
Frequently covers