A ready-made opaque-token verifier that validates bearer tokens via OAuth 2.0 Token Introspection (RFC 7662), so MCP server authors don't have to hand-roll the introspection request, response parsing, and claim checks. It is the D analogue of FastMCP's IntrospectionTokenVerifier.
A ready-made JWT (RFC 7519) access-token verifier that plugs into ResourceServerConfig.validator, so MCP server authors don't have to hand-roll JWS signature verification, JWKS fetching, and claim checks. It is the D analogue of FastMCP's JWTVerifier.
A server-side OAuth provider that fronts an upstream OAuth identity provider which does NOT support Dynamic Client Registration (GitHub, Google, Azure, etc.). It is the D analogue of FastMCP's OAuthProxy.
Turnkey server-side auth presets for common identity providers, the D analogue of FastMCP's provider integrations. Each preset is a thin wrapper that fills in the IdP's well-known issuer / JWKS URI / endpoints / default audience + scopes, so an MCP server author writes one line instead of hand-wiring discovery.
A trivial bearer-token verifier built from an in-memory map of token string → TokenInfo, for local development and tests. It is the D analogue of FastMCP's StaticTokenVerifier.
mcp.auth — opt-in authentication / authorization plumbing for the MCP SDK.
The bare import mcp; does not dump the auth layer at the top level. Token verifiers (JWT, introspection, static), the OAuth client / login helpers, the resource-server helpers, and the OAuth proxy are brought in explicitly with import mcp.auth;.