A community-driven registry for the Claude Code ecosystem. Not affiliated with Anthropic.
Are you the author? Sign in to claim
MCP server that lets AI assistants fetch content from authenticated web pages.
MCP server that lets AI assistants fetch content from authenticated web pages.
When your AI tries to read a URL that requires login, this tool opens a real browser for you to sign in — then captures the page content as cleaned HTML. Sessions are saved locally, so you only log in once per service.
claude mcp add --scope user auth-fetch -- npx auth-fetch-mcp@latest
{
"mcpServers": {
"auth-fetch": {
"command": "npx",
"args": ["auth-fetch-mcp@latest"]
}
}
}
Chromium is auto-installed on first run if not already present.
auth_fetchThe primary tool. Fetches page content using a real browser, opening a window for login if needed. Returns cleaned HTML with noise elements (nav, footer, scripts, etc.) stripped and media tags (<img>, <video>, <iframe>) preserved.
| Parameter | Type | Required | Description |
|---|---|---|---|
url | string | yes | The URL to fetch content from (only http/https; see URL restrictions) |
wait_for | string | no | CSS selector to wait for before capturing (useful for SPAs) |
download_mediaDownloads files from URLs using saved browser sessions. Use this to lazily download images, videos, or other files found in auth_fetch results. The browser's saved cookies handle authentication automatically — no need to log in again.
| Parameter | Type | Required | Description |
|---|---|---|---|
urls | string[] | yes | One or more URLs to download (only http/https; see URL restrictions) |
output_dir | string | no | Subdirectory under ~/.auth-fetch-mcp/downloads/ to save files into. Absolute paths or .. segments that escape this root are rejected. Defaults to ~/.auth-fetch-mcp/downloads/<timestamp>/ |
Example flow:
1. auth_fetch("https://notion.so/my-page")
→ Returns HTML with <img src="https://s3.notion.so/signed-url..."/> tags
2. AI reads the HTML, identifies an image it needs
3. download_media(["https://s3.notion.so/signed-url..."])
→ Downloads the image using saved session cookies
→ Returns { localPath: "~/.auth-fetch-mcp/downloads/.../file-1.png" }
list_pagesLists all open tabs in the browser with their URLs and titles.
close_browserCloses the browser window. Login sessions are saved and will be reused next time.
To prevent SSRF (server-side request forgery) attacks driven by prompt injection, both auth_fetch and download_media validate every URL before dispatching it:
http and https schemes are allowed. file:, data:, javascript:, etc. are rejected.0.0.0.0/8, 10.0.0.0/8, 100.64.0.0/10, 127.0.0.0/8, 169.254.0.0/16, 172.16.0.0/12, 192.0.0.0/24, 192.168.0.0/16, 198.18.0.0/15, 224.0.0.0/4, 240.0.0.0/4::, ::1, fc00::/7, fe80::/10, ff00::/8, IPv4-mapped equivalentsdownload_media additionally constrains output_dir to stay inside ~/.auth-fetch-mcp/downloads/. Absolute paths and .. segments that escape this root are rejected.If you need to access a host on your local machine or LAN (e.g., a dev server, NAS, or Tailscale node), opt in with environment variables:
| Variable | Effect |
|---|---|
AUTH_FETCH_ALLOW_PRIVATE | Set to 1, true, or yes to disable all private/loopback/link-local checks. Most permissive — use only in trusted environments. |
AUTH_FETCH_ALLOW_HOSTS | Comma-separated allowlist of hostnames or IPs. Matches against the URL's hostname and every resolved IP. |
.mcp.json example:
{
"mcpServers": {
"auth-fetch": {
"command": "npx",
"args": ["auth-fetch-mcp@latest"],
"env": {
"AUTH_FETCH_ALLOW_HOSTS": "localhost,127.0.0.1,192.168.1.10"
}
}
}
}
Heads up: enabling these variables re-opens those hosts to any prompt the MCP client (LLM) processes. Prefer the narrowest possible allowlist over
AUTH_FETCH_ALLOW_PRIVATE=1, and only enable them in environments you trust.
All data is stored locally under ~/.auth-fetch-mcp/. Nothing is sent to external servers.
| What | Where | When | Persistent? |
|---|---|---|---|
| Browser sessions (cookies, local storage) | ~/.auth-fetch-mcp/browser-data/ | After first login | Yes — reused across restarts |
| Downloaded media files | ~/.auth-fetch-mcp/downloads/<timestamp>/ | Only when download_media is called | Yes — stays until you delete it |
| Captured page content (HTML) | Not saved to disk | Passed directly to AI via stdio | No — exists only in the AI's context |
To clear all data:
# Clear login sessions only
rm -rf ~/.auth-fetch-mcp/browser-data/
# Clear downloaded files only
rm -rf ~/.auth-fetch-mcp/downloads/
# Clear everything
rm -rf ~/.auth-fetch-mcp/
wait_for option)AUTH_FETCH_ALLOW_PRIVATE / AUTH_FETCH_ALLOW_HOSTS (see URL restrictions)Contributions are welcome! Please open an issue or submit a pull request.
git clone https://github.com/ymw0407/auth-fetch-mcp.git
cd auth-fetch-mcp
npm install
npm run build
MIT
Run Claude Code as an MCP server so any agent can delegate coding tasks to it
Browser automation using accessibility snapshots instead of screenshots
@designcomputerSecure MCP server for MySQL database interaction, queries, and schema management
English-first Korean equity intelligence MCP — DART filings, foreign-holder 5%-rule flows, activist filings, KRX news. F
0
via CLI
