webmcp-authentication | webmcp-browser-agents | ClaudePluginHub

Skill

webmcp-authentication

From webmcp-browser-agents

Implements WebMCP authentication for browser agents: session inheritance, cookie auth, role-gated tool registration, conditional exposure by user state. Use for auth-dependent tool management.

Install

$

npx claudepluginhub orcaqubits/agentic-commerce-skills-plugins --plugin webmcp-browser-agents

Tool Access

This skill is limited to using the following tools:

ReadWriteEditBashGrepGlobWebSearchWebFetch

Preview

**Fetch live docs**:

SKILL.md

Similar Skills

cache-components

Guides Next.js Cache Components and Partial Prerendering (PPR) with cacheComponents enabled. Implements 'use cache', cacheLife(), cacheTag(), revalidateTag(), static/dynamic optimization, and cache debugging.

cache-components

139.1k

claude-opus-4-5-migration

2 files

Migrates code, prompts, and API calls from Claude Sonnet 4.0/4.5 or Opus 4.1 to Opus 4.5, updating model strings on Anthropic, AWS, GCP, Azure platforms.

claude-opus-4-5-migration

83.2k

claude-code-plugin-release

1 file

Automates semantic versioning and release workflow for Claude Code plugins: bumps versions in package.json, marketplace.json, plugin.json; verifies builds; creates git tags, GitHub releases, changelogs.

64.7k

Stats

Parent Repo Stars14

Parent Repo Forks9

Last CommitMar 9, 2026

Actions

View Source View Plugin View on GitHub View README

Tags

browser-session

tool-registration

session-inheritance

WebMCP Authentication

Before writing code

Fetch live docs:

Fetch https://webmachinelearning.github.io/webmcp/ for authentication-related sections of the spec
Web-search webmcp authentication session cookies browser agent for auth pattern guidance
Web-search site:developer.chrome.com webmcp security authentication for Chrome security model
Web-search site:github.com mcp-b security authentication for polyfill security guidance

Conceptual Architecture

How WebMCP Authentication Works

WebMCP's auth model is fundamentally different from backend API authentication:

No separate agent login — The agent inherits the user's browser session
Cookies and headers — Tools' fetch calls automatically include the user's cookies and auth headers
Same-origin policy — Tools operate within the page's origin, bound by standard browser security
Session-based — If the user is logged in, tools have the user's permissions; if not, tools have anonymous access

This means the agent acts as the user, not as a separate entity with its own credentials.

Authentication Flow

User logs in to site (normal browser auth)
  → Page loads with authenticated session
  → JavaScript checks user auth state
  → If authenticated: register full tool set (search, cart, checkout, account)
  → If anonymous: register limited tool set (search, viewDetails only)
  → Agent discovers available tools based on current auth state

Role-Gated Tool Registration

Register tools conditionally based on user permissions:

// Always register read-only tools
registerPublicTools();

// Register transactional tools only for authenticated users
if (user.isAuthenticated) {
  registerCartTools();
  registerAccountTools();
}

// Register admin tools only for admin users
if (user.role === "admin") {
  registerAdminTools();
}

Auth State Changes

Handle login/logout during an agent session:

// On login
authService.onLogin((user) => {
  registerAuthenticatedTools(user);
});

// On logout
authService.onLogout(() => {
  navigator.modelContext.clearContext();
  registerPublicTools(); // Re-register only anonymous tools
});

Session Expiration

Tools must handle session expiration gracefully:

async execute(input) {
  const res = await fetch("/api/cart", { credentials: "same-origin" });
  if (res.status === 401) {
    return {
      status: "error",
      code: "session_expired",
      message: "Your session has expired. Please log in again."
    };
  }
  return await res.json();
}

Security Considerations

Never expose auth tokens to the agent — The agent doesn't need to see cookies or tokens; the browser handles them
Server-side validation — Always validate the session server-side; don't trust client-side auth checks alone
CSRF protection — Tools making POST requests should include CSRF tokens (the page already has them)
Sensitive tools need confirmation — Even authenticated users should confirm destructive actions via requestUserInteraction
No credential storage — Never register tools that accept passwords or credentials as parameters

Multi-Factor Authentication

If an action requires MFA (e.g., changing payment method):

async execute(input, client) {
  // Check if action requires MFA
  const mfaRequired = await fetch("/api/check-mfa-required");
  if (mfaRequired) {
    await client.requestUserInteraction((resolve) => {
      // Site shows MFA challenge (OTP input, biometric prompt, etc.)
      showMfaChallenge(resolve);
    });
  }
  // Proceed with the action
  // ...
}

Best Practices

Check auth state before registering tools, not during tool execution
Clear all tools on logout to prevent stale tool exposure
Return clear, structured error responses for auth failures
Never pass sensitive user data (email, address, card) as tool input parameters — fetch it server-side
Log tool invocations with user identity for audit trails
Handle token refresh transparently within tool callbacks

Fetch the specification for any authentication-specific APIs, secure context requirements, and browser permission model details before implementing.