BrainGrid solves MCP multi-tenant authentication with Redis session caching and WorkOS OAuth
MCP servers that work locally fail under multi-tenant serverless deployments because serverless platforms have no session persistence, forcing customers to re-authenticate on every new instance. Without shared session state, each JWT validation adds significant latency per request.
Storing sessions in an in-memory Map fails in serverless environments because each new instance starts with empty state. Full JWT validation on every request without a shared cache adds 50-100ms per request and increases costs significantly.
BrainGrid's MCP server now authenticates once and works across all serverless instances by using an encrypted Redis session store and a fast-path/slow-path authentication middleware, serving hundreds of developers in production.
Frequently asked questions
What did this team achieve with this AI workflow?
BrainGrid's MCP server now authenticates once and works across all serverless instances by using an encrypted Redis session store and a fast-path/slow-path authentication middleware, serving hundreds of developers in…
What tools did this team use?
FastMCP, WorkOS, Redis, ioredis, jose, pino, DataDog, node-dogstatsd.
What results were reported?
JWT validation overhead per request (naive approach): 50-100ms; User scale supported: Scales from 1 to 1000 users; Operational cost: Costs pennies to run; Production users served: hundreds of developers (source-reported, not independently verified).
What failed first in this deployment?
Storing sessions in an in-memory Map fails in serverless environments because each new instance starts with empty state.
How is this back office ops AI workflow structured?
Request with bearer token → Fast-path JWT decode → Redis session cache lookup → Full JWT validation via WorkOS JWKS → Encrypted session stored in Redis.