npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2025 – Pkg Stats / Ryan Hefner

@compligent-mcp/nice

v2.4.3

Published

Compligent MCP Client - NIST NICE Framework (SP 800-181 Rev 2) with StreamableHTTP transport

Downloads

65

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

compligentcompligent

Keywords

compligentmcpnistniceworkforcecybersecurityskillscompetenciescompliancenpxcliclient

Readme

@compligent-mcp/nice

Compligent MCP Client for NIST NICE Framework (SP 800-181 Rev 2) with OAuth 2.1 authentication.

Features

  • 🔐 OAuth 2.1 Authorization Code + PKCE - Secure authentication flow
  • 🚀 Zero configuration - Just run npx @compligent-mcp/nice
  • 🔄 Automatic token refresh - Seamless re-authentication
  • 🌐 Browser-based login - Authenticate via GitHub or Google
  • 📦 MCP protocol - Full MCP SDK compatibility
  • 🎯 32 tools + 23 prompts - Complete NICE Framework coverage

Quick Start

Installation

npx @compligent-mcp/nice

The client will:

  1. Open your browser for OAuth authentication
  2. Start a local callback server on port 3333
  3. Save your access token securely to ~/.compligent/oauth/tokens.json
  4. Connect to the NICE Framework MCP server

MCP Configuration

Add to your MCP settings (e.g., Claude Desktop, Cline, etc.):

{
  "mcpServers": {
    "nice-workforce": {
      "command": "npx",
      "args": ["@compligent-mcp/nice"]
    }
  }
}

Authentication Flow

First Time Setup

  1. Run the client:

    npx @compligent-mcp/nice

  2. Browser opens automatically to:

    https://compligent-oauth-gateway-prod.compli.workers.dev/authorize

  3. Choose authentication provider:

    • Login with GitHub
    • Login with Google

  4. Authorize the application:

    • Grant permissions: mcp:read, mcp:execute, user:profile

  5. Redirected to localhost:

    • Success page displays: "Authentication Successful!"
    • Token automatically saved

  6. Return to terminal:

    • Client is now connected and ready

Subsequent Uses

Tokens are cached and automatically refreshed:

  • Access token: Valid for 1 hour
  • Refresh token: Valid for 30 days
  • Auto-refresh: Happens transparently with 5-minute buffer

Manual Token Management

View stored token location:

ls ~/.compligent/oauth/tokens.json

Clear token (logout):

rm ~/.compligent/oauth/tokens.json

Use environment variable (for CI/CD or testing):

export COMPLIGENT_TOKEN=your_access_token_here
npx @compligent-mcp/nice

OAuth Configuration

The client uses these OAuth settings:

| Setting | Value | |---------|-------| | Gateway URL | https://compligent-oauth-gateway-prod.compli.workers.dev | | Client ID | nice-cli | | Redirect URI | http://localhost:3333/callback | | Scopes | mcp:read mcp:execute user:profile | | Flow | Authorization Code + PKCE | | Token Storage | ~/.compligent/oauth/tokens.json |

Gateway Requirements

The OAuth gateway must have these endpoints configured:

GitHub OAuth App Settings

  • Authorization callback URL:
    https://compligent-oauth-gateway-prod.compli.workers.dev/oauth/callback/github

Google OAuth App Settings

  • Authorized redirect URI:
    https://compligent-oauth-gateway-prod.compli.workers.dev/oauth/callback/google

Client Registration

The gateway must allow dynamic client registration for CLI clients:

// In gateway configuration
disallowPublicClientRegistration: false

Troubleshooting

Port 3333 Already in Use

If port 3333 is occupied, you can change the redirect URI by forking and modifying:

// In src/index.ts
const OAUTH_REDIRECT_URI = "http://localhost:YOUR_PORT/callback";

Browser Doesn't Open

If the browser fails to open automatically:

  1. Check the terminal output for the authorization URL
  2. Manually copy and paste the URL into your browser
  3. Complete authentication there

Token Expired

If you see "OAuth authentication failed":

  1. Delete the old token: rm ~/.compligent/oauth/tokens.json
  2. Run the client again to re-authenticate

Firewall/Network Issues

If you're behind a corporate firewall:

  • Ensure localhost:3333 is allowed for callback
  • Verify access to compligent-oauth-gateway-prod.compli.workers.dev
  • Check proxy settings if using one

Gateway Not Configured

If the gateway returns "Unknown client":

  • Ensure the client ID nice-cli is registered
  • Verify disallowPublicClientRegistration: false is set
  • Check that the redirect URI matches exactly

Architecture

┌─────────────────┐
│   MCP Client    │
│  (Claude, etc)  │
└────────┬────────┘
         │ stdio
         ▼
┌─────────────────┐
│  nice-cli       │
│  (local proxy)  │
└────────┬────────┘
         │ OAuth 2.1
         │ + PKCE
         ▼
┌─────────────────┐      ┌──────────────┐
│ OAuth Gateway   │──────│ GitHub/Google│
│ (Cloudflare)    │      │    OAuth     │
└────────┬────────┘      └──────────────┘
         │ SSE/HTTP
         ▼
┌─────────────────┐
│  NICE Server    │
│ (StreamableHTTP)│
└─────────────────┘

Development

Build from source

# Clone repo
git clone https://github.com/compligent/mcp-platform.git
cd platform/servers/clients/nice-cli

# Install dependencies
npm install

# Build
npm run build

# Run locally
npm start

# Or run in dev mode
npm run dev

Test OAuth flow

# Clear any cached tokens
rm ~/.compligent/oauth/tokens.json

# Run client
npm run dev

# Browser should open for authentication

Security

  • PKCE - Protects against authorization code interception
  • State parameter - Prevents CSRF attacks
  • Localhost-only callbacks - Reduces attack surface
  • Token file permissions - Stored with user-only access
  • No client secret - Public client (safe for CLI)
  • Automatic token refresh - Minimizes credential exposure

License

MIT

Support

  • Documentation: https://docs.compligent.io
  • Issues: https://github.com/compligent/mcp-platform/issues
  • Website: https://compligent.io