MCP Gateway

MCP Gateway – API & Self-Service Portal

This repository contains the MCP Gateway, an enterprise solution to expose, manage and consume tools (internal APIs) in a secure, scalable and auditable way, with RBAC authentication and self-service portal.

Summary

Overview

The MCP Gateway consists of:

Backend: FastAPI + RBAC + JWT + JSON persistence (NoSQL ready)
Frontend: React (Vite) running integrated with the backend (build in /frontend/dist served as static)

Folder Structure

mcp-server/
├── app/                # Backend FastAPI
│   ├── main.py         # Entrypoint
│   ├── config.py       # Configurações
│   ├── auth.py         # Autenticação/JWT
│   ├── utils/          # Utilitários (RBAC, dependências)
│   └── groups/
│       ├── routes.py   # Rotas (APIs)
│       └── tools.py    # Utilitários de permissão
├── data/               # Dados persistentes
│   └── rbac.json       # Usuários, grupos, permissões
├── frontend/           # Portal React (Vite)
│   ├── src/            # Código-fonte React
│   └── dist/           # Build de produção (servido pelo FastAPI)
├── requirements.txt    # Dependências Python
├── README.md           # Este documento
└── ...

How to Spin (Development)

1. Backend (FastAPI)

python -m venv venv
.\venv\Scripts\activate
pip install -r requirements.txt
uvicorn app.main:app --reload

2. Frontend (React)

cd frontend
npm install
npm run dev

Go to: http://localhost:5173 (dev) or http://localhost:8000 (prod)

3. Frontend Build for Production

cd frontend
npm run build

The files will be generated in frontend/dist . FastAPI can serve these files automatically.

Features

JWT Login (user, group admin, global admin)
Group, User, and Tool Management (CRUD)
Dynamic creation of tools by group admin
Safe consumption of tools via portal
Healthcheck, registration, automatic documentation (Swagger)
Ready for NoSQL database integration and SSO

RBAC Structure Example

See data/rbac.json for example users, groups, and permissions.

Security

JWT, RBAC, share registry
Ready for CORS, HTTPS, rate limiting, etc.

API Documentation

Go to /docs for Swagger or /redoc for Redoc.

System Requirements

See the docs/REQUISITOS.md file for detailed functional, non-functional, and business requirements.

Complete Documentation

Detailed project documentation is centralized in the docs/ folder:

docs/REQUISITOS.md : System requirements
docs/API.md : Endpoints and API usage examples
docs/ARQUITETURA.md : Technical architecture
docs/SEGURANCA.md : Security and best practices
docs/GOVERNANCA.md : Governance and roles
docs/OPERACIONAL.md : Operation, monitoring and troubleshooting
docs/CHANGELOG.md : Version history

Good Practices and Observations

Keep dependencies up to date.
Use virtual environments for Python.
Always build the frontend before deploying to production.
See the documentation for the other modules in docs/ .
Tip: Use issues and pull requests to propose changes and maintain a history of decisions.

This document should be reviewed and updated periodically to reflect changes in the design.

This server cannot be installed

security - not tested

license - not found

quality - not tested

How are these scores calculated?

remote-capable server

The server can be hosted and run remotely because it primarily relies on remote services or has no dependency on the local environment.

A secure bridge that enables Large Language Models (LLMs) to interact with enterprise APIs and services in a controlled, contextualized way.

Related MCP Servers

MemGPT MCP Server
Vic563
-
security
F
license
-
quality
A TypeScript-based server that provides a memory system for Large Language Models (LLMs), allowing users to interact with multiple LLM providers while maintaining conversation history and offering tools for managing providers and model configurations.
Last updated -
25
JavaScript
Model Context Provider (MCP) Server
Mark850409
-
security
F
license
-
quality
Facilitates enhanced interaction with large language models (LLMs) by providing intelligent context management, tool integration, and multi-provider AI model coordination for efficient AI-driven workflows.
Last updated -
Python
OpenAPI MCP Server
ivo-toby
-
security
A
license
-
quality
A server that enables Large Language Models to discover and interact with REST APIs defined by OpenAPI specifications through the Model Context Protocol.
Last updated -
848
129
TypeScript
MIT License
LSP MCP Server
Tritlo
-
security
A
license
-
quality
Bridges Large Language Models with Language Server Protocol interfaces, allowing LLMs to access LSP's hover information, completions, diagnostics, and code actions for improved code suggestions.
Last updated -
60
TypeScript
MIT License

View all related MCP servers