MCP Gateway

by jowpereira

Integrations

  • Provides the foundation for the MCP Gateway, transforming FastAPI endpoints into MCP tools that allow LLMs to interact with corporate APIs in a controlled manner.

  • Supports project version control and distribution through Git repository cloning.

  • Hosts the FastAPI-MCP framework that this gateway is based on, allowing contribution and access to the core functionality.

MCP Gateway – API & Self-Service Portal

This repository contains the MCP Gateway, an enterprise solution to expose, manage and consume tools (internal APIs) in a secure, scalable and auditable way, with RBAC authentication and self-service portal.


Summary


Overview

The MCP Gateway consists of:

  • Backend: FastAPI + RBAC + JWT + JSON persistence (NoSQL ready)
  • Frontend: React (Vite) running integrated with the backend (build in /frontend/dist served as static)

Folder Structure

mcp-server/ ├── app/ # Backend FastAPI │ ├── main.py # Entrypoint │ ├── config.py # Configurações │ ├── auth.py # Autenticação/JWT │ ├── utils/ # Utilitários (RBAC, dependências) │ └── groups/ │ ├── routes.py # Rotas (APIs) │ └── tools.py # Utilitários de permissão ├── data/ # Dados persistentes │ └── rbac.json # Usuários, grupos, permissões ├── frontend/ # Portal React (Vite) │ ├── src/ # Código-fonte React │ └── dist/ # Build de produção (servido pelo FastAPI) ├── requirements.txt # Dependências Python ├── README.md # Este documento └── ...

How to Spin (Development)

1. Backend (FastAPI)

python -m venv venv .\venv\Scripts\activate pip install -r requirements.txt uvicorn app.main:app --reload

2. Frontend (React)

cd frontend npm install npm run dev

Go to: http://localhost:5173 (dev) or http://localhost:8000 (prod)

3. Frontend Build for Production

cd frontend npm run build

The files will be generated in frontend/dist . FastAPI can serve these files automatically.


Features

  • JWT Login (user, group admin, global admin)
  • Group, User, and Tool Management (CRUD)
  • Dynamic creation of tools by group admin
  • Safe consumption of tools via portal
  • Healthcheck, registration, automatic documentation (Swagger)
  • Ready for NoSQL database integration and SSO

RBAC Structure Example

See data/rbac.json for example users, groups, and permissions.


Security

  • JWT, RBAC, share registry
  • Ready for CORS, HTTPS, rate limiting, etc.

API Documentation

Go to /docs for Swagger or /redoc for Redoc.


System Requirements

See the docs/REQUISITOS.md file for detailed functional, non-functional, and business requirements.


Complete Documentation

Detailed project documentation is centralized in the docs/ folder:


Good Practices and Observations

  • Keep dependencies up to date.
  • Use virtual environments for Python.
  • Always build the frontend before deploying to production.
  • Check the documentation for the other modules in docs/ .
  • Tip: Use issues and pull requests to propose changes and maintain a history of decisions.

This document should be reviewed and updated periodically to reflect changes in the design.

-
security - not tested
F
license - not found
-
quality - not tested

remote-capable server

The server can be hosted and run remotely because it primarily relies on remote services or has no dependency on the local environment.

A secure bridge that enables Large Language Models (LLMs) to interact with enterprise APIs and services in a controlled, contextualized way.

  1. Summary
    1. Overview
      1. Folder Structure
        1. How to Spin (Development)
          1. 1. Backend (FastAPI)
          2. 2. Frontend (React)
          3. 3. Frontend Build for Production
        2. Features
          1. RBAC Structure Example
            1. Security
              1. API Documentation
                1. System Requirements
                  1. Complete Documentation
                    1. Good Practices and Observations

                      Related MCP Servers

                      • -
                        security
                        F
                        license
                        -
                        quality
                        A comprehensive Model Context Protocol server that bridges LLMs with self-hosted media services, enabling natural language control of TV shows, movies, downloads, and notifications while maintaining traditional API access.
                        Last updated -
                        TypeScript
                      • -
                        security
                        A
                        license
                        -
                        quality
                        A Model Context Protocol server that enables LLMs like Claude to interact with the Alpaca trading API, allowing for trading stocks, checking positions, fetching market data, and managing accounts through natural language.
                        Last updated -
                        Python
                        MIT License
                      • -
                        security
                        A
                        license
                        -
                        quality
                        A Model Context Protocol Server that enables LLMs to interact with and execute REST API calls through natural language prompts, supporting GET/PUT/POST/PATCH operations on configured APIs.
                        Last updated -
                        5
                        Python
                        Apache 2.0
                      • -
                        security
                        A
                        license
                        -
                        quality
                        Bridges Large Language Models with Language Server Protocol interfaces, allowing LLMs to access LSP's hover information, completions, diagnostics, and code actions for improved code suggestions.
                        Last updated -
                        2
                        TypeScript
                        MIT License

                      View all related MCP servers

                      ID: 57bbyvzkjx