Skip to main content
Glama
northernvariables

FedMCP - Federal Parliamentary Information

by northernvariables
OverviewSchemaRelated ServersScoreDiscussions
TypeScript
Remote
.env.example2.96 kB
# Neo4j Connection NEO4J_URI=neo4j+s://xxxxx.databases.neo4j.io NEO4J_USER=neo4j NEO4J_PASSWORD=your_neo4j_password_here # Server Configuration PORT=4000 NODE_ENV=development # CORS Origins # IMPORTANT: Use COMMA (,) or SEMICOLON (;) as delimiter for multiple origins # Both delimiters are supported via regex split: /[,;]/ # Each origin MUST be a valid URL with protocol (http:// or https://) # Examples: # Single origin: CORS_ORIGINS=http://localhost:3000 # Multiple (comma): CORS_ORIGINS=http://localhost:3000,https://example.com # Multiple (semi): CORS_ORIGINS=http://localhost:3000;https://example.com # Validation: Origins are validated at startup - invalid formats will cause errors CORS_ORIGINS=http://localhost:3000,http://localhost:5173 # API Configuration GRAPHQL_INTROSPECTION=true GRAPHQL_PLAYGROUND=true # =========================================== # Authentication Configuration # =========================================== # API keys are used to authenticate requests to the GraphQL API # Generate new keys using: ./scripts/generate-api-keys.sh # Frontend API Key - Used by the Next.js frontend application # Rate limit: 10,000 requests/hour # Permissions: read, write # Generate with: openssl rand -hex 32 FRONTEND_API_KEY=your-frontend-api-key-here # Public API Key - Optional, for public read-only access # Rate limit: 1,000 requests/hour # Permissions: read # Leave blank to disable public access # Generate with: openssl rand -hex 32 PUBLIC_API_KEY=your-public-api-key-here # Admin API Key - For administrative operations and management # Rate limit: 50,000 requests/hour # Permissions: read, write, admin # Generate with: openssl rand -hex 32 ADMIN_API_KEY=your-admin-api-key-here # JWT Secret - Used by Neo4jGraphQL for authorization features # This is used to sign and verify JWT tokens for the @auth directives # Generate with: openssl rand -base64 32 JWT_SECRET=your-jwt-secret-here # Authentication Required - Toggle API key requirement # Set to 'false' only for development/testing without authentication # ALWAYS set to 'true' in production AUTH_REQUIRED=true # =========================================== # GraphiQL Access Control # =========================================== # IP whitelist for GraphiQL playground (comma-separated) # Leave empty to disable GraphiQL entirely # Example: GRAPHIQL_ALLOWED_IPS=192.168.1.1,10.0.0.1 # SECURITY: Always leave empty in production or restrict to trusted IPs only GRAPHIQL_ALLOWED_IPS= # =========================================== # SECURITY BEST PRACTICES # =========================================== # 1. NEVER commit .env files with real keys to git # 2. Use GCP Secret Manager for production secrets # 3. Rotate API keys regularly (every 90 days recommended) # 4. Set GRAPHQL_INTROSPECTION=false in production # 5. Set GRAPHQL_PLAYGROUND=false in production # 6. Keep GRAPHIQL_ALLOWED_IPS empty in production # 7. Always set AUTH_REQUIRED=true in production

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/northernvariables/FedMCP'

If you have feedback or need assistance with the MCP directory API, please join our Discord server