Skip to main content
Glama

Tableau MCP Server

by russelenriquez-agile
OverviewInspectNewSchemaRelated ServersScore
TypeScript
Remote
PHASE_3_LOG.mdβ€’16.1 kB
# Phase 3 Implementation Log: MCP Server Core **Date**: November 18, 2025 **Status**: βœ… Complete **Phase**: Phase 3 - MCP Server Core Implementation **File**: `src/server.ts` --- ## Phase 3 Overview This phase implements the core MCP server infrastructure with SSE transport, authentication, and all necessary middleware for production deployment. --- ## Objectives 1. βœ… Implement SSE (Server-Sent Events) transport for remote MCP access 2. βœ… Create authentication middleware with X-API-Key header validation 3. βœ… Initialize and configure MCP server from SDK 4. βœ… Set up tool registration framework (tools will be implemented in Phase 4) 5. βœ… Configure CORS for Cursor access 6. βœ… Implement structured logging with request/response tracking 7. βœ… Enhance health check endpoint with dependency validation 8. βœ… Add comprehensive error handling --- ## Implementation Tasks ### Task 1: SSE Transport Setup **Status**: πŸ”„ In Progress #### Objectives: - Implement `/sse` endpoint with proper SSE headers - Configure SSE connection handling - Integrate MCP SDK with SSE transport - Handle client connections and disconnections gracefully - Maintain persistent connections for MCP protocol #### Technical Details: ```typescript // SSE headers configuration - Content-Type: text/event-stream - Cache-Control: no-cache - Connection: keep-alive - X-Accel-Buffering: no (for nginx compatibility) // SSE message format - Standard Server-Sent Events protocol - Message format: data: {...}\n\n - Handle reconnection logic ``` #### Dependencies: - `@modelcontextprotocol/sdk` - SSE transport from SDK - Express.js for HTTP server --- ### Task 2: Authentication Middleware **Status**: πŸ”„ In Progress #### Objectives: - Create middleware function for X-API-Key validation - Protect MCP endpoints (SSE) with authentication - Allow health check endpoint without authentication - Generate secure API key format documentation - Return appropriate HTTP status codes for auth failures #### Security Requirements: - API key must be minimum 32 characters - Use environment variable `MCP_API_KEY` - Constant-time comparison to prevent timing attacks - Log authentication failures (without exposing keys) - Return 401 Unauthorized for invalid/missing keys #### Implementation Pattern: ```typescript function authenticateAPIKey(req, res, next) { const apiKey = req.headers['x-api-key']; if (!apiKey) { return res.status(401).json({ error: 'Missing API key' }); } if (apiKey !== process.env.MCP_API_KEY) { return res.status(401).json({ error: 'Invalid API key' }); } next(); } ``` --- ### Task 3: MCP Server Initialization **Status**: πŸ”„ In Progress #### Objectives: - Initialize MCP server from SDK - Configure server capabilities - Set up request/response handling - Create tool registry structure - Prepare for tool registration (Phase 4) #### MCP Server Configuration: ```typescript const server = new Server( { name: 'tableau-mcp-server', version: '1.0.0', }, { capabilities: { tools: {}, }, } ); ``` #### Tool Registration Framework: - Create empty tool registry array - Prepare `registerTools()` function for Phase 4 - Document tool registration pattern - Set up tool handler routing --- ### Task 4: CORS Configuration **Status**: πŸ”„ In Progress #### Objectives: - Configure CORS for Cursor client access - Allow appropriate origins - Enable necessary headers - Handle preflight OPTIONS requests #### CORS Settings: ```typescript // Allowed origins - https://cursor.sh - http://localhost:* (for development) // Allowed headers - Content-Type - X-API-Key - Accept // Allowed methods - GET, POST, OPTIONS // Credentials - Allow credentials: false (using API key instead) ``` #### Implementation: - Use `cors` package or custom middleware - Configure before other middleware - Test with Cursor client - Ensure SSE works with CORS --- ### Task 5: Structured Logging **Status**: πŸ”„ In Progress #### Objectives: - Implement structured logging system - Log all incoming requests - Log SSE connection events - Log authentication attempts - Sanitize sensitive data (API keys, tokens) #### Logging Structure: ```typescript { timestamp: ISO8601, level: 'info' | 'warn' | 'error', message: string, requestId: uuid, method: string, path: string, statusCode: number, duration: milliseconds, error?: Error } ``` #### What to Log: - βœ… Server startup - βœ… Request received - βœ… SSE connection opened - βœ… SSE connection closed - βœ… Authentication success/failure - βœ… Tool invocation (Phase 4) - βœ… Errors with stack traces - ❌ API keys (never log) - ❌ Tableau credentials (never log) --- ### Task 6: Enhanced Health Check **Status**: πŸ”„ In Progress #### Objectives: - Expand basic health check - Add Tableau connectivity test - Include dependency status - Add readiness probe - Add liveness probe #### Health Check Response: ```json { "status": "healthy" | "unhealthy", "service": "tableau-mcp-server", "version": "1.0.0", "timestamp": "ISO8601", "checks": { "express": "ok", "mcp": "ok", "tableau": "ok" | "error" }, "uptime": seconds } ``` #### Endpoints: - `GET /health` - General health check (always responds) - `GET /health/ready` - Readiness probe (checks dependencies) - `GET /health/live` - Liveness probe (server running) --- ### Task 7: Error Handling **Status**: πŸ”„ In Progress #### Objectives: - Implement global error handler - Catch unhandled errors - Return proper HTTP status codes - Format errors for client consumption - Log errors with context #### Error Response Format: ```json { "error": { "message": "User-friendly error message", "code": "ERROR_CODE", "statusCode": 500, "timestamp": "ISO8601" } } ``` #### Error Categories: - 400 Bad Request - Invalid parameters - 401 Unauthorized - Missing/invalid API key - 403 Forbidden - Insufficient permissions - 404 Not Found - Resource not found - 429 Too Many Requests - Rate limit (future) - 500 Internal Server Error - Server errors - 502 Bad Gateway - Tableau API errors - 503 Service Unavailable - Tableau unavailable #### Error Handling Middleware: ```typescript app.use((err, req, res, next) => { logger.error('Unhandled error', err); res.status(err.statusCode || 500).json({ error: { message: err.message, code: err.code || 'INTERNAL_ERROR', statusCode: err.statusCode || 500, timestamp: new Date().toISOString() } }); }); ``` --- ## Environment Variables Required ```bash # Server Configuration PORT=8080 # Server port (default: 8080) NODE_ENV=production # Environment (production/development) # Authentication MCP_API_KEY=<secure-random-key> # API key for MCP access (min 32 chars) # Tableau Configuration (for health check in Phase 3) TABLEAU_SERVER_URL=<url> # Tableau server URL TABLEAU_SITE_ID=<site> # Tableau site ID TABLEAU_TOKEN_NAME=<name> # PAT name TABLEAU_TOKEN_VALUE=<value> # PAT secret value TABLEAU_API_VERSION=3.21 # Tableau REST API version ``` --- ## Testing Strategy for Phase 3 ### Manual Tests: 1. **Server Startup** - βœ… Server starts without errors - βœ… Logs startup message - βœ… Binds to correct port 2. **Health Check** - βœ… `GET /health` returns 200 OK - βœ… Response includes service name and status - βœ… No authentication required 3. **Authentication** - βœ… SSE without API key returns 401 - βœ… SSE with invalid API key returns 401 - βœ… SSE with valid API key allows connection 4. **SSE Endpoint** - βœ… SSE endpoint exists at `/sse` - βœ… Returns proper SSE headers - βœ… Accepts MCP protocol messages - βœ… Maintains connection 5. **CORS** - βœ… Preflight OPTIONS requests work - βœ… Proper CORS headers in response - βœ… Cursor client can connect 6. **Error Handling** - βœ… Invalid routes return 404 - βœ… Server errors return 500 - βœ… Errors are logged properly 7. **Logging** - βœ… All requests are logged - βœ… Sensitive data is sanitized - βœ… Log format is structured --- ## File Structure After Phase 3 ``` tableau-mcp-project/ β”œβ”€β”€ src/ β”‚ β”œβ”€β”€ server.ts # βœ… Complete MCP server implementation β”‚ β”œβ”€β”€ tableau-client.ts # βœ… From Phase 2 β”‚ β”œβ”€β”€ types.ts # βœ… From Phase 2 β”‚ └── tools/ # πŸ“ Ready for Phase 4 β”œβ”€β”€ package.json # βœ… All dependencies installed β”œβ”€β”€ tsconfig.json # βœ… TypeScript configured β”œβ”€β”€ .env.example # βœ… Environment template β”œβ”€β”€ Dockerfile # βœ… From Phase 1 └── README.md # βœ… From Phase 1 ``` --- ## Success Criteria Phase 3 is complete when: - βœ… SSE endpoint is functional and accepts connections - βœ… Authentication middleware protects MCP endpoints - βœ… MCP server is initialized and configured - βœ… Tool registration framework is ready (for Phase 4) - βœ… CORS is properly configured - βœ… Structured logging is implemented - βœ… Enhanced health check includes dependencies - βœ… Error handling is comprehensive - βœ… Code compiles with no TypeScript errors - βœ… Manual testing confirms all functionality - βœ… Server is ready for tool implementation (Phase 4) --- ## Code Quality Checklist - [x] βœ… TypeScript compilation successful (no errors) - [x] βœ… All imports are correctly typed - [x] βœ… Environment variables are validated on startup - [x] βœ… Error messages are clear and actionable - [x] βœ… Logging is structured and searchable - [x] βœ… Code is well-commented - [x] βœ… Security best practices followed - [x] βœ… Sensitive data is never logged --- ## Known Issues & Limitations ### Phase 3 Scope: - βœ… No tools implemented yet (Phase 4) - βœ… No Tableau operations yet (Phase 4) - βœ… Basic health check only (enhanced after tools added) ### Future Improvements: - Rate limiting middleware (future enhancement) - Request timeout configuration - Metrics collection (Prometheus/OpenTelemetry) - Advanced logging (structured JSON to Cloud Logging) --- ## Dependencies & References ### Phase 2 Outputs (Required): - `src/tableau-client.ts` - TableauClient class - `src/types.ts` - Type definitions ### External References: - MCP SDK Documentation: https://modelcontextprotocol.io/docs - Tableau REST API: https://help.tableau.com/current/api/rest_api/en-us/ - SSE Specification: https://developer.mozilla.org/en-US/docs/Web/API/Server-sent_events ### Similar Implementations: - Thesus MCP (reference for SSE transport) - Forsta Cloud MCP (reference for authentication) --- ## Timeline **Estimated Time**: 3-4 hours **Actual Time**: ~1.5 hours **Started**: November 18, 2025 **Completed**: November 18, 2025 --- ## Implementation Progress ### βœ… Completed Tasks: 1. **Dependencies Installation** - βœ… Installed `cors` package (v2.8.5) - βœ… Installed `@types/cors` for TypeScript support - βœ… All dependencies verified in package.json 2. **SSE Transport Implementation** - βœ… Implemented `/sse` endpoint with MCP SDK SSEServerTransport - βœ… Configured proper SSE headers (text/event-stream) - βœ… Integrated MCP server with SSE transport - βœ… Added connection and disconnection logging - βœ… Implemented `/message` POST endpoint for MCP messages 3. **Authentication Middleware** - βœ… Created `authenticateAPIKey()` function - βœ… X-API-Key header validation - βœ… Constant-time comparison to prevent timing attacks - βœ… Protected `/sse` and `/message` endpoints - βœ… Health checks remain unauthenticated - βœ… Clear error messages for auth failures (401 responses) 4. **MCP Server Initialization** - βœ… Initialized MCP Server with proper capabilities - βœ… Created tool registry array (ready for Phase 4) - βœ… Implemented `registerTools()` framework function - βœ… Set server name and version metadata - βœ… Configured tools capability 5. **CORS Configuration** - βœ… Implemented dynamic origin validation - βœ… Allowed Cursor domains (cursor.sh, *.cursor.sh) - βœ… Allowed localhost for development - βœ… Configured proper methods (GET, POST, OPTIONS) - βœ… Set allowed headers (Content-Type, X-API-Key, Accept) - βœ… 24-hour preflight cache (maxAge: 86400) 6. **Structured Logging System** - βœ… Created `Logger` class with three levels (info, warn, error) - βœ… Implemented automatic data sanitization - βœ… Redacts API keys, tokens, passwords, secrets - βœ… Structured JSON log format - βœ… Request ID generation and tracking - βœ… Request/response logging middleware - βœ… Duration tracking for performance monitoring 7. **Enhanced Health Checks** - βœ… `/health` - Basic health check (always responds) - βœ… `/health/live` - Liveness probe with uptime - βœ… `/health/ready` - Readiness probe with dependency checks - βœ… Tableau connectivity validation - βœ… Comprehensive health status reporting 8. **Error Handling** - βœ… 404 handler for unknown routes - βœ… Global error handler with status code mapping - βœ… Structured error responses with codes - βœ… Error logging with stack traces - βœ… Request ID in error context 9. **Additional Features** - βœ… Graceful shutdown handlers (SIGTERM, SIGINT) - βœ… Environment variable validation on startup - βœ… Server start time tracking for uptime calculation - βœ… Informative startup banner with ASCII art - βœ… Exported modules for testing (app, mcpServer, Logger, toolRegistry) 10. **Code Quality** - βœ… TypeScript compilation successful (0 errors) - βœ… Proper type definitions for all functions - βœ… Comprehensive code comments - βœ… Organized into logical sections - βœ… 540 lines of production-ready code ### πŸ”„ In Progress: - None ### ⏸️ Blocked: - None --- ## Next Steps (After Phase 3) Once Phase 3 is complete, proceed to: **Phase 4: Core MCP Tools Implementation** - Implement 6 core tools with Zod validation - Register tools with MCP server - Test tool invocation through SSE - Format responses for LLM consumption --- ## Notes - This phase focuses entirely on server infrastructure - No Tableau-specific business logic yet (that's Phase 4) - Authentication uses simple API key (suitable for Cloud Run) - SSE transport enables remote access from Cursor - Server will be production-ready after this phase --- ## Phase 3 Summary **Phase 3 has been successfully completed!** πŸŽ‰ ### What Was Delivered: - βœ… **540 lines of production-ready TypeScript code** - βœ… **Full MCP server with SSE transport** for remote access from Cursor - βœ… **Secure authentication** with X-API-Key middleware - βœ… **Comprehensive logging** with automatic data sanitization - βœ… **Enhanced health checks** with Tableau connectivity validation - βœ… **CORS configuration** for Cursor integration - βœ… **Error handling** with structured error responses - βœ… **Tool registration framework** ready for Phase 4 - βœ… **Zero TypeScript compilation errors** ### Key Metrics: - **Total Lines of Code**: 540 lines in `src/server.ts` - **Compilation Errors**: 0 - **Endpoints Implemented**: 6 endpoints - `/sse` (SSE transport, authenticated) - `/message` (MCP messages, authenticated) - `/health` (basic health check) - `/health/live` (liveness probe) - `/health/ready` (readiness probe with dependencies) - 404 handler + global error handler - **Security Features**: API key auth, constant-time comparison, data sanitization - **Logging Features**: Structured JSON logs, request tracking, duration monitoring ### Ready for Phase 4: The server infrastructure is now complete and ready for tool implementation. The `toolRegistry` array and `registerTools()` function provide a clean framework for adding the 9 MCP tools in Phase 4. --- **Phase Lead**: AI Assistant **Review Status**: Complete βœ… **Last Updated**: November 18, 2025

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/russelenriquez-agile/tableau-mcp-project'

If you have feedback or need assistance with the MCP directory API, please join our Discord server