Open API MCP Server
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@Open API MCP Serverlist APIs with tag users"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
Open API MCP Server
A Model Context Protocol (MCP) server that provides AI assistants with access to OpenAPI specifications, supporting OAuth 2.0 authentication flows.
Features
📖 OpenAPI Support: Load and parse OpenAPI 2.0, 3.0, and 3.1 specifications
🔐 OAuth 2.0 Authentication: Full support for Password, Client Credentials, and Authorization Code flows
🔑 Multiple Auth Methods: API Key, Bearer Token, Basic Auth, and OAuth 2.0
🔍 Smart Search: Search and filter API endpoints by path, method, tags, or keywords
📝 Detailed Schemas: Get complete request/response schemas for any endpoint
🚀 API Execution: Call APIs directly with automatic authentication
📊 Request Logging: Track all API calls with detailed logs
Related MCP server: Any API MCP Server
Installation
Option 1: Using npx (Recommended)
No installation required! Use npx to run directly:
npx @yanhao-an/open-api-mcpOption 2: Global Installation
npm install -g @yanhao-an/open-api-mcp
open-api-mcpOption 3: From Source (Development)
git clone https://github.com/HaoYan-A/open-api-mcp.git
cd open-api-mcp
npm install
npm run build
npm startConfiguration
Create a .env file in the project root:
# Required: OpenAPI Specification URL
OPENAPI_SPEC_URL=http://127.0.0.1/v3/api-docs
# Authentication Mode
# Options: none, apiKey, bearer, basic, oauth2
AUTH_MODE=oauth2
# OAuth 2.0 Configuration (if AUTH_MODE=oauth2)
OAUTH_FLOW=clientCredentials
OAUTH_CLIENT_ID=your-client-id
OAUTH_CLIENT_SECRET=your-client-secret
OAUTH_TOKEN_URL=https://auth.example.com/oauth/token
OAUTH_SCOPE=read write
# Logging
LOG_LEVEL=info
LOG_REQUESTS=true
LOG_RESPONSES=trueAuthentication Modes
1. OAuth 2.0 - Client Credentials Flow
Best for machine-to-machine communication:
AUTH_MODE=oauth2
OAUTH_FLOW=clientCredentials
OAUTH_CLIENT_ID=your-client-id
OAUTH_CLIENT_SECRET=your-client-secret
OAUTH_TOKEN_URL=https://auth.example.com/oauth/token
OAUTH_SCOPE=api.access2. OAuth 2.0 - Password Flow
For username/password authentication:
AUTH_MODE=oauth2
OAUTH_FLOW=password
OAUTH_CLIENT_ID=your-client-id
OAUTH_CLIENT_SECRET=your-client-secret
OAUTH_USERNAME=user@example.com
OAUTH_PASSWORD=your-password
OAUTH_TOKEN_URL=https://auth.example.com/oauth/token
OAUTH_SCOPE=read write3. OAuth 2.0 - Authorization Code Flow
For user authorization with redirect:
AUTH_MODE=oauth2
OAUTH_FLOW=authorizationCode
OAUTH_CLIENT_ID=your-client-id
OAUTH_CLIENT_SECRET=your-client-secret
OAUTH_AUTH_URL=https://auth.example.com/oauth/authorize
OAUTH_TOKEN_URL=https://auth.example.com/oauth/token
OAUTH_REDIRECT_URI=http://localhost:3000/callback
OAUTH_CODE=<authorization-code-from-redirect>4. API Key Authentication
AUTH_MODE=apiKey
API_KEY=your-api-key
API_KEY_HEADER=Authorization
API_KEY_PREFIX=Bearer5. Bearer Token
AUTH_MODE=bearer
BEARER_TOKEN=your-bearer-token6. Basic Authentication
AUTH_MODE=basic
BASIC_AUTH_USER=username
BASIC_AUTH_PASS=passwordUsage
Running the Server
# Development mode
npm run dev
# Production mode
npm start
# Test with MCP Inspector
npm run inspectUsing with Claude Desktop
Add to your Claude Desktop configuration (~/Library/Application Support/Claude/claude_desktop_config.json on macOS):
{
"mcpServers": {
"open-api": {
"command": "npx",
"args": ["-y", "@yanhao-an/open-api-mcp"],
"env": {
"OPENAPI_SPEC_URL": "http://127.0.0.1/v3/api-docs",
"AUTH_MODE": "oauth2",
"OAUTH_FLOW": "clientCredentials",
"OAUTH_CLIENT_ID": "your-client-id",
"OAUTH_CLIENT_SECRET": "your-client-secret",
"OAUTH_TOKEN_URL": "https://auth.example.com/oauth/token"
}
}
}
}Or if you installed it globally:
{
"mcpServers": {
"open-api": {
"command": "open-api-mcp",
"args": [],
"env": {
"OPENAPI_SPEC_URL": "http://127.0.0.1/v3/api-docs",
"AUTH_MODE": "oauth2",
"OAUTH_FLOW": "clientCredentials",
"OAUTH_CLIENT_ID": "your-client-id",
"OAUTH_CLIENT_SECRET": "your-client-secret",
"OAUTH_TOKEN_URL": "https://auth.example.com/oauth/token"
}
}
}
}MCP Tools
1. listApi
List all available API endpoints with optional filtering.
Parameters:
tag(optional): Filter by tag namelimit(optional): Maximum results (default: 50)offset(optional): Skip results (default: 0)
Example:
{
"tag": "users",
"limit": 20
}2. searchApi
Search for API endpoints by keyword.
Parameters:
query(required): Search querymethod(optional): HTTP method filtertag(optional): Tag filter
Example:
{
"query": "user",
"method": "GET"
}3. getApiSchema
Get detailed schema for a specific endpoint.
Parameters:
path(required): API path (e.g.,/users/{id})method(required): HTTP method
Example:
{
"path": "/api/users/{id}",
"method": "GET"
}4. callApi
Execute an API request with authentication.
Parameters:
path(required): API pathmethod(required): HTTP methodparams(optional): Query parametersbody(optional): Request bodyheaders(optional): Additional headers
Example:
{
"path": "/api/users",
"method": "POST",
"body": {
"name": "John Doe",
"email": "john@example.com"
}
}5. getAuthStatus
Get current authentication status and configuration.
6. getApiInfo
Get OpenAPI document information (title, version, base URL, tags).
Project Structure
open-api-mcp/
├── src/
│ ├── auth/ # Authentication management
│ │ ├── auth-manager.ts # Main auth manager
│ │ ├── oauth2-handler.ts # OAuth 2.0 orchestrator
│ │ ├── token-manager.ts # Token storage
│ │ └── flows/ # OAuth 2.0 flow implementations
│ ├── openapi/ # OpenAPI document handling
│ │ ├── loader.ts # Load from URL
│ │ ├── parser.ts # Parse and index
│ │ └── cache.ts # Document caching
│ ├── api/ # API execution
│ │ └── caller.ts # HTTP client with auth
│ ├── tools/ # MCP tools
│ │ └── index.ts # Tool registration
│ ├── logger.ts # Logging utility
│ ├── types.ts # TypeScript types
│ └── index.ts # Main entry point
├── package.json
├── tsconfig.json
└── .envDevelopment
# Install dependencies
npm install
# Build TypeScript
npm run build
# Watch mode
npm run watch
# Test with inspector
npm run inspectOAuth 2.0 Flow Details
Token Management
Automatic Refresh: Tokens are automatically refreshed when expired
Token Caching: Valid tokens are cached to reduce auth requests
Expiry Buffer: Tokens are refreshed 60 seconds before expiry
Flow Selection Guide
Client Credentials: Best for server-to-server, no user context
Password Flow: For trusted applications with username/password
Authorization Code: For user-authorized access with redirect flow
Logging
The server provides detailed logging for debugging:
# Log levels: debug, info, warn, error
LOG_LEVEL=debug
# Enable/disable request logging
LOG_REQUESTS=true
# Enable/disable response logging
LOG_RESPONSES=trueRequest logs include:
Timestamp
HTTP method and URL
Authentication mode
Request parameters and body
Response status and data
Request duration
Troubleshooting
"Failed to load OpenAPI document"
Verify
OPENAPI_SPEC_URLis correct and accessibleCheck network connectivity
Ensure the URL returns valid OpenAPI JSON/YAML
"OAuth 2.0 flow failed"
Verify OAuth credentials (client ID, secret)
Check token URL is correct
Ensure required scopes are available
Review server logs for specific error messages
"Token refresh failed"
Verify refresh token is valid
Check if refresh tokens are supported by the auth server
Try re-authenticating to get a new token
License
MIT
Contributing
Contributions are welcome! Please feel free to submit issues or pull requests.
This server cannot be installed
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/HaoYan-A/open-api-mcp'
If you have feedback or need assistance with the MCP directory API, please join our Discord server