MCP Ambassador Server
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@MCP Ambassador Serverlist published MCPs in marketplace"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
MCP Ambassador Server
Centralized authentication, authorization, and audit for MCP tools. One server governs every downstream MCP your organization uses.
What Is This
MCP Ambassador Server is the control plane for managing MCP tools across your organization. It proxies, authenticates, authorizes, and audits every tool call between AI clients and downstream MCP servers. Think of it as what LiteLLM does for LLM providers, but for MCP servers.
Related MCP server: Multi-MCP Hub
Key Features
MCP Marketplace -- Admin-published catalog of downstream MCPs with group-based visibility
User Self-Service -- Users browse, subscribe to, and manage their own tool access through the web portal
Per-User MCP Isolation -- Dedicated MCP instances per user with encrypted credential injection
Group-Based RBAC -- Control which teams see which tools through group assignments
Credential Vault -- AES-256-GCM encrypted per-user API keys with HKDF-derived keys
OAuth 2.0 Integration -- Authorization code flow for downstream MCP authentication (GitHub, etc.)
Admin Dashboard -- React SPA for managing users, groups, MCPs, and audit logs
Audit Logging -- Append-only JSONL log of every authentication decision and tool invocation
Kill Switches -- Instantly disable any MCP or client across the entire organization
Docker Deployment -- Single container with bind-mount volumes and auto-generated TLS
Quick Start
Prerequisites: Docker Engine 20+, docker compose v2
git clone https://github.com/mcpambassador/server.git
cd server
cp .env.example .env
docker compose upOpen https://localhost:9443 -- the first-run setup wizard will guide you through creating an admin account.
Ports
Port | Service |
8443 | Client API (MCP proxy endpoint) |
9443 | Admin and user web portal |
For production deployment, see the Deployment Guide.
MCP Lifecycle
Every MCP goes through a four-step lifecycle before users can access its tools:
Create (draft/pending) --> Validate (draft/valid) --> Discover Tools --> Publish (active)Step | Action | What Happens |
1. Create | Admin > MCPs > Create MCP | Define name, transport, command, environment variables, isolation mode. MCP starts as draft / pending. |
2. Validate | Click Validate on the MCP | Server checks the configuration is well-formed. Status moves to draft / valid. |
3. Discover Tools | Click Discover Tools | Server spawns the MCP process, connects, calls |
4. Publish | Click Publish | MCP becomes published and appears in the user Marketplace. |
After publishing, users can browse the Marketplace, subscribe their clients to the MCP, and start using the tools through their AI clients.
Note: If an MCP requires per-user credentials (e.g., API keys), the Discover Tools step will prompt for temporary credentials to use during discovery. These are not stored.
Connecting a Client
Install the MCP Ambassador Client to connect AI tools to this server.
npm install -g @mcpambassador/clientVS Code configuration example:
{
"mcp.servers": {
"mcpambassador": {
"command": "npx",
"args": ["-y", "@mcpambassador/client", "--config", "/path/to/amb-client-config.json"],
"env": {
"MCP_AMBASSADOR_URL": "https://localhost:8443",
"MCP_AMBASSADOR_PRESHARED_KEY": "amb_pk_YOUR_KEY"
}
}
}
}See @mcpambassador/client for Claude Desktop, OpenCode, and other integrations.
Monorepo Structure
Package | Description |
| Type-only API contract between client and server (zero runtime deps) |
| Database schema, SPI interfaces, pipeline, validation |
| Hono HTTP/2 server, REST API routes, MCP process pools |
| React 19 admin dashboard and user self-service portal |
| Preshared key and ephemeral session authentication |
| Group-based RBAC authorization |
| JSONL audit log provider |
| Zod schemas for API request/response validation |
Security
TLS on all ports (self-signed auto-generated or CA-signed)
Argon2id password hashing
AES-256-GCM credential encryption with per-user HKDF-derived keys
HMAC-SHA256 session tokens with configurable idle timeout
Process isolation for stdio MCP child processes
Non-root Docker container with read-only root filesystem
Append-only audit log for compliance and forensics
Development
# Prerequisites: Node.js 20+, pnpm 8.15+
pnpm install
pnpm -r build
pnpm -r test
pnpm -r lint
pnpm -r typecheck
pnpm format:checkRelated Projects
Project | Description |
Lightweight MCP proxy for developer workstations | |
Curated registry of 38+ MCP server configurations | |
Full documentation, guides, and API reference |
Configuration Reference
MCP Ambassador is configured via environment variables. All settings have production-ready defaults. See mcpambassador.ai/docs/configuration for the full reference.
Timing & Performance
These settings control session management, health monitoring, and internal scheduling. The defaults are tuned for production use with hundreds of concurrent sessions.
Setting | Default | Description |
Session TTL | 28800s (8h) | Client session token lifetime before re-authentication |
Session eval interval | 120s | How often the server checks for idle/expired sessions |
Session sweep interval | 1800s (30m) | How often the server purges expired sessions from memory |
Heartbeat expected interval | 120s | Expected interval between client heartbeats |
Heartbeat rate limit | 1 per 10s | Maximum heartbeat frequency per client |
Health check interval | 120s | How often the server checks downstream MCP health |
SPA Polling Intervals
The admin/user web portal polls the server for live data. These intervals balance responsiveness with server load.
Endpoint | Interval | Description |
Health status | 60s | MCP instance health |
MCP list | 60s | Admin MCP catalog |
Catalog | 60s | User marketplace |
Logs | 30s | MCP instance logs |
Deployment Profiles
Profile | Session TTL | Heartbeat | Eval Interval | Recommended For |
Default | 8h | 120s | 120s | Most production deployments |
High-security | 4h | 60s | 60s | Regulated environments, SOC2 |
Development | 24h | 30s | 30s | Local development, testing |
For client-side settings (heartbeat interval, cache TTL, catalog refresh), see @mcpambassador/client.
Contributing
We welcome contributions. See CONTRIBUTING.md for guidelines.
Prerequisites: Node.js 20+, pnpm 8.15+, Docker
Support
MCP Ambassador is free and open source. If it's useful to you, consider supporting development.
Support via GitHub Sponsors: https://github.com/sponsors/mcpambassador
Crypto donations:
Bitcoin:
3QH4WQoQqnhU3LhbZQU8ttXaNco5Ge3xVpEthereum:
0xa5462444c5AEf0B2e32822D9a9B7f91aC794FfF0
License
Apache License 2.0 -- see LICENSE.
Status
MCP Ambassador is at v0.8.0-beta.2. The API may change before 1.0. Production use is supported but expect breaking changes during the beta period.
This server cannot be installed
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/mcpambassador/server'
If you have feedback or need assistance with the MCP directory API, please join our Discord server