Enterprise MCP Server
Provides tools to interact with Git repositories, such as reading commits, files, branches, and creating branches/commits.
Provides tools for interacting with Jira, enabling management of issues, projects, and other Jira entities.
Allows executing SQL queries on MySQL databases, including reading and writing data.
Allows executing SQL queries on PostgreSQL databases, including reading and writing data.
Allows executing SQL queries on SQLite databases, including reading and writing data.
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@Enterprise MCP Serverlist files in /data/shared"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
Enterprise MCP Server
A single MCP server that exposes safe, permission-checked "tools" for AI assistants (Claude, ChatGPT, etc.) to reach:
File systems (local / mounted directories)
Databases (SQL, via SQLAlchemy — works with Postgres/MySQL/SQLite)
APIs (generic authenticated REST calls)
Git repositories (read commits, files, branches; create branches/commits)
Cloud services (AWS S3 example, swappable for Azure Blob / GCS)
Business applications (Jira example, template for SAP/Salesforce)
The AI never talks to SAP, Postgres, GitHub, or S3 directly. It only talks to this server, and this server enforces auth, permissions, and logging before touching the real system.
Claude / ChatGPT
│ (MCP protocol, stdio or HTTP)
▼
Enterprise MCP Server (this project)
│
├── auth.py → who is calling, what can they do
├── logger.py → audit trail of every tool call
└── tools/
├── filesystem_tools.py
├── database_tools.py
├── api_tools.py
├── git_tools.py
├── cloud_tools.py
└── business_tools.py (Jira example)1. Install
python3 -m venv venv
source venv/bin/activate
pip install -r requirements.txt
cp .env.example .env # then fill in real credentialsRelated MCP server: Catalyst MCP Server
2. Configure
Edit .env:
# Filesystem
FS_ROOT=/data/shared # AI can only read/write inside this folder
# Database
DB_URL=postgresql://user:pass@host:5432/dbname
# Generic API
API_BASE_URL=https://api.example.com
API_TOKEN=xxxxx
# Git
GIT_REPO_PATH=/data/repos/my-repo
# Cloud (AWS S3 example)
AWS_ACCESS_KEY_ID=xxxx
AWS_SECRET_ACCESS_KEY=xxxx
AWS_BUCKET=my-bucket
AWS_REGION=us-east-1
# Jira (business app example)
JIRA_BASE_URL=https://yourcompany.atlassian.net
JIRA_EMAIL=bot@yourcompany.com
JIRA_API_TOKEN=xxxx
# Server auth — tokens allowed to call this MCP server, mapped to roles
MCP_TOKENS_JSON={"finance-token-123":"finance","hr-token-456":"hr","admin-token-789":"admin"}Never commit .env. Only .env.example (with fake values) goes into git.
3. Run
python server.pyBy default this runs over stdio — the standard way Claude Desktop / Claude
Code launch local MCP servers. To expose it over HTTP for remote clients,
see server.py — there's a commented-out mcp.run(transport="streamable-http") block.
4. Point an MCP client at it
Claude Desktop / Claude Code (claude_desktop_config.json or .mcp.json):
{
"mcpServers": {
"enterprise": {
"command": "python",
"args": ["/absolute/path/to/mcp-enterprise-server/server.py"],
"env": {
"MCP_CALLER_TOKEN": "finance-token-123"
}
}
}
}5. How permissions work here
Every tool call goes through auth.require_permission(role, action) before
touching a real system. Roles and their allowed actions live in
auth.py -> ROLE_PERMISSIONS. This is intentionally simple (a Python dict) —
swap it for OAuth2/Entra ID + a real policy engine (OPA, Casbin) once you move
past prototyping. See "Hardening for production" below.
Every call is also written to audit.log via logger.py, with: timestamp,
caller role, tool name, arguments (redacted), and result status.
6. Adding a new connector (e.g. Salesforce, SAP)
Create
tools/salesforce_tools.py, following the pattern intools/business_tools.py(Jira). Wrap the vendor SDK/REST calls in plain Python functions that return JSON-serializable data.In
server.py, import the module and register each function with@mcp.tool().Add required permission checks (
auth.require_permission(...)) inside each function, not just at the top-level route — defense in depth.Add new env vars to
.env.exampleandconfig.py.Add an entry to
auth.ROLE_PERMISSIONSfor who can call it.
7. Hardening for production (do this before connecting real enterprise data)
Replace the static token map in
auth.pywith real OAuth 2.0 / Microsoft Entra ID / SAML, validating short-lived JWTs.Terminate the server behind HTTPS/TLS (reverse proxy: nginx/Caddy), never plain HTTP.
Move
audit.loginto a real log pipeline (ELK, Splunk, CloudWatch) with tamper-evidence / write-once storage.Add rate limiting per caller (e.g.
slowapiif using HTTP transport).Store secrets in a vault (AWS Secrets Manager, HashiCorp Vault, Azure Key Vault) — not in
.envon disk.Restrict
FS_ROOTand DB credentials to least privilege — a read-only DB user for read tools, a separate write-scoped user for write tools.Add automated tests per tool (see
tests/— start one per connector).Run periodic dependency updates + a security scan (
pip-audit,npm audit).Penetration test before go-live, especially the auth boundary.
Project layout
mcp-enterprise-server/
├── README.md
├── requirements.txt
├── .env.example
├── config.py # loads env vars
├── auth.py # token → role, role → permissions
├── logger.py # audit logging
├── server.py # MCP server entrypoint, registers all tools
└── tools/
├── __init__.py
├── filesystem_tools.py
├── database_tools.py
├── api_tools.py
├── git_tools.py
├── cloud_tools.py
└── business_tools.pyThis server cannot be installed
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/Walkaroo-Dev/MCP_Server'
If you have feedback or need assistance with the MCP directory API, please join our Discord server