sentinelone-mcp
sentinelone-mcp
Multitenant Streamable HTTP wrapper for sentinel-one/purple-mcp, built so the wyre-technology MCP gateway can forward per-tenant SentinelOne credentials as HTTP headers.
Why
purple-mcp is a great first-party MCP server, but it reads its SentinelOne console token + URL from environment variables at process startup, which makes it single-tenant per container. Our gateway is multi-tenant: every request carries the calling org's credentials as HTTP headers, and the vendor container has to translate those headers into something the upstream understands.
This image bundles purple-mcp plus a small Node/Fastify proxy. The proxy:
Listens on
:8080withPOST /mcpandGET /health.Reads
x-purplemcp-tokenandx-purplemcp-base-urlfrom each incoming request.Lazily spawns one
purple-mcp --mode streamable-httpchild per(token, base-url)tenant on a private loopback port, with the right env vars set.Proxies the request body to that child and streams the response back.
Evicts idle children after 15 minutes (
IDLE_EVICT_MS).
The result is a single container that the gateway can talk to like any other vendor MCP server.
Configuration
Env var | Default | Notes |
|
| Public listen port. |
|
| Where purple-mcp source + venv live. |
|
| Python interpreter from the upstream venv. |
|
| Idle tenant timeout. |
|
| How long to wait for a child to start serving HTTP. |
|
| Fastify log level. |
Request headers
The gateway must forward these headers on every /mcp request:
Header | SentinelOne credential |
|
|
|
|
Build
docker build -t ghcr.io/wyre-technology/sentinelone-mcp:latest .License
Apache-2.0. The bundled purple-mcp is MIT-licensed by SentinelOne.
Latest Blog Posts
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/wyre-technology/sentinelone-mcp'
If you have feedback or need assistance with the MCP directory API, please join our Discord server