.png)
10 hours ago
2
The MCP Gateway & Registry is an enterprise-ready platform that centralizes access to AI development tools using the Model Context Protocol (MCP). Instead of managing hundreds of individual tool configurations across your development teams, provide secure, governed access to curated AI tools through a single platform.
Transform this chaos:
Into this organized approach:
Experience dynamic tool discovery and intelligent MCP server integration in real-time
Interactive terminal interface for chatting with AI models and discovering MCP tools in natural language. Talk to the registry using a Claude Code-like conversational interface with real-time token status, cost tracking, and AI model selection.
Quick Start: registry --url https://mcpgateway.ddns.net | Full Guide
- 🤖 Agentic CLI for MCP Registry - Talk to the Registry in natural language using a Claude Code-like interface. Discover tools, ask questions, and execute MCP commands conversationally. Learn more
- 💬 Interactive MCP-Registry CLI - Terminal-based chat interface with AI-powered MCP tool discovery. Supports Amazon Bedrock and Anthropic API. MCP-Registry CLI
- 🔒 MCP Server Security Scanning - Integrated vulnerability scanning with Cisco AI Defence MCP Scanner. Automatic security scans during server registration, periodic registry-wide scans with detailed markdown reports, and automatic disabling of servers with security issues.
- 📥 Import Servers from Anthropic MCP Registry - Import curated MCP servers from Anthropic's registry with a single command. Import Guide
- 🔌 Anthropic MCP Registry REST API Compatibility - Full compatibility with Anthropic's MCP Registry REST API specification. API Documentation
- 🚀 Pre-built Images - Deploy instantly with pre-built Docker images. Get Started | macOS Guide
- 🔐 Keycloak Integration - Enterprise authentication with AI agent audit trails and group-based authorization. Learn more
- 📊 Real-Time Metrics & Observability - Grafana dashboards with SQLite and OpenTelemetry integration. Observability Guide
- Amazon Bedrock AgentCore Integration - AgentCore Gateway support with dual authentication. Integration Guide
Provide both autonomous AI agents and human developers with secure access to approved tools through AI coding assistants (VS Code, Cursor, Claude Code) while maintaining IT oversight and compliance.
Centralized authentication, fine-grained permissions, and comprehensive audit trails for SOX/GDPR compliance pathways across both human and AI agent access patterns.
AI agents can autonomously discover and execute specialized tools beyond their initial capabilities using intelligent semantic search, while developers get guided tool discovery through their coding assistants.
Single gateway supporting both autonomous AI agents (machine-to-machine) and AI coding assistants (human-guided) with consistent authentication and tool access patterns.
The MCP Gateway & Registry provides a unified platform for both autonomous AI agents and AI coding assistants to access enterprise-curated tools through a centralized gateway with comprehensive authentication and governance.
Key Architectural Benefits:
- Unified Gateway: Single point of access for both AI agents and human developers through coding assistants
- Dual Authentication: Supports both human user authentication and machine-to-machine agent authentication
- Scalable Infrastructure: Nginx reverse proxy with horizontal scaling capabilities
- Multiple Transports: SSE and Streamable HTTP support for different client requirements
- OAuth 2.0/3.0 compliance with IdP integration
- Fine-grained access control at tool and method level
- Zero-trust network architecture
- Complete audit trails and comprehensive analytics for compliance
- Single configuration works across autonomous AI agents and AI coding assistants (VS Code, Cursor, Claude Code, Cline)
- Dynamic tool discovery with natural language queries for both agents and humans
- Instant onboarding for new team members and AI agent deployments
- Unified governance for both AI agents and human developers
- Container-native (Docker/Kubernetes)
- Real-time health monitoring and alerting
- Dual authentication supporting both human and machine authentication
📱 Running on macOS? See our macOS Setup Guide for platform-specific instructions and optimizations.
Get running in under 2 minutes with pre-built containers:
Step 1: Clone and setup
Step 2: Download embeddings model Download the required sentence-transformers model to the shared models directory:
Step 3: Configure environment Complete: Initial Environment Configuration - Configure domains, passwords, and authentication
Step 4: Deploy with pre-built images
For detailed information about all Docker images used with --prebuilt, see Pre-built Images Documentation.
Step 5: Initialize Keycloak Complete: Initialize Keycloak Configuration - Set up identity provider and security policies
Step 6: Access the registry
Step 7: Create your first agent Complete: Create Your First AI Agent Account - Create agent credentials for testing
Step 8: Restart auth server to apply new credentials
Step 9: Test the setup Complete: Testing with mcp_client.py and agent.py - Validate your setup works correctly
Benefits: No build time • No Node.js required • No frontend compilation • Consistent tested images
New to MCP Gateway? Start with our Complete Setup Guide for detailed step-by-step instructions from scratch on AWS EC2.
Python Scripts:
- ./cli/mcp_client.py - Core MCP operations (ping, list tools, call tools)
- ./tests/mcp_cmds.sh - Shell-based MCP testing operations
Python Agent:
- agents/agent.py - Full-featured Python agent with advanced AI capabilities
Next Steps: Testing Guide | Complete Installation Guide | Authentication Setup | AI Assistant Integration
Transform how both autonomous AI agents and development teams access enterprise tools with centralized governance:
Enterprise-curated MCP servers accessible through unified gateway |
AI assistants executing approved enterprise tools with governance |
|
Comprehensive real-time metrics and monitoring through Grafana dashboards with dual-path storage: SQLite for detailed historical analysis and OpenTelemetry (OTEL) export for integration with Prometheus, CloudWatch, Datadog, and other monitoring platforms. Track authentication events, tool executions, discovery queries, and system performance metrics. Learn more 
Real-time metrics and observability dashboard tracking server health, tool usage, and authentication events |
|
Seamlessly integrate with Anthropic's official MCP Registry to import and access curated MCP servers through your gateway:
- Import Servers: Select and import desired servers from Anthropic's registry with a single command
- Unified Access: Access imported servers through your gateway with centralized authentication and governance
- API Compatibility: Full support for Anthropic's Registry REST API specification - point your Anthropic API clients to this registry to discover available servers
Import and access curated MCP servers from Anthropic's official registry
Import Guide | Registry API Documentation
Integrated Vulnerability Detection:
- Automated Security Scanning - Integrated vulnerability scanning for MCP servers using Cisco AI Defence MCP Scanner, with automatic scans during registration and support for periodic registry-wide scans
- Detailed Security Reports - Comprehensive markdown reports with vulnerability details, severity assessments, and remediation recommendations
- Automatic Protection - Servers with security issues are automatically disabled with security-pending status to protect your infrastructure
- Compliance Ready - Security audit trails and vulnerability tracking for enterprise compliance requirements
Multiple Identity Modes:
- Machine-to-Machine (M2M) - For autonomous AI agents and automated systems
- Three-Legged OAuth (3LO) - For external service integration (Atlassian, Google, GitHub)
- Session-Based - For human developers using AI coding assistants and web interface
Supported Identity Providers: Keycloak, Amazon Cognito, and any OAuth 2.0 compatible provider. Learn more
Fine-Grained Permissions: Tool-level, method-level, team-based, and temporary access controls. Learn more
Cloud Platforms: Amazon EC2, Amazon EKS
Join the Discussion
- GitHub Discussions - Feature requests and general discussion
- GitHub Issues - Bug reports and feature requests
Contributing
- Contributing Guide - How to contribute code and documentation
- Code of Conduct - Community guidelines
- Security Policy - Responsible disclosure process
The following GitHub issues represent our current development roadmap and planned features:
Major Features
-
#128 - Add Microsoft Entra ID (Azure AD) Authentication Provider 🚧 IN PROGRESS Extend authentication support beyond Keycloak to include Microsoft Entra ID integration. Enables enterprise SSO for organizations using Azure Active Directory.
-
#170 - Architectural Proposal: Separate Gateway and Registry Containers 🚧 IN PROGRESS Architectural enhancement to separate gateway and registry functionality into independent containers for improved scalability, maintainability, and deployment flexibility.
-
#129 - Virtual MCP Server Support - Dynamic Tool Aggregation and Intelligent Routing 🚧 IN PROGRESS Enable logical grouping of tools from multiple backend servers with intelligent routing using Lua/JavaScript scripting. Provides purpose-built virtual servers that abstract away backend complexity.
-
#118 - Agent-as-Tool Integration: Dynamic MCP Server Generation Convert existing AI agents into MCP servers dynamically, enabling legacy agent ecosystems to participate in the MCP protocol without code rewrites.
-
#121 - Migrate to OpenSearch for Server Storage and Vector Search Replace current storage with OpenSearch to provide advanced vector search capabilities and improved scalability for large server registries.
-
#98 - Complete GDPR and SOX Compliance Implementation Full compliance implementation for GDPR and SOX requirements, including data retention policies, audit trails, and privacy controls.
-
#39 - Tool Popularity Scoring and Rating System Enhance tool discovery with popularity scores and star ratings based on usage patterns and agent feedback.
DevOps & Operations
-
#48 - Update EKS Helm Chart for Multi-Container Architecture Update Helm charts to support the new multi-container Docker Compose architecture for Kubernetes deployments.
-
#70 - Docker Build & Runtime Performance Optimization Optimize Docker build times and runtime performance for faster development and deployment cycles.
Completed
-
#132 - Registry UI: Add MCP Configuration Generator ✅ COMPLETED Copy-paste MCP configuration generator added to Registry UI for seamless integration with AI coding assistants (VS Code, Cursor, Claude Code).
-
#171 - Feature: Import Servers from Anthropic MCP Registry ✅ COMPLETED Anthropic MCP Registry import functionality implemented. Import curated servers with a single command and access through the gateway with full REST API compatibility. Import Guide | API Documentation
-
#37 - Multi-Level Registry Support ✅ COMPLETED (Closed via #179, #181) Registry-to-registry integration now supported through Anthropic MCP Registry import, enabling federated server discovery and access across different registries.
-
#159 - Add scope management: create/delete Keycloak groups with scope configuration ✅ COMPLETED Dynamic scope management functionality implemented with create-group, delete-group, list-groups, and server-to-group assignment commands through service management CLI. Includes comprehensive user management with group-based access control. Service Management Guide
-
#160 - Documentation: Add Amazon Bedrock AgentCore Gateway integration example ✅ COMPLETED Comprehensive documentation and examples for integrating Amazon Bedrock AgentCore Gateway with dual authentication (Keycloak ingress + Cognito egress), passthrough token mode, and complete MCP protocol flow. Integration Guide
-
#158 - Replace /opt/mcp-gateway with ${HOME}/mcp-gateway to eliminate sudo requirements ✅ COMPLETED Installation experience improved by using user home directory instead of /opt, removing the need for sudo privileges during setup.
-
#111 - Standalone Metrics Collection Service ✅ COMPLETED Dedicated metrics collection service implemented for comprehensive monitoring and analytics across all MCP Gateway components. Documentation
-
#38 - Usage Metrics and Analytics System ✅ COMPLETED Comprehensive usage tracking implemented across user and agent identities, with metrics emission from auth server, registry, and intelligent tool finder. Documentation
-
#120 - CLI Tool for MCP Server Registration and Health Validation ✅ COMPLETED Command-line interface for automated server registration, health checks, and registry management. Streamlines DevOps workflows and CI/CD integration. Documentation
-
#119 - Implement Well-Known URL for MCP Server Discovery ✅ COMPLETED Standardized discovery mechanism using /.well-known/mcp-servers endpoint for automatic server detection and federation across organizations.
-
#18 - Add Token Vending Capability to Auth Server ✅ COMPLETED Auth server token vending capabilities implemented for enhanced authentication workflows with OAuth token management and service account provisioning.
-
#5 - Add Support for KeyCloak as IdP Provider ✅ COMPLETED KeyCloak integration implemented with individual agent audit trails, group-based authorization, and production-ready service account management. Documentation
For the complete list of open issues, feature requests, and bug reports, visit our GitHub Issues page.
This project is licensed under the Apache-2.0 License - see the LICENSE file for details.
