HAL (HTTP API Layer)

v1.0.14Developer Toolsstable

Make an HTTP GET request to a specified URL. Supports secret substitution using {secrets.key} syntax where 'key' corresponds to HAL_SECRET_KEY environment variables.

hal-http-api-layermcpai-integration
Share:
39
Stars
0
Downloads
0
Weekly
0/5

What is HAL (HTTP API Layer)?

HAL (HTTP API Layer) is a Model Context Protocol (MCP) server that allows AI assistants like Claude, Cursor, and VS Code to make an http get request to a specified url. supports secret substitution using {secrets.key} syntax where 'key' corresponds to hal_secret_key environment variables.

Make an HTTP GET request to a specified URL. Supports secret substitution using {secrets.key} syntax where 'key' corresponds to HAL_SECRET_KEY environment variables.

This server falls under the Developer Tools category on MCPgee, the world's largest MCP server directory with 33,000+ servers.

Features

  • http-get
  • http-post
  • http-put
  • http-patch
  • http-delete

Use Cases

Make HTTP GET requests to specified URLs.
Substitute secrets using environment variable syntax.
DeanWard

Maintainer

LicenseMIT License
Languagejavascript
Versionv1.0.14
UpdatedMay 3, 2026
Statushealthy
Maintenanceactive

Works with

ClaudeOpenAIwindowsmacoslinux

Installation

NPM

npx -y hal-mcp

Manual Installation

npx -y hal-mcp

Configuration

Configuration Details

Config File

claude_desktop_config.json

Performance

Response Metrics

Response Time< 200ms
ThroughputMedium

Resource Usage

Memory UsageLow
CPU UsageLow

How to Set Up and Use HAL (HTTP API Layer)

HAL (HTTP API Layer) is a lightweight MCP server that gives AI assistants the ability to make arbitrary HTTP requests — GET, POST, PUT, PATCH, DELETE, OPTIONS, and HEAD — with secure secret injection so credentials are never exposed in prompts or tool arguments. It supports loading OpenAPI/Swagger specifications to auto-generate strongly typed tools from your API's operation IDs, and enforces URL allowlists and denylists to control which endpoints the AI can reach. Developers building AI integrations with REST APIs can use it as a universal HTTP client that keeps secrets safely in environment variables while letting the model construct and execute requests.

Prerequisites

  • Node.js installed (npx available)
  • Any API credentials stored as HAL_SECRET_* environment variables
  • Optional: an OpenAPI/Swagger spec file or URL for auto-generated tools
  • An MCP-compatible client such as Claude Desktop
1

Install and run HAL via npx

No permanent installation is needed. Run hal-mcp directly with npx, passing environment variables for your secrets and API configuration.

npx hal-mcp
2

Set your secret environment variables

Store any API keys or tokens as HAL_SECRET_* variables. Use the {secrets.key} syntax in URLs and headers to reference them without exposing values to the model.

export HAL_SECRET_API_KEY=your_api_key_here
export HAL_SECRET_GITHUB_TOKEN=your_github_token
export HAL_API_BASE_URL=https://api.example.com
export HAL_SWAGGER_FILE=/path/to/openapi.json
3

Optionally load an OpenAPI specification

Point HAL_SWAGGER_FILE at a local file or URL to an OpenAPI 3.x or Swagger 2.x spec. HAL will auto-generate one MCP tool per operation, named swagger_{operationId}.

export HAL_SWAGGER_FILE=https://petstore3.swagger.io/api/v3/openapi.json
4

Configure URL allowlists for security

Restrict which URLs the AI can call by setting HAL_WHITELIST_URLS, or block specific patterns with HAL_BLACKLIST_URLS.

export HAL_WHITELIST_URLS=https://api.example.com/*,https://api.github.com/*
5

Add to your MCP client configuration

Configure Claude Desktop to launch hal-mcp via npx with your environment variables in the env block.

HAL (HTTP API Layer) Examples

Client configuration

Claude Desktop configuration for HAL. Secrets are passed as environment variables and referenced in requests using {secrets.key} syntax — values are never sent to the model.

{
  "mcpServers": {
    "hal": {
      "command": "npx",
      "args": ["hal-mcp"],
      "env": {
        "HAL_API_BASE_URL": "https://api.example.com",
        "HAL_SECRET_API_KEY": "your_api_key_here",
        "HAL_SECRET_GITHUB_TOKEN": "your_github_token",
        "HAL_WHITELIST_URLS": "https://api.example.com/*,https://api.github.com/*"
      }
    }
  }
}

Prompts to try

Sample prompts demonstrating HAL's HTTP request tools and secret substitution capabilities.

- "Make a GET request to https://api.example.com/users with Authorization header Bearer {secrets.api_key} and show the results"
- "POST to https://api.github.com/repos/owner/repo/issues with my GitHub token and create an issue titled 'Bug report'"
- "List the available secrets so I know what credentials are configured in HAL"
- "Fetch the OpenAPI docs resource to see what auto-generated API tools are available"

Troubleshooting HAL (HTTP API Layer)

Secret substitution not working — {secrets.key} appears literally in the request

Ensure the environment variable follows the exact naming convention: HAL_SECRET_ followed by the key name in UPPERCASE (e.g., HAL_SECRET_API_KEY maps to {secrets.api_key}). Dashes in the key name are converted to dots in namespace notation.

Request blocked with URL not allowed error

Check HAL_WHITELIST_URLS includes the target domain with a wildcard pattern (e.g., https://api.example.com/*). If HAL_BLACKLIST_URLS is set, confirm the URL is not matched by a blacklist pattern which takes precedence.

OpenAPI-generated tools do not appear in the client

Verify HAL_SWAGGER_FILE points to a valid and reachable OpenAPI 3.x or Swagger 2.x specification. Run npx hal-mcp with LOG_LEVEL=debug to see spec loading errors. Each operation must have a unique operationId for tool generation to succeed.

Frequently Asked Questions about HAL (HTTP API Layer)

What is HAL (HTTP API Layer)?

HAL (HTTP API Layer) is a Model Context Protocol (MCP) server that make an http get request to a specified url. supports secret substitution using {secrets.key} syntax where 'key' corresponds to hal_secret_key environment variables. It connects AI assistants to external tools and data sources through a standardized interface.

How do I install HAL (HTTP API Layer)?

Install via npm with the command: npx -y hal-mcp. Then add the server configuration to your AI client's JSON config file (e.g., claude_desktop_config.json or .cursor/mcp.json).

Which AI clients work with HAL (HTTP API Layer)?

HAL (HTTP API Layer) works with all major MCP-compatible AI clients including Claude Desktop, Claude Code, Cursor, VS Code (GitHub Copilot), Windsurf, and Cline.

Is HAL (HTTP API Layer) free to use?

Yes, HAL (HTTP API Layer) is open source and available under the MIT License license. You can use it freely in both personal and commercial projects.

Browse More Developer Tools MCP Servers

Explore all developer tools servers available in the MCPgee directory. Each server includes setup guides for Claude, Cursor, and VS Code.

Quick Config Preview

{ "mcpServers": { "hal-http-api-layer": { "command": "npx", "args": ["-y", "hal-mcp"] } } }

Add this to your claude_desktop_config.json or .cursor/mcp.json

Read the full setup guide →

Ready to use HAL (HTTP API Layer)?

Browse our complete directory of 33,000+ MCP servers, read setup guides for your editor, and start building with the Model Context Protocol.

33,000+ ServersFree & Open SourceStep-by-Step Guides