Secure MCP Gateway

v0.1.0Securitystable

Secure mcp infrastructure to audit and control every data access by AI agents with minimal efforts

ai-gatewayai-governanceai-securityai-security-toolaudit-logging
Share:
32
Stars
0
Downloads
0
Weekly
0/5

What is Secure MCP Gateway?

Secure MCP Gateway is a Model Context Protocol (MCP) server that allows AI assistants like Claude, Cursor, and VS Code to secure mcp infrastructure to audit and control every data access by ai agents with minimal efforts

Secure mcp infrastructure to audit and control every data access by AI agents with minimal efforts

This server falls under the Security category on MCPgee, the world's largest MCP server directory with 33,000+ servers.

Features

  • Secure mcp infrastructure to audit and control every data ac

Use Cases

Audit and control every data access action performed by AI agents.
Implement governance and security policies for MCP server interactions.
Monitor agent behavior with minimal configuration overhead.
datacline

Maintainer

LicenseMIT
Languagetypescript
Versionv0.1.0
UpdatedMay 13, 2026
Statushealthy
Maintenanceactive

Works with

ClaudeOpenAIwindowsmacoslinux

Installation

NPM

npx -y @datacline/smcp

Manual Installation

npx -y @datacline/smcp

Configuration

Configuration Details

Config File

claude_desktop_config.json

Performance

Response Metrics

Response Time< 200ms
ThroughputMedium

Resource Usage

Memory UsageLow
CPU UsageLow

How to Set Up and Use Secure MCP Gateway

Secure MCP Gateway is an enterprise-grade proxy that sits between AI agents and your MCP servers, auditing and enforcing access policies on every tool call. It provides a web management UI, a policy engine, group-based tool filtering, optional Keycloak authentication, and structured audit logging — letting teams govern which AI agents can invoke which tools without modifying the servers themselves. Organizations use it to meet GDPR and security requirements around AI data access.

Prerequisites

  • Docker and Docker Compose installed for the recommended deployment
  • Ports 5173 (frontend), 8000 (gateway), 8080 (Keycloak), and 9000 (policy engine) available
  • npm installed if using the @datacline/smcp CLI tool
  • An MCP client such as Claude Desktop configured to point at the gateway URL
1

Clone the repository and start all services

Docker Compose brings up the Java gateway, Go policy engine, and React frontend in one command. The web UI becomes available at http://localhost:5173 with no login required by default.

git clone https://github.com/datacline/secure-mcp-gateway.git && cd secure-mcp-gateway && docker-compose up -d
2

Open the management dashboard

Navigate to http://localhost:5173 in your browser. From here you can add MCP servers, define groups, and configure access policies through the GUI.

3

Add your MCP servers to the gateway

Register your existing MCP servers through the dashboard or via the REST API so the gateway can proxy tool calls to them.

curl -X POST http://localhost:8000/mcp/servers \
  -H "Content-Type: application/json" \
  -d '{"name":"github","url":"http://github-mcp:3000"}'
4

Create a tool group for your AI agents

Groups define which subset of tools an agent or team can access. The gateway enforces the intersection of server tools, policy-allowed tools, and group-configured tools.

npx -y @datacline/smcp group create engineering --description "Engineering team tools"
5

Configure your MCP client to use the gateway

Update your Claude Desktop or other MCP client to point at the gateway's group endpoint instead of connecting to MCP servers directly.

{
  "mcpServers": {
    "secure-gateway": {
      "url": "http://localhost:8000/mcp/group/1/mcp",
      "transport": {"type": "http"}
    }
  }
}

Secure MCP Gateway Examples

Client configuration

Claude Desktop configuration connecting through the gateway. Replace group/1 with the actual group ID assigned in the dashboard. Enable AUTH_ENABLED and configure Keycloak for production deployments.

{
  "mcpServers": {
    "secure-gateway": {
      "url": "http://localhost:8000/mcp/group/1/mcp",
      "transport": {"type": "http"}
    }
  }
}

Prompts to try

The gateway is transparent to end users — they interact with the underlying MCP tools normally while all calls are audited.

- "List all tools I have access to through the gateway"
- "Use the GitHub tool to list open pull requests in my repo"
- "Show me the audit log for the last 24 hours of tool calls"
- "Which tools are blocked by the current policy for my group?"

Troubleshooting Secure MCP Gateway

Docker Compose services fail to start due to port conflicts

Set the SERVER_PORT, POLICY_ENGINE_URL, or Keycloak port environment variables in a .env file before running docker-compose up. Check which ports are in use with 'lsof -i :8000' and adjust accordingly.

The MCP client receives 'unauthorized' errors when calling tools

If AUTH_ENABLED is true, obtain a bearer token from Keycloak using the openid-connect/token endpoint with your username and password, then add the Authorization header to client requests. If testing locally, set AUTH_ENABLED=false in docker-compose to disable authentication.

Tools are visible in the server but not appearing in the gateway group

The gateway exposes only the intersection of server tools, policy-allowed tools, and group-configured tools. Open the dashboard, navigate to your group, and verify that the desired tools are both permitted by the policy and explicitly added to the group configuration.

Frequently Asked Questions about Secure MCP Gateway

What is Secure MCP Gateway?

Secure MCP Gateway is a Model Context Protocol (MCP) server that secure mcp infrastructure to audit and control every data access by ai agents with minimal efforts It connects AI assistants to external tools and data sources through a standardized interface.

How do I install Secure MCP Gateway?

Install via npm with the command: npx -y @datacline/smcp. Then add the server configuration to your AI client's JSON config file (e.g., claude_desktop_config.json or .cursor/mcp.json).

Which AI clients work with Secure MCP Gateway?

Secure MCP Gateway works with all major MCP-compatible AI clients including Claude Desktop, Claude Code, Cursor, VS Code (GitHub Copilot), Windsurf, and Cline.

Is Secure MCP Gateway free to use?

Yes, Secure MCP Gateway is open source and available under the MIT license. You can use it freely in both personal and commercial projects.

Secure MCP Gateway Alternatives — Similar Security Servers

Looking for alternatives to Secure MCP Gateway? Here are other popular security servers you can use with Claude, Cursor, and VS Code.

Casdoor

13.6k

An open-source Agent-first Identity and Access Management (IAM) /LLM MCP & agent gateway and auth server with web UI supporting OpenClaw, MCP, OAuth, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID, Google Workspace, Azure AD

ghidraMCP

9.0k

An Model Context Protocol server that enables LLMs to autonomously reverse engineer applications by exposing Ghidra's decompilation and analysis tools. It allows AI agents to list code structures, rename methods, and analyze binaries directly through

HexStrike AI

8.9k

HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug bounty automation, and security research. Seamlessly b

IDA Pro MCP

8.7k

Enables AI-assisted reverse engineering in IDA Pro by providing tools to analyze binaries, decompile functions, manage comments, search patterns, and interact with the IDA database through natural language.

Anthropic Cybersecurity Skills

6.6k

754 structured cybersecurity skills for AI agents · Mapped to 5 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND & NIST AI RMF · agentskills.io standard · Works with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI & 20+ platform

Hooker

5.1k

🔥🔥 hooker is a Frida-based reverse engineering toolkit for Android. It offers a user-friendly CLI, universal scripts, auto hook generation, memory roaming to detect activities/services, one-click SOCKS5 proxy setup, Frida JustTrustMe, and BoringSSL u

Browse More Security MCP Servers

Explore all security servers available in the MCPgee directory. Each server includes setup guides for Claude, Cursor, and VS Code.

Quick Config Preview

{ "mcpServers": { "secure-mcp-gateway": { "command": "npx", "args": ["-y", "@datacline/smcp"] } } }

Add this to your claude_desktop_config.json or .cursor/mcp.json

Read the full setup guide →

Ready to use Secure MCP Gateway?

Browse our complete directory of 33,000+ MCP servers, read setup guides for your editor, and start building with the Model Context Protocol.

33,000+ ServersFree & Open SourceStep-by-Step Guides