Secure MCP Gateway
Secure mcp infrastructure to audit and control every data access by AI agents with minimal efforts
What is Secure MCP Gateway?
Secure MCP Gateway is a Model Context Protocol (MCP) server that allows AI assistants like Claude, Cursor, and VS Code to secure mcp infrastructure to audit and control every data access by ai agents with minimal efforts
Secure mcp infrastructure to audit and control every data access by AI agents with minimal efforts
This server falls under the Security category on MCPgee, the world's largest MCP server directory with 33,000+ servers.
Features
- Secure mcp infrastructure to audit and control every data ac
Use Cases
Maintainer
Works with
Installation
NPM
npx -y @datacline/smcpManual Installation
npx -y @datacline/smcpConfiguration
Configuration Details
claude_desktop_config.json
Performance
Response Metrics
Resource Usage
How to Set Up and Use Secure MCP Gateway
Secure MCP Gateway is an enterprise-grade proxy that sits between AI agents and your MCP servers, auditing and enforcing access policies on every tool call. It provides a web management UI, a policy engine, group-based tool filtering, optional Keycloak authentication, and structured audit logging — letting teams govern which AI agents can invoke which tools without modifying the servers themselves. Organizations use it to meet GDPR and security requirements around AI data access.
Prerequisites
- Docker and Docker Compose installed for the recommended deployment
- Ports 5173 (frontend), 8000 (gateway), 8080 (Keycloak), and 9000 (policy engine) available
- npm installed if using the @datacline/smcp CLI tool
- An MCP client such as Claude Desktop configured to point at the gateway URL
Clone the repository and start all services
Docker Compose brings up the Java gateway, Go policy engine, and React frontend in one command. The web UI becomes available at http://localhost:5173 with no login required by default.
git clone https://github.com/datacline/secure-mcp-gateway.git && cd secure-mcp-gateway && docker-compose up -dOpen the management dashboard
Navigate to http://localhost:5173 in your browser. From here you can add MCP servers, define groups, and configure access policies through the GUI.
Add your MCP servers to the gateway
Register your existing MCP servers through the dashboard or via the REST API so the gateway can proxy tool calls to them.
curl -X POST http://localhost:8000/mcp/servers \
-H "Content-Type: application/json" \
-d '{"name":"github","url":"http://github-mcp:3000"}'Create a tool group for your AI agents
Groups define which subset of tools an agent or team can access. The gateway enforces the intersection of server tools, policy-allowed tools, and group-configured tools.
npx -y @datacline/smcp group create engineering --description "Engineering team tools"Configure your MCP client to use the gateway
Update your Claude Desktop or other MCP client to point at the gateway's group endpoint instead of connecting to MCP servers directly.
{
"mcpServers": {
"secure-gateway": {
"url": "http://localhost:8000/mcp/group/1/mcp",
"transport": {"type": "http"}
}
}
}Secure MCP Gateway Examples
Client configuration
Claude Desktop configuration connecting through the gateway. Replace group/1 with the actual group ID assigned in the dashboard. Enable AUTH_ENABLED and configure Keycloak for production deployments.
{
"mcpServers": {
"secure-gateway": {
"url": "http://localhost:8000/mcp/group/1/mcp",
"transport": {"type": "http"}
}
}
}Prompts to try
The gateway is transparent to end users — they interact with the underlying MCP tools normally while all calls are audited.
- "List all tools I have access to through the gateway"
- "Use the GitHub tool to list open pull requests in my repo"
- "Show me the audit log for the last 24 hours of tool calls"
- "Which tools are blocked by the current policy for my group?"Troubleshooting Secure MCP Gateway
Docker Compose services fail to start due to port conflicts
Set the SERVER_PORT, POLICY_ENGINE_URL, or Keycloak port environment variables in a .env file before running docker-compose up. Check which ports are in use with 'lsof -i :8000' and adjust accordingly.
The MCP client receives 'unauthorized' errors when calling tools
If AUTH_ENABLED is true, obtain a bearer token from Keycloak using the openid-connect/token endpoint with your username and password, then add the Authorization header to client requests. If testing locally, set AUTH_ENABLED=false in docker-compose to disable authentication.
Tools are visible in the server but not appearing in the gateway group
The gateway exposes only the intersection of server tools, policy-allowed tools, and group-configured tools. Open the dashboard, navigate to your group, and verify that the desired tools are both permitted by the policy and explicitly added to the group configuration.
Frequently Asked Questions about Secure MCP Gateway
What is Secure MCP Gateway?
Secure MCP Gateway is a Model Context Protocol (MCP) server that secure mcp infrastructure to audit and control every data access by ai agents with minimal efforts It connects AI assistants to external tools and data sources through a standardized interface.
How do I install Secure MCP Gateway?
Install via npm with the command: npx -y @datacline/smcp. Then add the server configuration to your AI client's JSON config file (e.g., claude_desktop_config.json or .cursor/mcp.json).
Which AI clients work with Secure MCP Gateway?
Secure MCP Gateway works with all major MCP-compatible AI clients including Claude Desktop, Claude Code, Cursor, VS Code (GitHub Copilot), Windsurf, and Cline.
Is Secure MCP Gateway free to use?
Yes, Secure MCP Gateway is open source and available under the MIT license. You can use it freely in both personal and commercial projects.
Secure MCP Gateway Alternatives — Similar Security Servers
Looking for alternatives to Secure MCP Gateway? Here are other popular security servers you can use with Claude, Cursor, and VS Code.
Casdoor
★ 13.6kAn open-source Agent-first Identity and Access Management (IAM) /LLM MCP & agent gateway and auth server with web UI supporting OpenClaw, MCP, OAuth, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID, Google Workspace, Azure AD
ghidraMCP
★ 9.0kAn Model Context Protocol server that enables LLMs to autonomously reverse engineer applications by exposing Ghidra's decompilation and analysis tools. It allows AI agents to list code structures, rename methods, and analyze binaries directly through
HexStrike AI
★ 8.9kHexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug bounty automation, and security research. Seamlessly b
IDA Pro MCP
★ 8.7kEnables AI-assisted reverse engineering in IDA Pro by providing tools to analyze binaries, decompile functions, manage comments, search patterns, and interact with the IDA database through natural language.
Anthropic Cybersecurity Skills
★ 6.6k754 structured cybersecurity skills for AI agents · Mapped to 5 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND & NIST AI RMF · agentskills.io standard · Works with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI & 20+ platform
Hooker
★ 5.1k🔥🔥 hooker is a Frida-based reverse engineering toolkit for Android. It offers a user-friendly CLI, universal scripts, auto hook generation, memory roaming to detect activities/services, one-click SOCKS5 proxy setup, Frida JustTrustMe, and BoringSSL u
Browse More Security MCP Servers
Explore all security servers available in the MCPgee directory. Each server includes setup guides for Claude, Cursor, and VS Code.
Set Up Secure MCP Gateway in Your Editor
Choose your AI client for step-by-step setup instructions.
Quick Config Preview
Add this to your claude_desktop_config.json or .cursor/mcp.json
Ready to use Secure MCP Gateway?
Browse our complete directory of 33,000+ MCP servers, read setup guides for your editor, and start building with the Model Context Protocol.