MCPHub

A unified hub that aggregates multiple MCP servers behind a single HTTP/SSE endpoint, with a web dashboard, flexible per-server and per-group routing, AI-powered semantic tool discovery, OAuth 2.0, and hot-swappable configuration.

Evaluated Mar 06, 2026 (0d ago) vlatest
Homepage ↗ Repo ↗ Other mcp-hub aggregator gateway oauth node react docker smart-routing vector-search
⚙ Agent Friendliness
74
/ 100
Can an agent use this?
🔒 Security
74
/ 100
Is it safe for agents?
⚡ Reliability
68
/ 100
Does it work consistently?

Score Breakdown

⚙ Agent Friendliness

MCP Quality
75
Documentation
75
Error Messages
60
Auth Simplicity
78
Rate Limits
68

🔒 Security

TLS Enforcement
88
Auth Strength
72
Scope Granularity
65
Dep. Hygiene
78
Secret Handling
70

MCP server hub/registry. Aggregates multiple MCP servers. Security requires vetting each included server. Gateway credentials protect all connected tools.

⚡ Reliability

Uptime/SLA
68
Version Stability
70
Breaking Changes
65
Error Recovery
68
AF Security Reliability

Best When

You operate multiple MCP servers and want a single unified endpoint for your MCP clients, with semantic routing so agents can discover tools by intent rather than knowing server names in advance.

Avoid When

You only have one or two MCP servers; the aggregation layer is overhead without a diverse server fleet to consolidate.

Use Cases

  • Consolidating many MCP servers so a single MCP client connects to one endpoint and accesses all tools
  • Dynamic tool discovery via semantic search when an agent does not know which server provides a capability
  • Teams managing a curated catalog of MCP servers with group-based access control

Not For

  • Single MCP server setups where aggregation adds no value
  • Environments requiring enterprise SSO beyond GitHub/Google social login
  • Users who need guaranteed uptime SLAs (self-hosted OSS project)

Interface

REST API
Yes
GraphQL
No
gRPC
No
MCP Server
Yes
SDK
No
Webhooks
No

Authentication

Methods: bearer_token oauth2 social_login username_password
OAuth: Yes Scopes: Yes

Bearer token auth on MCP endpoints by default. Dashboard uses JWT/bcrypt. OAuth 2.0 client/server modes available. GitHub and Google social login via Better Auth requires PostgreSQL database mode.

Pricing

Model: open_source
Free tier: Yes
Requires CC: No

Apache-2.0 licensed. PostgreSQL required for OAuth/social login; SQLite sufficient for basic use.

Agent Metadata

Pagination
none
Idempotent
Unknown
Retry Guidance
Not documented

Known Gotchas

  • Default admin/admin123 credentials must be changed post-install.
  • Smart routing (/mcp/$smart) uses vector semantic search; results depend on embedding quality and may be non-deterministic.
  • Hot-swap config changes may cause brief tool unavailability during server reload.
  • OAuth 2.0 and social login require PostgreSQL; SQLite mode loses these features.
  • Downstream server failures will propagate to the aggregated endpoint; no documented fallback or circuit-breaking.
  • Tool name collisions across servers are not clearly documented as handled.

Alternatives

mcpcan mcp-gateway smithery

Full Evaluation Report

Detailed scoring breakdown, competitive positioning, security analysis, and improvement recommendations for MCPHub.

$99
API endpoint ↗ Agent guide ↗ Report inaccuracy

Scores are editorial opinions as of 2026-03-06.

5178
Packages Evaluated
26151
Need Evaluation
173
Need Re-evaluation
Community Powered