mcp-gateway
mcp-gateway is a Rust-based MCP infrastructure that turns existing backends (HTTP/OpenAPI endpoints and stdio MCP servers) into a streamable HTTP MCP interface. It provides a multi-tenant gateway exposing profile-scoped MCP endpoints (/\{profile_id}/mcp) with auth and policy, and an adapter component that aggregates upstream sources into a single MCP endpoint (/mcp).
Score Breakdown
⚙ Agent Friendliness
🔒 Security
README mentions multi-tenant isolation (Mode 3 with Postgres), tenant-scoped secrets/API keys, optional OIDC/JWT, and tool allowlists/policy enforcement. A docker-compose example references a dev-only default secret keys value, implying operators must override in real deployments. TLS enforcement and detailed secret/logging practices are not clearly specified in the provided README excerpt; dependency hygiene cannot be confirmed from the excerpt alone.
⚡ Reliability
Best When
You need to provide MCP tool access to existing systems at scale, especially when combining multiple backends and enforcing tenant-scoped policies.
Avoid When
You only need a single upstream MCP server/tool surface and want the simplest possible deployment (adapter/gateway overhead may be unnecessary).
Use Cases
- • Expose internal HTTP/OpenAPI services as MCP tools without writing bespoke MCP servers
- • Aggregate multiple upstream MCP or HTTP/OpenAPI tool sources into a unified MCP endpoint
- • Multi-tenant MCP “virtual servers” using tenant/profile boundaries and per-profile tool allowlists/policies
- • Publish stdio MCP servers over HTTP by spawning them as child processes and re-exposing tools via the adapter
- • Apply tool-call limits/timeouts/retries/quotas and optional data-plane OIDC/JWT auth via the gateway
Not For
- • Direct public exposure of sensitive upstream services without configuring tenant/profile auth and allowlists
- • Use cases requiring a managed SaaS offering (this is self-hosted)
- • Environments that cannot run the required components (gateway, adapters, and Postgres for Mode 3)
Interface
Authentication
README indicates data-plane auth supports API keys and optional OIDC/JWT, plus per-profile tool allowlists and policy. The exact auth flow/scopes model is not fully specified in the README excerpt.
Pricing
Self-hosted open source (MIT). Costs depend on infrastructure (gateway/adapters/Postgres) rather than vendor pricing.
Agent Metadata
Known Gotchas
- ⚠ Tool surface names may change via collision prefixing (serverName:toolName) when multiple upstreams define the same tool key.
- ⚠ Multi-tenant routing requires correct profile_id and profile configuration in the gateway/web UI.
- ⚠ Adapter stdio mode spawns subprocesses; runtime dependencies (node/python) may require custom images.
Alternatives
Full Evaluation Report
Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for mcp-gateway.
AI-powered analysis · PDF + markdown · Delivered within 30 minutes
Package Brief
Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.
Delivered within 10 minutes
Score Monitoring
Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.
Continuous monitoring
Scores are editorial opinions as of 2026-03-30.