{"id":"h2562961224-openapi-mcp-server","name":"openapi-mcp-server","homepage":null,"repo_url":"https://github.com/h2562961224/openapi-mcp-server","category":"api-gateway","subcategories":[],"tags":["mcp","openapi","swagger","springboot","mcp-server","sse","tool-calling","java"],"what_it_does":"Provides a Spring Boot/WebMVC-based MCP server that exposes backend REST/OpenAPI-described APIs as MCP tools, with support for multiple sessions and pluggable authentication via a UserContextSetter.","use_cases":["Turn existing OpenAPI/Swagger-defined endpoints into MCP tools consumable by MCP clients (e.g., Cursor, Claude Desktop).","Agent-driven back-office operations without building a custom agent UI layer.","Rapid integration of Java/Spring backend capabilities into MCP-based AI workflows."],"not_for":["Producing a fully managed hosted MCP service (it is a self-hosted server integration).","Use cases requiring strong, well-specified enterprise auth/authorization models out of the box (README only suggests customization).","Situations where robust rate-limit and retry semantics are required from documentation (not documented here)."],"best_when":"You already have Spring MVC endpoints with OpenAPI docs and want to expose them as MCP tools quickly for AI clients.","avoid_when":"You need clear operational contracts (SLA, error codes, retry/idempotency guarantees) or fine-grained auth/rate-limit policies documented in the package itself.","alternatives":["Manually implement MCP tool handlers that call your REST APIs (custom MCP server).","Use an MCP gateway that wraps OpenAPI/Swagger at runtime (if available in your ecosystem).","Expose REST directly to the agent (without MCP) using your own tool-calling wrapper."],"af_score":43.2,"security_score":40.2,"reliability_score":21.2,"package_type":"mcp_server","discovery_source":["github"],"priority":"low","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-04-04T19:50:15.923718+00:00","interface":{"has_rest_api":true,"has_graphql":false,"has_grpc":false,"has_mcp_server":true,"mcp_server_url":null,"has_sdk":false,"sdk_languages":[],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":["Custom auth integration via UserContextSetter (example uses JWT token parsing to set UserContext)"],"oauth":false,"scopes":false,"notes":"Authentication is described as 'support' and is configured by implementing UserContextSetter. README does not specify standardized auth schemes or scope model; it relies on user-provided JWT handling/custom interceptors."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"No pricing information provided; appears to be a library/dependency to run your own server."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":43.2,"security_score":40.2,"reliability_score":21.2,"mcp_server_quality":65.0,"documentation_accuracy":55.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":55.0,"rate_limit_clarity":0.0,"tls_enforcement":60.0,"auth_strength":45.0,"scope_granularity":20.0,"dependency_hygiene":40.0,"secret_handling":35.0,"security_notes":"README demonstrates passing a bearer/JWT-like token in the client transport URL (SSEClientTransport URL). This can be risky if logs/proxies capture URLs. Scope granularity and authorization model are not described. TLS requirement is not stated in provided content. Dependency hygiene cannot be verified from provided text.","uptime_documented":0.0,"version_stability":35.0,"breaking_changes_history":30.0,"error_recovery":20.0,"idempotency_support":"false","idempotency_notes":null,"pagination_style":"none","retry_guidance_documented":false,"known_agent_gotchas":["Client URL example embeds what looks like a token/query path; incorrect token handling may prevent session/tool access.","Multi-session support is mentioned but not shown with operational semantics (session lifecycle, limits, and concurrency)."]}}