{"id":"hasmcp-hasmcp-ce","name":"hasmcp-ce","homepage":"https://hasmcp.com","repo_url":"https://github.com/hasmcp/hasmcp-ce","category":"ai-ml","subcategories":[],"tags":["ai-agent","ai-agent-tools","ai-automation","mcp","mcp-server","openapi","self-hosted","oauth2","observability","gateway"],"what_it_does":"HasMCP-CE (HasMCP Community Edition) converts existing API endpoints described by OpenAPI/Swagger (and/or manually selected endpoints) into an MCP (Model Context Protocol) server that can be run self-hosted. It provides OAuth2 authentication options, endpoint toggling per MCP server, optional proxy header handling to the upstream API, token management, and logging/analytics for MCP tool calls.","use_cases":["Self-hosted MCP “gateway” that exposes an existing REST API as MCP tools","Rapid creation of MCP servers from OpenAPI v3+ specifications","Teams wanting to avoid hand-coding MCP server implementations and keep tool definitions synced with API contracts","Monitoring/observability for MCP tool calls and method invocations","Prototyping LLM tool integrations over existing API surfaces"],"not_for":["Production environments needing a clearly specified, stable public API contract for this service itself (per README content, the MCP and management interfaces are not documented in detail here)","Organizations requiring strong enterprise compliance assurances that are not described in the public README","Workloads needing first-class gRPC support (roadmap only; not indicated as available in CE right now)"],"best_when":"You have OpenAPI/Swagger docs (v3+) for an upstream API and want to expose it as MCP tools via a self-hosted server with OAuth2-based access and operational logging.","avoid_when":"You require well-documented REST/OpenAPI/SDK interfaces for integrating with HasMCP-CE programmatically (e.g., management endpoints) based solely on the README provided.","alternatives":["Run a dedicated MCP server implementation for your API (custom code)","Use other MCP gateway frameworks/tools that generate servers from OpenAPI","Adopt a commercial HasMCP edition (Pro/Enterprise) if needed for management/audit features described for cloud/commercial versions","Manually author MCP tool schemas and handlers for critical APIs"],"af_score":40.2,"security_score":57.5,"reliability_score":15.0,"package_type":"mcp_server","discovery_source":["github"],"priority":"high","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-03-30T15:33:46.846540+00:00","interface":{"has_rest_api":false,"has_graphql":false,"has_grpc":false,"has_mcp_server":true,"mcp_server_url":null,"has_sdk":false,"sdk_languages":[],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":["OAuth2"],"oauth":true,"scopes":false,"notes":"README states 'Oauth2 authentication' and also mentions long-term/short-term tokens per MCP server, but does not document scope granularity or exact auth flows/claims in the provided content."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":["HasMCP Cloud Hobby (monthly free-tier)","HasMCP Cloud Pro subscription"],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"CE is presented as community/self-hosted. Cloud has Hobby/Pro; the README notes a monthly free-tier for Hobby but provides no numbers."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":40.2,"security_score":57.5,"reliability_score":15.0,"mcp_server_quality":60.0,"documentation_accuracy":50.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":70.0,"rate_limit_clarity":0.0,"tls_enforcement":70.0,"auth_strength":65.0,"scope_granularity":35.0,"dependency_hygiene":55.0,"secret_handling":60.0,"security_notes":"README indicates optional automated SSL with Let’s Encrypt and OAuth2 authentication, plus long/short-term tokens. However, the provided content does not document TLS enforcement guarantees, token storage/rotation, scope model, audit trails for CE, or detailed security posture. Dependency list is available via go.mod references, but no CVE status/SBOM is provided here.","uptime_documented":0.0,"version_stability":40.0,"breaking_changes_history":0.0,"error_recovery":20.0,"idempotency_support":"false","idempotency_notes":null,"pagination_style":"none","retry_guidance_documented":false,"known_agent_gotchas":["README does not describe the HasMCP-CE management/control API endpoints, error codes, or retry/idempotency semantics; agents may need to rely on runtime experimentation.","OAuth2/token behavior is mentioned but not described in sufficient detail in the provided README for deterministic agent automation."]}}