MetaMCP

A self-hostable middleware to manage all your MCPs through a GUI and a local proxy, supporting multiple clients and workspaces.

GitHub

πŸš€ MetaMCP (MCP Aggregator, Orchestrator, Middleware, Gateway in one docker)

πŸ“’ Update: [From the author: apologize for some recent maintainence delay, but will at least keep merging PRs, more background here]

MetaMCP is a MCP proxy that lets you dynamically aggregate MCP servers into a unified MCP server, and apply middlewares. MetaMCP itself is a MCP server so it can be easily plugged into ANY MCP clients.

MetaMCP Diagram

For more details, consider visiting our documentation site: https://docs.metamcp.com

English | δΈ­ζ–‡

πŸ“‹ Table of Contents

🎯 Use Cases

  • 🏷️ Group MCP servers into namespaces, host them as meta-MCPs, and assign public endpoints (SSE or Streamable HTTP), with auth. One-click to switch a namespace for an endpoint.
  • 🎯 Pick tools you only need when remixing MCP servers. Apply other pluggable middleware around observability, security, etc. (coming soon)
  • πŸ” Use as enhanced MCP inspector with saved server configs, and inspect your MetaMCP endpoints in house to see if it works or not.
  • πŸ” Use as Elasticsearch for MCP tool selection (coming soon)

Generally developers can use MetaMCP as infrastructure to host dynamically composed MCP servers through a unified endpoint, and build agents on top of it.

Quick demo video: https://youtu.be/Cf6jVd2saAs

MetaMCP Screenshot

πŸ“– Concepts

πŸ–₯️ MCP Server

A MCP server configuration that tells MetaMCP how to start a MCP server.

"HackerNews": {
  "type": "STDIO",
  "command": "uvx",
  "args": ["mcp-hn"]
}

πŸ” Environment Variables & Secrets (STDIO MCP Servers)

For STDIO MCP servers, MetaMCP supports three ways to handle environment variables and secrets:

1. Raw Values - Direct string values (not recommended for secrets):

API_KEY=your-actual-api-key-here
DEBUG=true

2. Environment Variable References - Use ${ENV_VAR_NAME} syntax:

API_KEY=${OPENAI_API_KEY}
DATABASE_URL=${DB_CONNECTION_STRING}

3. Auto-matching - If the expected environment variable name in your tool matches the container's environment variable, you can omit it entirely. MetaMCP will automatically pass through matching environment variables.

πŸ”’ Security Note: Environment variable references (${VAR_NAME}) are resolved from the MetaMCP container's environment at runtime. This keeps actual secret values out of your configuration and git repository.

βš™οΈ Development Note: For local development with pnpm run dev:docker, ensure your environment variables are listed in turbo.json under globalEnv to be passed to the development processes. This is not required for production Docker deployments.

🏷️ MetaMCP Namespace

  • Group one or more MCP servers into a namespace
  • Enable/disable MCP servers or at tool level
  • Apply middlewares to MCP requests and responses
  • Override tool names/titles/descriptions per namespace and attach custom MCP annotations (e.g. { "annotations": { "readOnlyHint": false } })

🌐 MetaMCP Endpoint

  • Create endpoints and assign namespace to endpoints
  • Multiple MCP servers in the namespace will be aggregated and emitted as a MetaMCP endpoint
  • Choose between API-Key Auth (in header or query param) or standard OAuth in MCP Spec 2025-06-18
  • Host through SSE or Streamable HTTP transports in MCP and OpenAPI endpoints for clients like Open WebUI

βš™οΈ Middleware

  • Intercepts and transforms MCP requests and responses at namespace level
  • Built-in example: "Filter inactive tools" - optimizes tool context for LLMs
  • Future ideas: tool logging, error traces, validation, scanning

πŸ” Inspector

Similar to the official MCP inspector, but with saved server configs - MetaMCP automatically creates configurations so you can debug MetaMCP endpoints immediately.

✏️ Tool Overrides & Annotations

  • Open a namespace β†’ Tools tab to see every tool coming from connected MCP servers.
  • Each saved tool can be expanded and edited inline: update the display name/title/description or provide a JSON blob with namespace-specific annotations (for example { "annotations": { "readOnlyHint": false } }).
  • Badges in the table ("Overridden", "Annotations") show which tools currently have custom metadata. Hover them to read a tooltip describing what was overridden.
  • Annotation overrides are merged with whatever the upstream MCP server returns, so you can safely add custom UI hints without losing provider metadata.

πŸš€ Quick Start

🐳 Run with Docker Compose (Recommended)

Clone repo, prepare .env, and start with docker compose:

git clone https://github.com/metatool-ai/metamcp.git
cd metamcp
cp example.env .env
docker compose up -d

If you modify APP_URL env vars, make sure you only access from the APP_URL, because MetaMCP enforces CORS policy on the URL, so no other URL is accessible.

Note that the pg volume name may collide with your other pg dockers, which is global, consider rename it in docker-compose.yml:

volumes:
  metamcp_postgres_data:
    driver: local

πŸ“¦ Build development environment with Dev Containers (VSCode/Cursor)

You can use the VSCode/Cursor extension to build the development environment in a container.

It only requires that you have an environment running Docker or a similar alternative (the docker/docker compose command is required), and no other dependent components need to be installed on your host machine.

  1. First, clone the MetaMCP source code, open project in Visual Studio Code.
git clone https://github.com/metatool-ai/metamcp.git
cd metamcp
code .
  1. Switch to Dev Containers. Open the VSCode Command Palette, and execute Dev Containers: Reopen in Container.

VSCode will open the Dev Containers project in a new window, where it will build the runtime and install the toolchain according to the Dockerfile before starting the connection and finally installing the MetaMCP dependencies. image

note This process requires a reliable network connection, and it will access Docker Hub, GitHub, and some other sites. You will need to ensure the network connection yourself, otherwise the container build may fail.

Wait some minutes, depending on the internet connection or computer performance, it may take from a few minutes to tens of minutes, you can click on the Progress Bar in the bottom right corner to view a live log where you will be able to check unusual stuck. image

After finished, you can run pnpm dev to start the development server.

πŸ’» Local Development

Still recommend running postgres through docker for easy setup:

pnpm install
pnpm dev

πŸ”Œ MCP Protocol Compatibility

  • βœ… Tools, Resources, and Prompts supported
  • βœ… OAuth-enabled MCP servers tested for 03-26 version

If you have questions, feel free to leave GitHub issues or PRs.

πŸ”— Connect to MetaMCP

πŸ“ E.g., Cursor via mcp.json

Example mcp.json

{
  "mcpServers": {
    "MetaMCP": {
      "url": "http://localhost:12008/metamcp/<YOUR_ENDPOINT_NAME>/sse"
    }
  }
}

πŸ–₯️ Connecting Claude Desktop and Other STDIO-only Clients

Since MetaMCP endpoints are remote only (SSE, Streamable HTTP, OpenAPI), clients that only support stdio servers (like Claude Desktop) need a local proxy to connect.

Note: While mcp-remote is sometimes suggested for this purpose, it's designed for OAuth-based authentication and doesn't work with MetaMCP's API key authentication. Based on testing, mcp-proxy is the recommended solution.

Here's a working configuration for Claude Desktop using mcp-proxy:

Using Streamable HTTP

{
  "mcpServers": {
    "MetaMCP": {
      "command": "uvx",
      "args": [
        "mcp-proxy",
        "--transport",
        "streamablehttp",
        "http://localhost:12008/metamcp/<YOUR_ENDPOINT_NAME>/mcp"
      ],
      "env": {
        "API_ACCESS_TOKEN": "<YOUR_API_KEY_HERE>"
      }
    }
  }
}

Using SSE

{
  "mcpServers": {
    "ehn": {
      "command": "uvx",
      "args": [
        "mcp-proxy",
        "http://localhost:12008/metamcp/<YOUR_ENDPOINT_NAME>/sse"
      ],
      "env": {
        "API_ACCESS_TOKEN": "<YOUR_API_KEY_HERE>"
      }
    }
  }
}

Important notes:

  • Replace <YOUR_ENDPOINT_NAME> with your actual endpoint name
  • Replace <YOUR_API_KEY_HERE> with your MetaMCP API key (format: sk_mt_...)

For more details and alternative approaches, see issue #76.

πŸ”§ API Key Auth Troubleshooting

  • ?api_key= param api key auth doesn't work for SSE. It only works for Streamable HTTP and OpenAPI.
  • Best practice is to use the API key in Authorization: Bearer <API_KEY> header.
  • Try disable auth temporarily when you face connection issues to see if it is an auth issue.

❄️ Cold Start Problem and Custom Dockerfile

  • MetaMCP pre-allocate idle sessions for each configured MCP servers and MetaMCPs. The default idle session for each is 1 and that can help reduce cold start time.
  • If your MCP requires dependencies other than uvx or npx, you need to customize the Dockerfile to install dependencies on your own.
  • Check invalidation.md for a seq diagram about how idle session invalidates during updates.

πŸ› οΈ Solution: Customize the Dockerfile to add dependencies or pre-install packages to reduce cold start time.

🧾 Log Levels

MetaMCP’s backend writes logs to files and optionally mirrors selected levels to the console. Control console mirroring with the LOG_LEVEL environment variable.

  • Files

    • app.log: receives DEBUG, INFO, and WARN
    • error.log: receives ERROR

  • Console mirroring (LOG_LEVEL)

    • all: mirror DEBUG, INFO, WARN, ERROR to console
    • info: mirror only INFO to console
    • errors-only: mirror WARN and ERROR to console
    • none: no console output

  • Defaults and examples

    • Default (when unset or invalid): errors-only
    • .env example: 
      LOG_LEVEL='errors-only' # 'all', 'info', 'errors-only', 'none'
    • docker-compose.dev.yml uses: LOG_LEVEL: ${LOG_LEVEL:-all}

πŸ” Authentication

  • πŸ›‘οΈ Better Auth for frontend & backend (TRPC procedures)
  • πŸͺ Session cookies enforce secure internal MCP proxy connections
  • πŸ”‘ API key authentication for external access via Authorization: Bearer <api-key> header
  • πŸͺͺ MCP OAuth: Exposed endpoints have options to use standard OAuth in MCP Spec 2025-06-18, easy to connect.
  • 🏒 Multi-tenancy: Designed for organizations to deploy on their own machines. Supports both private and public access scopes. Users can create MCPs, namespaces, endpoints, and API keys for themselves or for everyone. Public API keys cannot access private MetaMCPs.
  • βš™οΈ Separate Registration Controls: Administrators can independently control UI registration and SSO/OAuth registration through the settings page, allowing for flexible enterprise deployment scenarios.

🚦 Traffic Management

🚧 MCP Rate Limit

The MCP Rate Limit feature allows you to set the maximum requests a MCP tool (a endpoint) will accept in a given time window. There are two different strategies to set limits that you can use separately or together:

  • Endpoint rate-limiting (Rate Limiting): applies simultaneously to all clients using the endpoint, sharing a unique counter.
  • User rate-limiting (Client Rate Limiting): sets a counter to each individual user.

Both types can coexist and they complement each other, and store the counters in-memory. On a cluster, each machine sees and counts only its passing traffic.

Endpoint rate-limiting

The endpoint rate limit acts on the number of simultaneous transactions an endpoint can process. This type of limit protects the service for all customers. When the users connected to an endpoint together exceed the rate-limiting, MetaMCP starts to reject connections with a status code 503 Service Unavailable.

Endpoint rate-limiting options

  • Max Rate: Defines how many requests will you accept from all users together at any given instant. When the gateway starts, the bucket is full. As requests from users come, the remaining tokens in the bucket decrease. At the same time, the rate-limiting refills the bucket at the desired rate until its maximum capacity is reached.
  • Max Rate Seconds: Time period in which the maximum rates operate in seconds. For instance, if you set an max rate seconds of 60s and a rate-limiting of 5, you are allowing 5 requests every sixty seconds.

User rate-limiting

The client or user rate limit applies one counter to each individual user and endpoint. When a single user connected to an endpoint exceeds their client-max-rate, MetaMCP starts rejecting connections with a status code 429 Too Many Requests

User rate-limiting options

  • Client Max Rate: Number of tokens you add to the Token Bucket for each individual user (user quota) in the time interval you want (Client Max Rate Seconds). The remaining tokens in the bucket are the requests a specific user can do.
  • Client Max Rate Seconds: Time period in which the maximum rates operate in seconds. For instance, if you set an every of 60s and a rate of 5, you are allowing 5 requests every sixty seconds.
  • Client Max Rate Strategy: Sets the strategy you will use to set client counters. Choose ip when the restrictions apply to the client’s IP address, or set it to header when there is a header that identifies a user uniquely. That header must be defined with the key entry.
  • Client Max Rate Strategy Key: It is the header name containing the user identification (e.g., Authorization on tokens, or X-Original-Forwarded-For for IPs).

πŸ”— OpenID Connect (OIDC) Provider Support

MetaMCP supports OpenID Connect authentication for enterprise SSO integration. This allows organizations to use their existing identity providers (Auth0, Keycloak, Azure AD, etc.) for authentication.

πŸ› οΈ Configuration

Add the following environment variables to your .env file:

# Required
OIDC_CLIENT_ID=your-oidc-client-id
OIDC_CLIENT_SECRET=your-oidc-client-secret
OIDC_DISCOVERY_URL=https://your-provider.com/.well-known/openid-configuration

# Optional customization
OIDC_PROVIDER_ID=oidc
OIDC_SCOPES=openid email profile
OIDC_PKCE=true

🏒 Supported Providers

MetaMCP has been tested with popular OIDC providers:

  • Auth0: https://your-domain.auth0.com/.well-known/openid-configuration
  • Keycloak: https://your-keycloak.com/realms/your-realm/.well-known/openid-configuration
  • Azure AD: https://login.microsoftonline.com/your-tenant-id/v2.0/.well-known/openid-configuration
  • Google: https://accounts.google.com/.well-known/openid-configuration
  • Okta: https://your-domain.okta.com/.well-known/openid-configuration

πŸ”’ Security Features

  • πŸ” PKCE (Proof Key for Code Exchange) enabled by default
  • πŸ›‘οΈ Authorization Code Flow with automatic user creation
  • πŸ”„ Auto-discovery of OIDC endpoints
  • πŸͺ Seamless session management with existing auth system

πŸ“± Usage

Once configured, users will see a "Sign in with OIDC" button on the login page alongside the email/password form. The authentication flow automatically creates new users on first login.

For more detailed configuration examples and troubleshooting, see CONTRIBUTING.md.

βš™οΈ Registration Controls

MetaMCP provides separate controls for different registration methods, allowing administrators to fine-tune user access policies for enterprise deployments.

πŸŽ›οΈ Available Controls

  • UI Registration: Controls whether users can create accounts via the registration form
  • SSO Registration: Controls whether users can create accounts via SSO/OAuth providers (OIDC, etc.)

🏒 Enterprise Use Cases

This separation enables common enterprise scenarios:

  • Block UI registration, allow SSO: Prevent manual signups while allowing corporate SSO users
  • Block SSO registration, allow UI: Allow manual signups while restricting SSO access
  • Block both: Completely disable new user registration
  • Allow both: Default behavior for open deployments

πŸ› οΈ Configuration

Access the Settings page in the MetaMCP admin interface to configure these controls:

  1. Navigate to Settings β†’ Authentication Settings
  2. Toggle "Disable UI Registration" to control form-based signups
  3. Toggle "Disable SSO Registration" to control OAuth/OIDC signups

Both controls work independently, giving you full flexibility over your registration policy.

🌐 Custom Deployment and SSE conf for Nginx

If you want to deploy it to a online service or a VPS, a instance of at least 2GB-4GB of memory is required. And the larger size, the better performance.

Since MCP leverages SSE for long connection, if you are using reverse proxy like nginx, please refer to an example setup nginx.conf.example

πŸ—οΈ Architecture

  • Frontend: Next.js
  • Backend: Express.js with tRPC, hosting MCPs through TS SDK and internal proxy
  • Auth: Better Auth
  • Structure: Standalone monorepo with Turborepo and Docker publishing

πŸ“Š Sequence Diagram

Note: Prompts and resources follow similar patterns to tools.

sequenceDiagram
    participant MCPClient as MCP Client (e.g., Claude Desktop)
    participant MetaMCP as MetaMCP Server
    participant MCPServers as Installed MCP Servers

    MCPClient ->> MetaMCP: Request list tools

    loop For each listed MCP Server
        MetaMCP ->> MCPServers: Request list_tools
        MCPServers ->> MetaMCP: Return list of tools
    end

    MetaMCP ->> MetaMCP: Aggregate tool lists & apply middleware
    MetaMCP ->> MCPClient: Return aggregated list of tools

    MCPClient ->> MetaMCP: Call tool
    MetaMCP ->> MCPServers: call_tool to target MCP Server
    MCPServers ->> MetaMCP: Return tool response
    MetaMCP ->> MCPClient: Return tool response

πŸ—ΊοΈ Roadmap

Potential next steps:

  • πŸ”Œ Headless Admin API access
  • πŸ” Dynamically apply search rules on MetaMCP endpoints
  • πŸ› οΈ More middlewares
  • πŸ’¬ Chat/Agent Playground
  • πŸ§ͺ Testing & Evaluation for MCP tool selection optimization
  • ⚑ Dynamically generate MCP servers

🌐 i18n

See README-i18n.md

Currently en and zh locale are supported, but welcome contributions.

🀝 Contributing

We welcome contributions! See details at CONTRIBUTING.md

πŸ“„ License

MIT

Would appreciate if you mentioned with back links if your projects use the code.

πŸ™ Credits

Some code inspired by:

Not directly used the code by took ideas from

Related Servers

NotebookLM Web Importer

Import web pages and YouTube videos to NotebookLM with one click. Trusted by 200,000+ users.

Install Chrome Extension