openapi-to-mcp

Expose API endpoints as strongly typed tools from an OpenAPI specification. Supports OpenAPI 2.0/3.0 in JSON or YAML format, from local or remote files.

GitHub

openapi-to-mcp

Use your OpenAPI specification to expose your API's endpoints as strongly typed tools.

Basic example for https://petstore3.swagger.io/ 🎉

{
  "mcpServers": {
    "petstore": {
      "command": "openapi-to-mcp",
        "args": [
          "https://petstore3.swagger.io/api/v3/openapi.json"
        ]
    }
  }
}

More complex example, using Github's API:

{
    "mcpServers": {
        "github": {
            "command": "openapi-to-mcp",
            "args": [
                "https://raw.githubusercontent.com/github/rest-api-description/refs/heads/main/descriptions/api.github.com/api.github.com.yaml",
                "--bearer-token",
                "github_pat_xxxxxx",
                "--tool-naming-strategy",
                "verbandpath"
            ]
        }
    }
}

This example use the bearer token auth (with a Github Personal Access Token) and force the tool naming strategy to "verb and path", as Github's operation ids are not valid tool names.

Github demo

Install

As a Nuget tool: openapi-to-mcp

dotnet tool install --global openapi-to-mcp

Or download the executables from the releases

Usage

Usage:
  openapi-to-mcp <open-api> [options]

Arguments:
  <open-api>  You OpenAPI specification (URL or file) [required]

Options:
  -t, --tool-naming-strategy <extension|extension_or_operationid_or_verbandpath|operationid|verbandpath>  How the tool name should be computed [default: extension_or_operationid_or_verbandpath]
  -h, --host-override                                                                                     Host override
  -b, --bearer-token                                                                                      Bearer token
  -o2, --oauth-2-grant-type <client_credentials|password|refresh_token>                                   OAuth2 flow to be used
  -o2_tu, --oauth-2-token-url                                                                             OAuth2 token endpoint URL (override the one defined in your OpenAPI for your chosen OAuth2 flow)
  -o2_ci, --oauth-2-client-id                                                                             OAuth2 client id (for the client_credentials grant_type)
  -o2_cs, --oauth-2-client-secret                                                                         OAuth2 client secret (for the client_credentials grant_type)
  -o2_rt, --oauth-2-refresh-token                                                                         OAuth2 refresh token (for the refresh_token grant_type)
  -o2_un, --oauth-2-username                                                                              OAuth2 username (for the password grant_type)
  -o2_pw, --oauth-2-password                                                                              OAuth2 password (for the password grant_type)
  -i, --instructions                                                                                      MCP instruction to be advertised by the server
  --verbose                                                                                               Log more info (in sdterr) [default: False]
  -?, -h, --help                                                                                          Show help and usage information
  --version                                                                                               Show version information

OpenAPI support

Currently, OpenAPI 2.0 and 3.0 are supported.
- 3.1 is not (at least not until microsoft/OpenAPI.NET supports it)
Specifications can be JSON/YAML and local (file) or remote (URL)
Only local $refs are supported

OpenAPI custom extensions

A set of custom extensions is available to customize how your API should be exposed:

info.x-mcp-instructions (string): Textual instructions exposed by the MCP server during the initialize handshake
operation.x-mcp-tool-name (string): Custom tool name
operation.x-mcp-tool-description (string): Custom tool description
operation.x-mcp-tool-enabled (boolean): Enabled/disabled a specific operation (enabled by default)

MCP features

Only STDIO transport is currently supported.

Tools

Operations ("endpoints") from your OpenAPI specification are translated to MCP tools

All path/query/JSON body parameters are exposed (using their JSON schema)
Response is returned as-is
By default, the tool name is computed using first the operation.x-mcp-tool-name extension, then the operation.operationId and then {httpMethod}_{escaped_path}
- The tool naming strategy can be defined via the --tool-naming-strategy option.
- ⚠️Tools are discarded if their name don't match ^[a-zA-Z0-9_-]{1,64}$
Tools description are extracted as follows: operation.x-mcp-tool-description ?? operation.description ?? path.description

Tool call and host

When a tool is called, the MCP server will call the underlying endpoint. To determine which host to call a combination of parameters are used:

the --host-override option
your specification first server's URL if it's an absolute URL
the host of the remote OpenAPI provided
otherwise, an error is thrown

For example running openapi-to-mcp https://petstore3.swagger.io/api/v3/openapi.json:

https://petstore3.swagger.io/api/v3/openapi.json defines a server, but its URL is relative (/api/v3)
so the host of the specification's own URL is used: https://petstore3.swagger.io and the relative path of the server is appended to it

Authorization

Bearer token

A token can be provided as option --bearer-token. It'll be provided to all calls as the Authorization: Bearer {token} header. It'll also be provided when fetching a remote specification.

OAuth2

ClientCredentials, RefreshToken, Password are supported. If your OpenAPI specification declare securitySchemes for those flows, the corresponding tokenUrl will be used.

How to publish

Create a new tag/release 🤷

Related Servers

Scout Monitoring MCP

sponsor

Put performance and error data directly in the hands of your AI assistant.

Alpha Vantage MCP Server

sponsor

Access financial market data: realtime & historical stock, ETF, options, forex, crypto, commodities, fundamentals, technical indicators, & more

Remote MCP Server (Authless)

An example of a remote MCP server deployable on Cloudflare Workers, without authentication.

MCP Gateway

A feature-rich gateway and proxy that federates MCP and REST services, unifying discovery, authentication, rate-limiting, and observability into a single endpoint for AI clients.

MobAI MCP

MCP (Model Context Protocol) server for MobAI (https://mobai.run) - AI-powered mobile device automation

Fossil MCP

The code quality toolkit for the vibe coding era.

Digma

A code observability MCP enabling dynamic code analysis based on OTEL/APM data to assist in code reviews, issues identification and fix, highlighting risky code etc.

Argo CD

Interact with Argo CD applications through natural language.

Buildkite

Integrate with the Buildkite API to search and manage CI/CD pipelines.

APIMatic MCP

APIMatic MCP Server is used to validate OpenAPI specifications using APIMatic. The server processes OpenAPI files and returns validation summaries by leveraging APIMatic’s API.

Bitcoin SV MCP Server

A collection of tools for interacting with the Bitcoin SV (BSV) blockchain, including wallet, ordinals, and utility functions.

DHTMLX MCP Server

The DHTMLX MCP server provides real-time access to official docs and a smart RAG.