If you've set up MCP (Model Context Protocol) servers for your AI clients, you know the setup: each client gets its own config listing every MCP server it connects to. Claude Desktop, Cursor, VS Code — each maintaining separate configs, separate credentials, separate connections. No centralized management, no visibility, no security.
The Problem
Three issues make this unsustainable:
No visibility. When an AI agent calls a tool, nobody knows. There's no centralized audit trail. No way to see what's being called, how often, or by whom.
No access control. Every MCP server trusts every client equally. A junior developer's AI assistant has the same tool access as a senior engineer's.
No trust boundary. Trail of Bits' OpenClaw research demonstrated that MCP servers are vulnerable to tool poisoning, prompt injection, and credential theft. There's nothing between the AI client and the MCP server checking if an operation should happen.
The Solution
I built MCP Gateway — a self-hosted proxy that sits between AI clients and MCP servers.
Instead of each client connecting to each server directly, every client connects to the gateway's single MCP endpoint. The gateway handles authentication, authorization, policy enforcement, and audit logging.
Key Features
- Single endpoint — aggregate all MCP backends behind one URL
- JWT + API key auth — per-application scoping (Claude and Cursor get separate keys)
- RBAC — owner, operator, viewer roles with tool-level permissions
- Policy engine — priority-ordered allow/deny rules with glob patterns and risk categories
- Audit logging — every tool call recorded with configurable payload redaction
- Risk classification — tools auto-categorized as read/write/admin/external-api
- Remote agent — WebSocket-based tunneling for MCP servers on remote machines
- Dashboard — React admin UI for tools, audit, metrics, policies, users
- Prometheus metrics — call counts, latency histograms, error rates
Architecture
Three components:
- MCP Gateway Server (Rust/Axum + PostgreSQL) — core routing, auth, policies, audit
- MCP Gateway Dashboard (React/TypeScript) — admin UI
- MCP Gateway Agent (Rust) — remote machine connector with TUI
Getting Started
git clone https://github.com/SidPad03/unified-mcp-gateway.git
cd unified-mcp-gateway
docker compose up --build
# Dashboard: http://localhost:8080
# API: http://localhost:3200
Point your AI client at http://localhost:3200/mcp with an API key from the dashboard. All backends' tools are available through that single endpoint.
Why Rust?
The gateway is in the hot path of every AI tool call. Axum gives async request handling with minimal overhead. The binary is ~15MB, starts instantly, and handles thousands of concurrent connections. For the agent, Rust enables cross-compilation to macOS/Linux/Windows from one CI pipeline.
What's Next
The project is Apache 2.0 licensed. I'm looking for feedback and contributors. If you're using MCP servers, especially in a team setting, I'd love to hear about your setup and what features would be most valuable.
Top comments (0)