DEV Community

Stacklok profile image Yolanda Robla Mota
Yolanda Robla Mota for Stacklok

Posted on

How-to Safely Expose your MCP Servers Externally Using ngrok and ToolHive

#ai #beginners #tutorial #devops

As you make increasing use of Model Context Protocol (MCP) servers, you’re going to find yourself in a situation where you need to expose these endpoints externally. For example, you may need to expose servers to a partner or customer for testing and integration. Perhaps your organization has a branch office without direct network access but the same need to reach MCP servers. Or, your product may offer MCP ‘tools-as-a-service’ to clients that live outside your VPC.
There’s a quick, simple and safe way to expose MCP servers when they’re managed by ToolHive and integrated with ngrok. Below we’ll show you how you can do it using ToolHive's proxy tunnel command. But, first, a quick description of ToolHive and ngrok for those new to these solutions.

ToolHive: The MCP Engine

ToolHive is your starting point for running MCP in production. It handles:

  • Server Lifecycle: Starting, stopping, and managing MCP server instances.
  • Transport Methods: Supporting multiple communication protocols (stdio, SSE, streamable-http).
  • Security: Managing secrets, permissions, and isolation.
  • Discovery: Providing a registry of available MCP servers.

ngrok: The API Gateway

ngrok is a flexible API gateway that provides instant and secure access, anywhere. It handles:

  • Identity and access: Supporting OIDC and OAuth2 and providing tenant-aware RBAC
  • Secure tunnel: Handling HTTPS with secure, automatically generated public URLs
  • Safety & governance: Establishing rate limits and managing blast radius
  • Observability: Providing logs and audit trails

Getting started:

Before diving in, you’ll need to address a few easy prerequisites:

Create an ngrok account

  • Visit the ngrok website and sign up for a free (or paid) account.

Obtain your ngrok auth token

  • After logging in, you'll find your authentication token in the ngrok dashboard—often under Auth or Setup.
  • Copy that token (here represented as xxx in examples).

Enable fixed or custom domains (optional)

Set up a permanent, branded domain (e.g. your-app.ngrok.io or a custom domain like api.yourcompany.com) instead of a random address by claiming your free static domain at dashboard.ngrok.com/domains.

Exposing MCP server endpoints

As we work through this example, imagine you’ve got an OSV MCP server that you want to expose externally, so that other users can test your integration. You set-up and are managing that OSV MCP server using ToolHive with internal workload listening on localhost.

Your first command would be:

export NGROK_TOKEN=<your_ngrok_token>
export NGROK_URL=<your_ngrok_url>

thv proxy tunnel osv test \
  --tunnel-provider ngrok \
  --provider-args "{
    \"auth-token\": \"${NGROK_TOKEN}\",
    \"url\": \"${NGROK_URL}\"
  }"
Enter fullscreen mode Exit fullscreen mode

That command includes these actions:

  • thv proxy tunnel osv test spins up a tunnel for the ToolHive workload named osv (in a test context).
  • --tunnel-provider ngrok tells ToolHive to use ngrok as the tunneling mechanism.
  • --provider-args passes any needed parameters for ngrok, such as authentication credentials so the tunnel will establish properly under your account.

The result is an endpoint in ngrok with all the settings configured:

Once the command runs successfully, you’ll get a public HTTPS URL that you can use and integrate into your tools. In our example, that URL looks like this:

"osv": {
  "url": "https://ricarda-presuggestive-archaically.ngrok-free.app",
  "description": "OSV MCP server for testing"
}
Enter fullscreen mode Exit fullscreen mode

And that means that the local OSV MCP server, which was accessible only on localhost, is now reachable externally, and can be used by other users to test your integration:

Summarizing the benefits of this approach

With a simple (single) command, you’ve set-up an instant, public URL with no DNS changes or firewall configuration. It’s a secure HTTPS endpoint that’s lightweight and temporary, so it’s ideal for short-term testing, demos or collaborating with remote customers and teammates.

We’re excited about the integration of ToolHive and ngrok and how it quickly and elegantly solves a problem that more enterprises will encounter as they adopt MCP. If you have questions or ideas, we’d love to hear from you. Please checkout ToolHive and ngrok, and connect with us on Discord.

Top comments (0)