The problem
Every AI tool that talks to MCP servers (Claude, Cursor, etc.)
connects directly — no auth, no rate limiting, no observability.
You have no idea what's hitting your servers or how often.
What I built
MCP Gateway sits in front of all your MCP servers and handles:
- Routing — /mcp/server-name/* proxies to the right backend
- Auth — per-server API keys encrypted AES-256-GCM in memory
- Rate limiting — token bucket per client, 429 + Retry-After
- Logging — SQLite log of every request with latency + status
- Usage tracking — token counts from Anthropic/OpenAI responses
- CLI — mcpgw server add/list/remove, mcpgw logs show, mcpgw stats
Quickstart
MCPGW_MASTER_SECRET=your-secret docker compose up --build
Stack
Rust, Axum, SQLite (rusqlite), DashMap, AES-GCM
Top comments (1)
This is a great systems-level project—building a self-hosted reverse proxy for MCP servers in Rust immediately signals a strong focus on performance and control. I like the architectural direction here, especially the idea of centralizing routing, auth, and observability instead of pushing those concerns into individual services. Rust feels like a solid choice given the need for low-latency request handling and safety in concurrent workloads. One thing I’d be curious about is how you handle dynamic service discovery and hot reloads without downtime. Also interesting to see how this scales when multiple MCP servers have different protocol or latency characteristics.