MetaMCP is a MCP proxy that lets you dynamically aggregate MCP servers into a unified MCP server, and apply middlewares. MetaMCP itself is a MCP server so it can be easily plugged into ANY MCP clients.
For more details, consider visiting our documentation site: https://docs.metamcp.com
English | δΈζ
- π― Use Cases
- π Concepts
- π Quick Start
- π MCP Protocol Compatibility
- π Connect to MetaMCP
- βοΈ Cold Start Problem and Custom Dockerfile
- π Authentication
- π OpenID Connect (OIDC) Provider Support
- π Custom Deployment and SSE conf for Nginx
- ποΈ Architecture
- πΊοΈ Roadmap
- π i18n
- π€ Contributing
- π License
- π Credits
- π·οΈ Group MCP servers into namespaces, host them as meta-MCPs, and assign public endpoints (SSE or Streamable HTTP), with auth. One-click to switch a namespace for an endpoint.
- π― Pick tools you only need when remixing MCP servers. Apply other pluggable middleware around observability, security, etc. (coming soon)
- π Use as enhanced MCP inspector with saved server configs, and inspect your MetaMCP endpoints in house to see if it works or not.
- π Use as Elasticsearch for MCP tool selection (coming soon)
Generally developers can use MetaMCP as infrastructure to host dynamically composed MCP servers through a unified endpoint, and build agents on top of it.
Quick demo video: https://youtu.be/Cf6jVd2saAs
A MCP server configuration that tells MetaMCP how to start a MCP server.
"HackerNews": {
"type": "STDIO",
"command": "uvx",
"args": ["mcp-hn"]
}- Group one or more MCP servers into a namespace
- Enable/disable MCP servers or at tool level
- Apply middlewares to MCP requests and responses
- Create endpoints and assign namespace to endpoints
- Multiple MCP servers in the namespace will be aggregated and emitted as a MetaMCP endpoint
- Choose auth level and strategy
- Host through SSE or Streamable HTTP transports in MCP and OpenAPI endpoints for clients like Open WebUI
- Intercepts and transforms MCP requests and responses at namespace level
- Built-in example: "Filter inactive tools" - optimizes tool context for LLMs
- Future ideas: tool logging, error traces, validation, scanning
Similar to the official MCP inspector, but with saved server configs - MetaMCP automatically creates configurations so you can debug MetaMCP endpoints immediately.
Clone repo, prepare .env, and start with docker compose:
git clone https://github.com/metatool-ai/metamcp.git
cd metamcp
cp example.env .env
docker compose up -dIf you modify APP_URL env vars, make sure you only access from the APP_URL, because MetaMCP enforces CORS policy on the URL, so no other URL is accessible.
Note that the pg volume name may collide with your other pg dockers, which is global, consider rename it in docker-compose.yml:
volumes:
metamcp_postgres_data:
driver: local
Still recommend running postgres through docker for easy setup:
pnpm install
pnpm dev- β Tools, Resources, and Prompts supported
- β OAuth-enabled MCP servers tested for 03-26 version
If you have questions, feel free to leave GitHub issues or PRs.
Example mcp.json
{
"mcpServers": {
"MetaMCP": {
"url": "http://localhost:12008/metamcp/<YOUR_ENDPOINT_NAME>/sse"
}
}
}Since MetaMCP endpoints are remote only (SSE, Streamable HTTP, OpenAPI), clients that only support stdio servers (like Claude Desktop) need a local proxy to connect.
Note: While mcp-remote is sometimes suggested for this purpose, it's designed for OAuth-based authentication and doesn't work with MetaMCP's API key authentication. Based on testing, mcp-proxy is the recommended solution.
Here's a working configuration for Claude Desktop using mcp-proxy:
Using Streamable HTTP
{
"mcpServers": {
"MetaMCP": {
"command": "uvx",
"args": [
"mcp-proxy",
"--transport",
"streamablehttp",
"http://localhost:12008/metamcp/<YOUR_ENDPOINT_NAME>/mcp"
],
"env": {
"API_ACCESS_TOKEN": "<YOUR_API_KEY_HERE>"
}
}
}
}Using SSE
{
"mcpServers": {
"ehn": {
"command": "uvx",
"args": [
"mcp-proxy",
"http://localhost:12008/metamcp/<YOUR_ENDPOINT_NAME>/sse"
],
"env": {
"API_ACCESS_TOKEN": "<YOUR_API_KEY_HERE>"
}
}
}
}Important notes:
- Replace
<YOUR_ENDPOINT_NAME>with your actual endpoint name - Replace
<YOUR_API_KEY_HERE>with your MetaMCP API key (format:sk_mt_...)
For more details and alternative approaches, see issue #76.
?api_key=param api key auth doesn't work for SSE. It only works for Streamable HTTP and OpenAPI.- Best practice is to use the API key in
Authorization: Bearer <API_KEY>header. - Try disable auth temporarily when you face connection issues to see if it is an auth issue.
- MetaMCP pre-allocate idle sessions for each configured MCP servers and MetaMCPs. The default idle session for each is 1 and that can help reduce cold start time.
- If your MCP requires dependencies other than
uvxornpx, you need to customize the Dockerfile to install dependencies on your own. - Check invalidation.md for a seq diagram about how idle session invalidates during updates.
π οΈ Solution: Customize the Dockerfile to add dependencies or pre-install packages to reduce cold start time.
- π‘οΈ Better Auth for frontend & backend (TRPC procedures)
- πͺ Session cookies enforce secure internal MCP proxy connections
- π API key authentication for external access via
Authorization: Bearer <api-key>header - π’ Multi-tenancy: Designed for organizations to deploy on their own machines. Supports both private and public access scopes. Users can create MCPs, namespaces, endpoints, and API keys for themselves or for everyone. Public API keys cannot access private MetaMCPs.
MetaMCP supports OpenID Connect authentication for enterprise SSO integration. This allows organizations to use their existing identity providers (Auth0, Keycloak, Azure AD, etc.) for authentication.
Add the following environment variables to your .env file:
# Required
OIDC_CLIENT_ID=your-oidc-client-id
OIDC_CLIENT_SECRET=your-oidc-client-secret
OIDC_DISCOVERY_URL=https://your-provider.com/.well-known/openid-configuration
# Optional customization
OIDC_PROVIDER_ID=oidc
OIDC_SCOPES=openid email profile
OIDC_PKCE=trueMetaMCP has been tested with popular OIDC providers:
- Auth0:
https://your-domain.auth0.com/.well-known/openid-configuration - Keycloak:
https://your-keycloak.com/realms/your-realm/.well-known/openid-configuration - Azure AD:
https://login.microsoftonline.com/your-tenant-id/v2.0/.well-known/openid-configuration - Google:
https://accounts.google.com/.well-known/openid-configuration - Okta:
https://your-domain.okta.com/.well-known/openid-configuration
- π PKCE (Proof Key for Code Exchange) enabled by default
- π‘οΈ Authorization Code Flow with automatic user creation
- π Auto-discovery of OIDC endpoints
- πͺ Seamless session management with existing auth system
Once configured, users will see a "Sign in with OIDC" button on the login page alongside the email/password form. The authentication flow automatically creates new users on first login.
For more detailed configuration examples and troubleshooting, see CONTRIBUTING.md.
If you want to deploy it to a online service or a VPS, a instance of at least 2GB-4GB of memory is required. And the larger size, the better performance.
Since MCP leverages SSE for long connection, if you are using reverse proxy like nginx, please refer to an example setup nginx.conf.example
- Frontend: Next.js
- Backend: Express.js with tRPC, hosting MCPs through TS SDK and internal proxy
- Auth: Better Auth
- Structure: Standalone monorepo with Turborepo and Docker publishing
Note: Prompts and resources follow similar patterns to tools.
sequenceDiagram
participant MCPClient as MCP Client (e.g., Claude Desktop)
participant MetaMCP as MetaMCP Server
participant MCPServers as Installed MCP Servers
MCPClient ->> MetaMCP: Request list tools
loop For each listed MCP Server
MetaMCP ->> MCPServers: Request list_tools
MCPServers ->> MetaMCP: Return list of tools
end
MetaMCP ->> MetaMCP: Aggregate tool lists & apply middleware
MetaMCP ->> MCPClient: Return aggregated list of tools
MCPClient ->> MetaMCP: Call tool
MetaMCP ->> MCPServers: call_tool to target MCP Server
MCPServers ->> MetaMCP: Return tool response
MetaMCP ->> MCPClient: Return tool response
Potential next steps:
- π Headless Admin API access
- π Dynamically apply search rules on MetaMCP endpoints
- π οΈ More middlewares
- π¬ Chat/Agent Playground
- π§ͺ Testing & Evaluation for MCP tool selection optimization
- β‘ Dynamically generate MCP servers
See README-i18n.md
Currently en and zh locale are supported, but welcome contributions.
We welcome contributions! See details at CONTRIBUTING.md
MIT
Would appreciate if you mentioned with back links if your projects use the code.
Some code inspired by:
Not directly used the code by took ideas from
![@dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=64&v=4){kind=small}