Unla
Verified Safeby AmoyLab
Overview
A lightweight and highly available gateway service that converts existing MCP Servers and APIs into services compliant with the MCP Protocol through configuration.
Installation
export APISERVER_JWT_SECRET_KEY="changeme-please-generate-a-random-secretEnvironment Variables
- APISERVER_JWT_SECRET_KEY
- SUPER_ADMIN_USERNAME
- SUPER_ADMIN_PASSWORD
- ENV
- TZ
- GATEWAY_STORAGE_TYPE
- GATEWAY_DB_TYPE
- APISERVER_DB_TYPE
- VITE_MCP_GATEWAY_BASE_URL
- VITE_DIRECT_MCP_GATEWAY_MODIFIER
- LLM_CONFIG_ADMIN_ONLY
Security Notes
The project uses environment variables for sensitive data like JWT secrets and admin passwords, which is good practice. Authentication (JWT, OAuth) and authorization are implemented. Templating for requests/responses (e.g., `{{args.xxx}}`) is handled by Go's `text/template`, which is generally safe against code injection. The ability to import OpenAPI specifications is powerful but relies on the integrity of the imported spec; the gateway's parsing and routing logic needs to be robust to prevent exploits from malformed specs. CORS configuration is explicitly handled.
Similar Servers
mcpo
Exposes Model Context Protocol (MCP) tools as OpenAPI-compatible HTTP servers for integration with LLM agents and other applications.
mcp-context-forge
A comprehensive Model Context Protocol (MCP) gateway and proxy that unifies REST, MCP, and A2A services, providing features like federation, virtual servers, rate-limiting, security, and an optional admin UI for managing web content and file conversions to markdown.
mcphub
A hub for managing, orchestrating, and providing a unified API for various Model Context Protocol (MCP) servers and their tools, including user management, OAuth services, and discovery of external servers.
toolhive-registry-server
The ToolHive Registry Server acts as a central metadata hub for enterprises to curate, discover, and govern Model Context Protocol (MCP) servers, providing a unified catalog from various sources with built-in security and auditability.