metamcp
Verified Safeby metatool-ai
Overview
Dynamically aggregates multiple MCP servers into a unified MetaMCP server, applies middleware, and exposes them through configurable API endpoints.
Installation
docker compose up -dEnvironment Variables
- APP_URL
- DATABASE_URL
- BETTER_AUTH_SECRET
- NEXT_PUBLIC_APP_URL
- OIDC_CLIENT_ID
- OIDC_CLIENT_SECRET
- OIDC_DISCOVERY_URL
- OIDC_AUTHORIZATION_URL
- OIDC_PKCE
- OIDC_SCOPES
- OIDC_PROVIDER_ID
- TRANSFORM_LOCALHOST_TO_DOCKER_INTERNAL
- NODE_ENV
- POSTGRES_CA_CERT
- POSTGRES_HOST
- POSTGRES_PORT
- POSTGRES_USER
- POSTGRES_PASSWORD
- POSTGRES_DB
Security Notes
The project uses `helmet` and explicit CORS policies for different routers. OAuth 2.1 with PKCE is implemented following modern security recommendations for token generation, redirect URI validation, and secret handling. Rate limiting is present for OAuth endpoints, though it's in-memory and less robust for distributed deployments. Default secrets (`BETTER_AUTH_SECRET`, `POSTGRES_PASSWORD`) are hardcoded in `docker-compose.dev.yml` and `example.env` for convenience, but clearly marked for production changes. Public endpoints use `cors({ origin: true })` but rely on API key or OAuth for authorization. Overall, strong security practices are applied for its architectural pattern.
Similar Servers
klavis
Creates an AI agent that uses Klavis Strata to interact with Gmail and YouTube through MCP, demonstrating how to summarize a YouTube video and email the summary.
mcp-context-forge
A comprehensive Model Context Protocol (MCP) gateway and proxy that unifies REST, MCP, and A2A services, providing features like federation, virtual servers, rate-limiting, security, and an optional admin UI for managing web content and file conversions to markdown.
Unla
A lightweight and highly available gateway service that converts existing MCP Servers and APIs into services compliant with the MCP Protocol through configuration.
mcphub
A hub for managing, orchestrating, and providing a unified API for various Model Context Protocol (MCP) servers and their tools, including user management, OAuth services, and discovery of external servers.