mcp-gateway
Verified Safeby ragieai
Overview
A multi-tenant secure proxy for AI clients to Ragie Model Context Protocol (MCP) services with WorkOS authentication and role-based access control.
Installation
npx @ragieai/mcp-gatewayEnvironment Variables
- DATABASE_URL
- ENCRYPTION_KEY
- WORKOS_API_KEY
- WORKOS_AUTHORIZATION_SERVER_URL
- WORKOS_CLIENT_ID
Security Notes
The server uses strong cryptographic practices for API key encryption (AES-256-GCM, PBKDF2, SHA-256) with a randomly generated IV for each encryption and environment variables for secrets. Authentication is robust, involving JWT verification via WorkOS JWKS and an explicit WorkOS API call to validate user organization membership and roles, addressing a potential JWT limitation. Server-side filters prevent data access bypasses. No 'eval' or similar dangerous patterns were found in the provided code. The fixed salt for PBKDF2 is acceptable as it's used for deterministic key derivation from a strong master key, not for individual data encryption.
Similar Servers
mcp-gateway
A gateway or proxy server for managing and routing API requests, likely including authentication (OAuth) and JSON-RPC handling.
mcp-server-iris
Provides a Model Context Protocol (MCP) server for InterSystems IRIS database interaction, automation, and interoperability production management, allowing AI agents to query and control IRIS environments.
MCP-SERVER
Provides an MCP server for automated data analysis workflows including loading datasets, cleaning data, sentiment analysis, clustering, topic extraction, and generating comprehensive reports with visualizations for an AI client.
recallium
Recallium acts as a persistent memory layer for AI agents in IDEs, providing cross-project intelligence, document knowledge base integration, and structured memory recall to enhance AI coding assistants.