freemcplab / 目录 / 演练场 / MCP Gateway & Registry

● 社区 agentic-community 🔑 需要你的密钥

MCP Gateway & Registry

Name: MCP Gateway & Registry MCP Server
Author: agentic-community

作者 agentic-community · agentic-community/mcp-gateway-registry

One HTTP endpoint that fronts every internal MCP server — central auth, per-team namespaces, audit log, and a web UI for discovery.

Instead of giving every developer a list of stdio configs, run this gateway once: it registers child MCP servers, brokers connections, enforces auth, and exposes a discovery UI. Developers point Claude at one URL.

▶ 观看演示 📦 安装 💡 使用场景

为什么要用

核心特性

Single HTTP/SSE endpoint fronts many MCPs
Per-user / per-team auth (OIDC, tokens)
Registry UI listing available servers
Centralized audit log of every tool call
Rate limiting and quotas per principal
Hot-reload server config without client restart

实时演示

实际使用效果

就绪

安装

选择你的客户端

~/Library/Application Support/Claude/claude_desktop_config.json · Windows: %APPDATA%\Claude\claude_desktop_config.json

{
  "mcpServers": {
    "mcp-gateway-registry": {
      "command": "docker",
      "args": [
        "run",
        "-p",
        "8080:8080",
        "-e",
        "GATEWAY_TOKEN",
        "ghcr.io/agentic-community/mcp-gateway-registry:latest"
      ],
      "env": {
        "GATEWAY_TOKEN": "${GATEWAY_TOKEN}"
      }
    }
  }
}

打开 Claude Desktop → Settings → Developer → Edit Config。保存后重启应用。

~/.cursor/mcp.json · .cursor/mcp.json

{
  "mcpServers": {
    "mcp-gateway-registry": {
      "command": "docker",
      "args": [
        "run",
        "-p",
        "8080:8080",
        "-e",
        "GATEWAY_TOKEN",
        "ghcr.io/agentic-community/mcp-gateway-registry:latest"
      ],
      "env": {
        "GATEWAY_TOKEN": "${GATEWAY_TOKEN}"
      }
    }
  }
}

Cursor 使用与 Claude Desktop 相同的 mcpServers 格式。项目级配置优先于全局。

VS Code → Cline → MCP Servers → Edit

{
  "mcpServers": {
    "mcp-gateway-registry": {
      "command": "docker",
      "args": [
        "run",
        "-p",
        "8080:8080",
        "-e",
        "GATEWAY_TOKEN",
        "ghcr.io/agentic-community/mcp-gateway-registry:latest"
      ],
      "env": {
        "GATEWAY_TOKEN": "${GATEWAY_TOKEN}"
      }
    }
  }
}

点击 Cline 侧栏中的 MCP Servers 图标，然后选 "Edit Configuration"。

~/.codeium/windsurf/mcp_config.json

{
  "mcpServers": {
    "mcp-gateway-registry": {
      "command": "docker",
      "args": [
        "run",
        "-p",
        "8080:8080",
        "-e",
        "GATEWAY_TOKEN",
        "ghcr.io/agentic-community/mcp-gateway-registry:latest"
      ],
      "env": {
        "GATEWAY_TOKEN": "${GATEWAY_TOKEN}"
      }
    }
  }
}

格式与 Claude Desktop 相同。重启 Windsurf 生效。

~/.continue/config.json

{
  "mcpServers": [
    {
      "name": "mcp-gateway-registry",
      "command": "docker",
      "args": [
        "run",
        "-p",
        "8080:8080",
        "-e",
        "GATEWAY_TOKEN",
        "ghcr.io/agentic-community/mcp-gateway-registry:latest"
      ]
    }
  ]
}

Continue 使用服务器对象数组，而非映射。

~/.config/zed/settings.json

{
  "context_servers": {
    "mcp-gateway-registry": {
      "command": {
        "path": "docker",
        "args": [
          "run",
          "-p",
          "8080:8080",
          "-e",
          "GATEWAY_TOKEN",
          "ghcr.io/agentic-community/mcp-gateway-registry:latest"
        ]
      }
    }
  }
}

加入 context_servers。Zed 保存后热重载。

claude mcp add mcp-gateway-registry -- docker run -p 8080:8080 -e GATEWAY_TOKEN ghcr.io/agentic-community/mcp-gateway-registry:latest

一行命令搞定。用 claude mcp list 验证，claude mcp remove 卸载。

使用场景

实战用法： MCP Gateway & Registry

Roll out MCP to a 200-person eng org

👤 Developers ⏱ ~15 min intermediate

何时使用： Different teams want different MCPs; you want central control without manual configs per dev.

步骤

Deploy

Stand up the gateway; wire it to your IdP.✓ 已复制

→ Login works
Register MCPs

In the registry UI, add github, linear, sentry, internal-api MCPs with per-team scopes.✓ 已复制

→ Servers visible
Onboard

Devs point Claude at https://mcp.corp/sse; gateway authorizes.✓ 已复制

→ Devs use only what their team is allowed

结果： Centralized rollout with per-team scopes and one config to ship to clients.

Audit every MCP tool call across the org

👤 Developers ⏱ ~15 min intermediate

何时使用： Security needs an answer to "who called what tool when".

步骤

Enable audit sink

Configure gateway to ship logs to your SIEM.✓ 已复制

→ Logs flowing
Query

Search for tool calls touching production resources in last 24h.✓ 已复制

→ Per-user trail returned

结果： Complete audit trail of MCP usage org-wide.

组合

与其他 MCP 搭配，撬动十倍杠杆

mcp-gateway-registry + github-mcp

Combine mcp-gateway-registry with github-mcp: Register the official GitHub MCP behind the gateway with read-only org scope✓ 已复制

工具

此 MCP 暴露的能力

工具	输入参数	何时调用	成本
gateway-passthrough	(see docs)	Tools are whatever the registered child servers expose	1 call

成本与限制

运行它的成本

API 配额: Bound by gateway host
每次调用 Token 数: Same as underlying tools
费用: Free OSS; your hosting
提示: Set per-principal quotas to prevent runaway agents

安全

权限、密钥、影响范围

最小权限： gateway-admin gateway-user

凭据存储： OIDC tokens; child-server credentials in vault

数据出站： Where each child MCP egresses

切勿授予： expose gateway publicly without OIDC

故障排查

常见错误与修复

Tool list empty

Check the principal has scope for at least one registered server

Slow first call

Gateway lazy-starts child servers; pre-warm hot ones

替代方案