npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@mcp-s/secure-mcp-gateway

v1.0.9

Published

A secure, open-source OAuth gateway for MCP authentication

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

idan-webrixidan-webrixshalevshalitshalevshalit

Keywords

Readme

MCP-S Gateway

mcp-gateway is a secure gateway and integration layer for the Model Context Protocol (MCP). It provides a unified, enterprise-ready interface for connecting, managing, and extending MCP modules and services, with a focus on security and seamless integration.

Quick Start

1. Configure your MCP servers - Create mcp.json file in your project:

{
  "mcpServers": {
    "your-server": {
      "command": "npx",
      "args": ["-y", "@your-mcp-server"],
      "env": {
        "API_KEY": "your-api-key"
      }
    }
  }
}

2. Add your .env file using this example:

AUTH_SECRET=E/MAdDq0B1aX+MGNyVlEUk0WzRpCdimlCrUOKST1CxKH # Generate with command: openssl rand -base64 33
AUTH_PROVIDER=google
AUTH_GOOGLE_ID=...apps.googleusercontent.com
AUTH_GOOGLE_SECRET=GOCSPX-...

See Advanced Configuration for more.

3. Start with npx (Recommended):

# Default (uses ./mcp.json and ./.env)
npx @mcp-s/secure-mcp-gateway

# Custom configuration paths
npx @mcp-s/secure-mcp-gateway --mcp-config ./custom/mcp.json --envfile ./custom/.env

Or clone:

git clone https://github.com/mcp-s-ai/secure-mcp-gateway.git
cd secure-mcp-gateway
npm install && npm run start

4. Add to your MCP configuration:

For Cursor/Claude Desktop/VS Code - Add this to your MCP settings:

STDIO Configuration:

{
  "mcpServers": {
    "mcp-gateway": {
      "command": "npx",
      "args": ["-y", "@mcp-s/mcp"],
      "env": {
        "BASE_URL": "http://localhost:3000"
      }
    }
  }
}

StreamableHTTP Configuration:

{
  "mcpServers": {
    "mcp-gateway": {
      "url": "http://localhost:3000/mcp"
    }
  }
}

Features

  • Self-Hosted Gateway: Deploy within your own infrastructure for maximum control
  • OAuth Authentication: Secure authentication with any OAuth provider via Auth.js
  • TypeScript Support: Fully typed for robust development

Supports all MCP Connection Types:

  • STDIO: Standard input/output MCP servers

  • StreamableHTTP: HTTP-based streaming connections via http://localhost:3000/mcp (or https://<your-domain>/mcp for hosted deployments)

    Server Selection: You can connect to a specific MCP server by adding the ?server_name=XXX query parameter, where XXX is the name of the server from your mcp.json configuration. For example: http://localhost:3000/mcp?server_name=your-server

    Connect with your preferred AI client:

    | Client | Link | | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------- | | Claude | claude.ai | | Cursor | cursor.com | | Windsurf | codeium.com/windsurf | | VSCode | code.visualstudio.com | | Cline | cline.tools | | Highlight AI | highlightai.com | | Augment Code | augmentcode.com |

Deploy

Deploy the mcp-s gateway using npx:

  1. Set up your environment variables (see Advanced Configuration)
  2. Create your mcp.json configuration file
  3. Run npx @mcp-s/secure-mcp-gateway

For production deployments, consider using:

  • Process managers like PM2: pm2 start "npx @mcp-s/secure-mcp-gateway" --name mcp-gateway
  • Container orchestration (Docker, Kubernetes)
  • Cloud platforms (Heroku, Railway, Render)

Authentication Setup

mcp-gateway leverages the power of Auth.js, which supports 80+ OAuth providers out of the box. This makes Auth.js the perfect companion for an open-source project like mcp-gateway. Both libraries share the same commitment to flexibility, security, and developer experience. By integrating with Auth.js, we avoid reinventing authentication wheels and instead provide you with battle-tested, production-ready OAuth flows that work seamlessly across providers.

Simply set the AUTH_PROVIDER environment variable and provide the required credentials for your chosen provider - mcp-gateway handles the rest.

Documentation: Auth.js Google Provider

AUTH_SECRET=your-random-secret
AUTH_PROVIDER=google
AUTH_GOOGLE_ID=your-google-client-id
AUTH_GOOGLE_SECRET=your-google-client-secret

Documentation: Auth.js Okta Provider

AUTH_SECRET=your-random-secret
AUTH_PROVIDER=okta
AUTH_OKTA_ID=your-okta-client-id
AUTH_OKTA_SECRET=your-okta-client-secret
AUTH_OKTA_ISSUER=https://your-okta-domain.okta.com/oauth2/default

Documentation: Auth.js Azure AD Provider

AUTH_SECRET=your-random-secret
AUTH_PROVIDER=azure-ad
AUTH_AZURE_AD_ID=your-azure-client-id
AUTH_AZURE_AD_SECRET=your-azure-client-secret
AUTH_AZURE_AD_TENANT_ID=your-tenant-id-or-common

For other providers, see the Auth.js Providers documentation.

Advanced Configuration

Command Line Options

| Option | Description | Default Value | Example | | -------------- | -------------------------------------- | ------------- | ------------------------------------ | | --mcp-config | Path to MCP servers configuration file | ./mcp.json | --mcp-config ./config/servers.json | | --envfile | Path to environment variables file | ./.env | --envfile ./config/production.env |

Environment Variables

| Environment Variable | Description | Default Value | Required | | ------------------------ | ------------------------------------------------------------------------------------------------------------------ | ----------------------- | -------- | | PORT | Server port | 3000 | No | | BASE_URL | Base URL for the gateway | http://localhost:3000 | No | | AUTH_SECRET | Secret for signing/encrypting tokens (generate with openssl rand -base64 33) | - | Yes | | AUTH_PROVIDER | OAuth provider name | google | No | | TOKEN_EXPIRATION_TIME | Token expiration time in milliseconds | 86400000 (24h) | No | | DB_PATH | SQLite database file path | ./mcp.sqlite | No | | AUTH_[Provider]_ID | OAuth client ID for your provider | - | Yes | | AUTH_[Provider]_SECRET | OAuth client secret for your provider | - | Yes | | AUTH_[Provider]_* | Additional provider-specific variables (see Auth.js documentation) | - | Varies |

Troubleshooting

Issue: When using StreamableHTTP configuration in Cursor, tools don't appear even after successful authentication.

Solution: Make sure you have only one Cursor window open. Multiple Cursor windows can interfere with the MCP connection establishment.

  1. Close all Cursor windows
  2. Open a single Cursor window
  3. Retry the authentication process

Issue: You see the following error:

Error [ERR_UNKNOWN_BUILTIN_MODULE]: No such built-in module: node:sqlite

Solution: This error occurs when using an older version of Node.js. The node:sqlite module requires Node.js version 22 or higher.

Fix:

  1. Update Node.js to version 22 or later
  2. Verify your version: node --version
  3. Restart the gateway: npm run start

Installation options:

Hosted Solution

Visit mcp-s.com for our fully managed hosting solution with advanced features:

  • Zero Configuration: Get started in seconds without any setup
  • Enterprise-grade Security: Advanced SSO authentication for all MCP interactions
  • 20+ Pre-built Connectors: Fast plug-and-play integration with hundreds of tools
  • Roles & Permissions: Granular access control with custom role definitions
  • Monitoring & Analytics: Real-time insights into your MCP usage
  • High Availability: 99.9% uptime SLA with global CDN
  • Premium Support: Direct access to our engineering team
  • Custom Integrations: Build and deploy custom MCP connectors

Community

Have questions? Need help getting started? Want to share your MCP setup?

Join our Discord community where developers are actively helping each other with MCP gatway implementations, troubleshooting, and sharing best practices.

Join our Discord →

License

Released under the MIT License. Contributions welcome - star & fork!