ContextForge MCP Gateway - Frequently Asked QuestionsΒΆ
β‘ QuickstartΒΆ
π How can I install and run MCP Gateway in one command?
PyPI (pipx / uvx makes an isolated venv):
# Using pipx - pip install pipx
pipx run mcp-contextforge-gateway
# Or uvx - pip install uv (default: admin/changeme)
uvx --from mcp-contextforge-gateway mcpgateway --host 0.0.0.0 --port 4444
OCI image (Docker/Podman) - shares host network so localhost works:
ποΈ What URLs are available for the admin interface and API docs?
- Admin UI β http://localhost:4444/admin
- Swagger β http://localhost:4444/docs
- ReDoc β http://localhost:4444/redoc
π€ What is MCP (Model Context Protocol)?ΒΆ
π‘ What is MCP in a nutshell?
MCP is an open-source protocol released by Anthropic in Nov 2024 that lets language models invoke external tools via a typed JSON-RPC envelope. Community folks call it "USB-C for AI"-one connector for many models.
π Who supports MCP and what's the ecosystem like?
- Supported by GitHub & Microsoft Copilot, AWS Bedrock, Google Cloud Vertex AI, IBM watsonx, AgentBee, LangChain, CrewAI and 15,000+ community servers.
- Contracts enforced via JSON Schema.
- Multiple transports (STDIO, SSE, HTTP) - still converging.
π§° Media KitΒΆ
πΌοΈ I want to make a social media post, where can I find samples and logos?
See the provided media kit
π How do I describe the gateway in boilerplate copy?
"ContextForge MCP Gateway is an open-source reverse-proxy that unifies MCP and REST tool servers under a single secure HTTPS endpoint with discovery, auth and observability baked in."
π οΈ Installation & ConfigurationΒΆ
π§ What is the minimal .env setup required?
Then edit:
πͺ What are some advanced environment variables I can configure?
- Basic:
HOST
,PORT
,APP_ROOT_PATH
- Auth:
AUTH_REQUIRED
,BASIC_AUTH_*
,JWT_SECRET_KEY
- Logging:
LOG_LEVEL
,LOG_FORMAT
,LOG_TO_FILE
,LOG_FILE
,LOG_FOLDER
,LOG_ROTATION_ENABLED
,LOG_MAX_SIZE_MB
,LOG_BACKUP_COUNT
- Transport:
TRANSPORT_TYPE
,WEBSOCKET_PING_INTERVAL
,SSE_RETRY_TIMEOUT
- Tools:
TOOL_TIMEOUT
,MAX_TOOL_RETRIES
,TOOL_RATE_LIMIT
,TOOL_CONCURRENT_LIMIT
- Federation:
FEDERATION_ENABLED
,FEDERATION_PEERS
,FEDERATION_SYNC_INTERVAL
π Running & DeploymentΒΆ
π How do I run MCP Gateway locally using PyPI?
π³ How do I use the provided Makefile and Docker/Podman setup?
make podman # or make docker
make podman-run-ssl # or make docker-run-ssl
make podman-run-ssl-host # or make docker-run-ssl-host
Docker Compose is also available, ex: make compose-up
.
βοΈ How can I deploy MCP Gateway on Google Cloud Run, Code Engine, Kubernetes, AWS, etc?
See the Deployment Documentation for detailed deployment instructions across local, docker, podman, compose, AWS, Azure, GCP, IBM Cloud, Helm, Minikube, Kubernetes, OpenShift and more.
πΎ Databases & PersistenceΒΆ
ποΈ What databases are supported for persistence?
- SQLite (default) - used for development / small deployments.
- PostgreSQL / MySQL / MariaDB via
DATABASE_URL
. - Redis (optional) for caching and federation.
- Other databases supported by SQLAlchemy.
π¦ How do I persist SQLite across container restarts?
Include a persistent volume with your container or Kubernetes deployment. Ex:
For production use, we recommend PostgreSQL. A Docker Compose target with PostgreSQL and Redis is provided.
π Security & AuthΒΆ
π How do I disable authentication for development?
Set AUTH_REQUIRED=false
- disables login for local testing.
π How do I generate and use a JWT token?
export MCPGATEWAY_BEARER_TOKEN=$(python3 -m mcpgateway.utils.create_jwt_token \
--username admin@example.com --exp 10080 --secret my-test-key)
curl -H "Authorization: Bearer $MCPGATEWAY_BEARER_TOKEN" http://localhost:4444/tools
The token is used for all API interactions and can be configured to expire using -exp
.
π₯ How do I bulk import multiple tools at once?
Use the /admin/tools/import
endpoint to import up to 200 tools in a single request:
curl -X POST http://localhost:4444/admin/tools/import \
-H "Authorization: Bearer $TOKEN" \
-H "Content-Type: application/json" \
--data-binary @tools.json
See the Bulk Import guide for details on format and error handling.
π‘οΈ How do I enable TLS and configure CORS?
- Use
make podman-run-ssl
for self-signed certs or drop your own certificate undercerts
. - Set
ALLOWED_ORIGINS
orCORS_ENABLED
for CORS headers.
π How do I pass Authorization headers to upstream MCP servers when the gateway uses authentication?
When MCP Gateway uses authentication (JWT/Bearer/Basic/OAuth), there's a conflict if you need to pass different Authorization headers to upstream MCP servers.
Solution: Use X-Upstream-Authorization header
# Send X-Upstream-Authorization header - gateway automatically renames it to Authorization for upstream
curl -H "Authorization: Bearer $GATEWAY_TOKEN" \
-H "X-Upstream-Authorization: Bearer $UPSTREAM_TOKEN" \
-X POST http://localhost:4444/tools/invoke/my_tool \
-d '{"arguments": {}}'
The gateway will: 1. Use the Authorization
header for gateway authentication 2. Rename X-Upstream-Authorization
to Authorization
when forwarding to the upstream MCP server 3. This solves the header conflict and allows different auth tokens for gateway vs upstream
π‘ Tools, Servers & FederationΒΆ
β How do I register a tool with the gateway?
π How do I add a peer MCP gateway?
A "Gateway" is another MCP Server. The MCP Gateway itself is an MCP Server. This means you can add any MCP Server under "Gateways" and it will retrieve Tools/Resources/Prompts.
ποΈ What are virtual servers and how do I use them?
A Virtual Server is a MCP Server composed from Tools/Resources/Prompts from multiple servers. Add one or more MCP Servers under "Gateways", then select which Tools/Prompts/Resources to use to create your Virtual Server.
ποΈ Performance Tuning & ScalingΒΆ
βοΈ What environment variables affect performance?
TOOL_CONCURRENT_LIMIT
TOOL_RATE_LIMIT
WEBSOCKET_PING_INTERVAL
SSE_RETRY_TIMEOUT
π§΅ How do I scale the number of worker processes?
GUNICORN_WORKERS
(for Gunicorn)UVICORN_WORKERS
(for Uvicorn)
π How can I benchmark performance?
Use hey
against /rpc
with sample payloads from tests/hey
. Focus on p99 latency, error rate, and throughput.
π Observability & LoggingΒΆ
π How do I enable tracing and observability?
Use OpenTelemetry (OTLP) to export traces to Phoenix, Jaeger, Zipkin, Tempo, DataDog, etc.
export OTEL_ENABLE_OBSERVABILITY=true
export OTEL_TRACES_EXPORTER=otlp
export OTEL_EXPORTER_OTLP_ENDPOINT=http://localhost:4317
See the Observability docs for backend-specific setup. Admin UI also shows tool/server/prompt stats. A Prometheus /metrics
endpoint may be added later.
π What log formats are supported?
LOG_FORMAT=json
ortext
- Adjust with
LOG_LEVEL
π§ͺ Smoke Tests & TroubleshootingΒΆ
π« Is there a full test script I can run?
Yes - see the basic testing guide: Testing βΊ Basic.
π¨ What common errors should I watch for?
Symptom | Resolution |
---|---|
401 Unauthorized | Refresh token / check Authorization |
database is locked | Use Postgres / increase DB_POOL_SIZE |
already exists errors | Use Show inactive toggle in UI |
SSE drops every 30 s | Raise SSE_RETRY_TIMEOUT |
π» Integration RecipesΒΆ
π¦ How do I use MCP Gateway with LangChain?
π¦Ύ How do I connect GitHub's mcp-server-git via Translate Bridge?
π₯ MultiβTenancy & Migration (v0.7.0)ΒΆ
π How do I enable email/password login and teams?
Add the following to your .env
:
EMAIL_AUTH_ENABLED=true
PLATFORM_ADMIN_EMAIL=admin@example.com
PLATFORM_ADMIN_PASSWORD=changeme
AUTO_CREATE_PERSONAL_TEAMS=true
Upgrading from v0.7.0? Follow MIGRATION-0.7.0.md.
π Does basic auth still work?
Yes. Email auth is recommended for multiβtenancy; basic auth remains available. Use AUTH_REQUIRED
to enforce authentication.
π§© How do teams and visibility work?
Users belong to teams. Resources (servers, tools, prompts, resources) can be private
, team
, or public
. Assign via API or Admin UI. Use SSO mappings to autoβassign teams.
π SSO & Team MappingΒΆ
π₯ Can I autoβassign users to teams via SSO?
Yes. Use providerβspecific mappings to assign users on first login:
# GitHub
GITHUB_ORG_TEAM_MAPPING={"your-org": "team-id"}
# Google Groups
GOOGLE_GROUPS_MAPPING={"group@yourcompany.com": "team-id"}
# Okta
OKTA_GROUP_MAPPING={"MCP Gateway Users": "team-id"}
See the SSO guides under Manage βΊ SSO for details.
π§ Stdio WrapperΒΆ
π§° How do I use the stdio wrapper with Claude Desktop?
Configure a stdio server in your client:
{
"mcpServers": {
"mcpgateway-wrapper": {
"command": "python3",
"args": ["-m", "mcpgateway.wrapper"],
"env": {
"MCP_AUTH": "Bearer <your-token>",
"MCP_SERVER_URL": "http://localhost:4444/servers/UUID_OF_SERVER_1/mcp",
"MCP_TOOL_CALL_TIMEOUT": "120"
}
}
}
}
See: mcpgateway.wrapper.
π§Ύ Protocol VersionΒΆ
π Which MCP protocol version is supported?
You can choose the MCP protocol version (e.g., 2025-03-26
) when integrating. See README "Gateway Layer with Protocol Flexibility".
πΊοΈ RoadmapΒΆ
π§ What features are planned for future versions?
- π OAuth2 client-credentials upstream auth with full spec compliance
- π Dark-mode UI
- π§Ύ Add "Version and Environment Info" tab to Admin UI
- π Fine-grained role-based access control (RBAC) for Admin UI and API routes and per-virtual-server API keys
- π¦ Marketplace-style tool catalog with categories, tags, and search
- π Support for long-running / async tool executions with polling endpoints
- π UI-driven prompt and resource file management (upload/edit from browser)
- π οΈ Visual "tool builder" UI to design new tools with schema and auth interactively
- π§ͺ Auto-validation tests for registered tools (contract + mock invocation)
- π¨ Event subscription framework: trigger hooks or alerts on Gateway changes
- π§΅ Real-time tool logs and debug traces in Admin UI
- π§ Adaptive routing based on tool health, model, or load
- π Filterable tool invocation history with replay support
- π‘ Plugin-based architecture for custom transports or auth methods
Check out the Feature issues tagged enhancement
on GitHub for more upcoming features!
β Rarely Asked Questions (RAQ)ΒΆ
π Does MCP Gateway work on a Raspberry Pi?
Yes - build as arm64
and reduce RAM/workers.
π€ Contributing & CommunityΒΆ
π©π» How can I file issues or contribute?
Use GitHub Issues and CONTRIBUTING.md.
π§π What code style and CI tools are used?
- Pre-commit:
ruff
,black
,mypy
,isort
- Run
make lint
before PRs
π¬ Where can I chat or ask questions?
Join the GitHub Discussions board.
π Need more help?ΒΆ
Open an Issue or discussion on GitHub.