mcp-security-gateway

> FastAPI gateway for governing MCP tool access with auth, policy enforcement, approvals, rate limiting, and audit-friendly request logs.

[](https://www.python.org/) [](https://fastapi.tiangolo.com/) [](#)

Teams want agents to call MCP tools in production. The missing layer is usually control:

• who is allowed to call which MCP server
• which tools require approval
• what happens when a request exceeds scope or rate limits
• how sensitive arguments are redacted before they hit logs
• how incidents are created when policy is violated

MCP Security Gateway models that missing layer as a backend-first service.

• policy enforcement around MCP tool access, not just model inference
• deterministic guardrails for high-risk tools and privileged scopes
• approval routing for risky requests
• audit logs with secret redaction
• per-key rate limiting with Redis-ready state
• operator-friendly visibility into requests, incidents, and decisions

• GET /health
• GET /me
• GET /mcp-servers
• GET /policies
• GET /requests
• GET /requests/{request_id}
• POST /requests
• GET /approvals
• POST /approvals/{approval_id}/decision
• GET /incidents

python -m venv .venv
.venv\Scripts\activate
pip install -e .
pip install pytest httpx
uvicorn mcp_security_gateway.main:app --reload

Open:

• http://127.0.0.1:8000/docs
• http://127.0.0.1:8000/dashboard

• gateway operator: msg-ops-demo
• security admin: msg-security-demo
• platform admin: msg-platform-demo

docker compose up --build

This starts: