mcp-api-gateway
A universal MCP server that integrates any API with Claude Desktop by pointing it at a Swagger/OpenAPI spec, automatically generating tools for interaction.
README
api-gateway
A universal MCP (Model Context Protocol) server to integrate any API with Claude Desktop using only Docker configurations. Point it at any Swagger/OpenAPI spec and it automatically generates tools that Claude can use.
Available on the Docker MCP Toolkit.
Quick Installation
Using Docker MCP Toolkit (Recommended)
The easiest way to get started is through the Docker MCP Toolkit, which provides one-click setup with Docker Desktop.
Using Docker Hub
Add to your claude_desktop_config.json:
{
"mcpServers": {
"my-api": {
"command": "docker",
"args": [
"run", "--rm", "-i", "--pull", "always",
"-e", "API_1_NAME=my-api",
"-e", "API_1_SWAGGER_URL=https://api.example.com/swagger.json",
"-e", "API_1_BASE_URL=https://api.example.com/v1",
"-e", "API_1_HEADER_AUTHORIZATION=Bearer YOUR_TOKEN",
"rflpazini/mcp-api-gateway:latest"
]
}
}
}
Using npx
API_1_NAME=my-api \
API_1_SWAGGER_URL=https://api.example.com/swagger.json \
API_1_BASE_URL=https://api.example.com/v1 \
npx mcp-api-gateway
Local Build
git clone https://github.com/rflpazini/mcp-api-gateway
cd mcp-api-gateway
docker build -t mcp-api-gateway .
docker run --rm -it \
-e API_1_NAME=test \
-e API_1_SWAGGER_URL=https://petstore.swagger.io/v2/swagger.json \
-e API_1_BASE_URL=https://petstore.swagger.io/v2 \
mcp-api-gateway
Configuration
Core Variables
| Variable | Description | Required | Default |
|---|---|---|---|
API_N_NAME |
Unique API name | Yes | — |
API_N_SWAGGER_URL |
Swagger/OpenAPI spec URL | Yes | — |
API_N_BASE_URL |
API base URL (overrides spec) | No | From spec |
API_N_HEADER_* |
Custom headers (e.g., API_1_HEADER_AUTHORIZATION) |
No | — |
API_N_HEADERS |
JSON object with multiple headers | No | — |
Performance Tuning
For large APIs with hundreds of endpoints, these variables reduce the tool list payload sent to Claude:
| Variable | Description | Default |
|---|---|---|
API_N_TOOL_MODE |
individual (one tool per endpoint) or grouped (group by resource/tag) |
individual |
API_N_SCHEMA_MODE |
full (complete schemas) or compact (strips large enums, moves optional params to descriptions) |
full |
API_N_PATH_PREFIX |
Comma-separated path prefixes to include (e.g., /api/v3/users,/api/v3/orders) |
All paths |
API_N_TAGS |
Comma-separated OpenAPI tags to include (e.g., Users,Orders) |
All tags |
API_N_EXCLUDE_PARAMS |
Comma-separated parameter names to strip from schemas (e.g., _clientRegion,_platform) |
None |
Reliability
| Variable | Description | Default |
|---|---|---|
API_N_TIMEOUT |
Request timeout in milliseconds | 30000 |
API_N_MAX_RETRIES |
Max retry attempts for 429/5xx errors (exponential backoff) | 3 |
MAX_RESPONSE_SIZE |
Max response size in bytes before truncation | 102400 |
Performance Results
Tested with a 925-endpoint enterprise API:
| Configuration | Tools | Payload | Reduction |
|---|---|---|---|
| No optimization | 1093 | 2,269 KB | — |
SCHEMA_MODE=compact |
1093 | 633 KB | 72% |
TOOL_MODE=grouped |
53 | 184 KB | 92% |
PATH_PREFIX + compact |
94 | 50 KB | 98% |
Recommendation: Use API_N_TOOL_MODE=grouped for any API with more than 50 endpoints.
Examples
Simple API with Authentication
{
"mcpServers": {
"github-api": {
"command": "docker",
"args": [
"run", "--rm", "-i",
"-e", "API_1_NAME=github",
"-e", "API_1_SWAGGER_URL=https://api.github.com/swagger.json",
"-e", "API_1_HEADER_AUTHORIZATION=token ghp_xxxxxxxxxxxx",
"rflpazini/mcp-api-gateway:latest"
]
}
}
}
Large API with Grouped Tools
{
"mcpServers": {
"enterprise-api": {
"command": "docker",
"args": [
"run", "--rm", "-i",
"-e", "API_1_NAME=myapi",
"-e", "API_1_SWAGGER_URL=https://api.company.com/v3/api-docs",
"-e", "API_1_BASE_URL=https://api.company.com",
"-e", "API_1_TOOL_MODE=grouped",
"-e", "API_1_SCHEMA_MODE=compact",
"-e", "API_1_HEADER_AUTHORIZATION=Bearer your_token",
"rflpazini/mcp-api-gateway:latest"
]
}
}
}
Multiple APIs
Configure multiple APIs by incrementing the index (API_1_*, API_2_*, API_3_*):
{
"mcpServers": {
"company-apis": {
"command": "docker",
"args": [
"run", "--rm", "-i",
"-e", "API_1_NAME=users",
"-e", "API_1_SWAGGER_URL=https://api.company.com/users/swagger.json",
"-e", "API_1_HEADER_X_API_KEY=users_key_123",
"-e", "API_2_NAME=products",
"-e", "API_2_SWAGGER_URL=https://api.company.com/products/openapi.yaml",
"-e", "API_2_HEADER_AUTHORIZATION=Bearer products_token",
"-e", "API_3_NAME=orders",
"-e", "API_3_SWAGGER_URL=https://api.company.com/orders/spec.json",
"-e", "API_3_HEADERS={\"Authorization\":\"Bearer token\",\"X-Tenant\":\"company123\"}",
"rflpazini/mcp-api-gateway:latest"
]
}
}
}
Filtered Endpoints
Only load specific parts of a large API:
{
"mcpServers": {
"filtered-api": {
"command": "docker",
"args": [
"run", "--rm", "-i",
"-e", "API_1_NAME=myapi",
"-e", "API_1_SWAGGER_URL=https://api.company.com/swagger.json",
"-e", "API_1_PATH_PREFIX=/api/v3/users,/api/v3/orders",
"-e", "API_1_SCHEMA_MODE=compact",
"-e", "API_1_EXCLUDE_PARAMS=_clientRegion,_platform",
"rflpazini/mcp-api-gateway:latest"
]
}
}
}
Local Swagger File
Mount a local Swagger file into the container:
{
"mcpServers": {
"local-api": {
"command": "docker",
"args": [
"run", "--rm", "-i",
"-v", "/path/to/swagger.yaml:/swagger.yaml",
"-e", "API_1_NAME=local-api",
"-e", "API_1_SWAGGER_URL=file:///swagger.yaml",
"-e", "API_1_BASE_URL=http://host.docker.internal:3000",
"rflpazini/mcp-api-gateway:latest"
]
}
}
}
Features
Cookie-Based Authentication
The server automatically persists cookies across requests. When an API returns Set-Cookie headers (e.g., after a login call), those cookies are stored and replayed on subsequent requests to the same API. No configuration needed.
Grouped Tools
When API_N_TOOL_MODE=grouped is set, endpoints are automatically grouped into resource tools:
- Tagged APIs: Groups by OpenAPI tag (e.g., all
/usersendpoints become onemyapi_Userstool) - Untagged APIs: Infers groups from path structure (e.g.,
/pets,/store) - Each grouped tool lists available operations in its description, and the LLM selects which one to call via an
operationparameter
Health Check
A built-in check_api_health tool lets Claude verify API connectivity. It pings each configured API's base URL and reports reachability, HTTP status, and response time.
Retry with Backoff
Failed requests (429, 500, 502, 503, 504) are automatically retried with exponential backoff. The server honors Retry-After headers from rate-limited APIs.
Using in Claude
Available Commands
- View available APIs: "What APIs are configured?"
- Explore endpoints: "How do I create a user?" / "What parameters do I need?"
- Execute operations: "Create a user named John with email john@email.com"
- Check health: "Is the API reachable?"
Security
Best Practices
- Never commit tokens: Use environment variables or secrets
- Use limited scope tokens: Only necessary permissions
- Rotate tokens regularly: Update your tokens periodically
- Always use HTTPS: Ensure your APIs use HTTPS
Docker Image Security
The production image uses Google Distroless as the runtime base:
- No shell, no package manager, no OS utilities
- Runs as non-root user
- 0 known vulnerabilities
- Node.js 24 LTS (supported until April 2028)
Troubleshooting
API not showing up
- Check if the Swagger URL is accessible from the container
- Confirm environment variables are correct (especially
API_N_SWAGGER_URL) - Check logs:
docker logs <container_id>
Authentication error
- Verify token is correct
- Confirm header format (Bearer, Basic, etc)
- For cookie-based auth: ensure the login endpoint is called first
Too many tools / slow startup
- Use
API_N_TOOL_MODE=groupedto reduce tool count - Use
API_N_PATH_PREFIXorAPI_N_TAGSto filter endpoints - Use
API_N_SCHEMA_MODE=compactto reduce schema size
Request timeouts
- Increase timeout:
API_N_TIMEOUT=60000 - Check API latency directly
Contributing
PRs are welcome! Some ideas:
- [ ] OAuth authentication support
- [ ] Smart response caching
- [ ] WebSocket support
- [ ] Web configuration interface
- [ ] Metrics and observability
License
MIT License - see LICENSE file for details.
Recommended Servers
playwright-mcp
A Model Context Protocol server that enables LLMs to interact with web pages through structured accessibility snapshots without requiring vision models or screenshots.
Magic Component Platform (MCP)
An AI-powered tool that generates modern UI components from natural language descriptions, integrating with popular IDEs to streamline UI development workflow.
Audiense Insights MCP Server
Enables interaction with Audiense Insights accounts via the Model Context Protocol, facilitating the extraction and analysis of marketing insights and audience data including demographics, behavior, and influencer engagement.
VeyraX MCP
Single MCP tool to connect all your favorite tools: Gmail, Calendar and 40 more.
graphlit-mcp-server
The Model Context Protocol (MCP) Server enables integration between MCP clients and the Graphlit service. Ingest anything from Slack to Gmail to podcast feeds, in addition to web crawling, into a Graphlit project - and then retrieve relevant contents from the MCP client.
Kagi MCP Server
An MCP server that integrates Kagi search capabilities with Claude AI, enabling Claude to perform real-time web searches when answering questions that require up-to-date information.
E2B
Using MCP to run code via e2b.
Neon Database
MCP server for interacting with Neon Management API and databases
Qdrant Server
This repository is an example of how to create a MCP server for Qdrant, a vector search engine.
Exa Search
A Model Context Protocol (MCP) server lets AI assistants like Claude use the Exa AI Search API for web searches. This setup allows AI models to get real-time web information in a safe and controlled way.