MuleSoft Code MCP
Remote MCP server for MuleSoft APIs that enables agents to discover operations and execute validated API calls with a fixed low-context tool surface.
README
MuleSoft Code MCP
Model Context Protocol (MCP) is a standardized way for LLMs to use external systems through tools. This repository provides a focused remote MCP server for MuleSoft APIs so agents can discover operations and execute validated API calls with a fixed low-context tool surface.
Design references:
The server supports streamable-http transport via /mcp.
Server in this Repository
| Server | Description | URL |
|---|---|---|
mulesoft-code-mcp |
Search + execute over MuleSoft operations with OAuth and write guardrails | http://127.0.0.1:3000/mcp |
Tools Exposed
| Tool | Purpose | Typical use |
|---|---|---|
search |
Finds ranked operations from Exchange portal + OpenID context | "list assets", "exchange api", "oauth token" |
execute |
Validates and executes operation by operation_id |
Read and write calls with typed validation |
auth_status |
Returns auth status for current caller | Preflight before execute |
Why Better Than Official MCP Patterns
Compared to official/provider MCP servers that expose many endpoint-specific tools, this implementation is better for agent execution quality:
- Lower context pressure: fixed
3tools instead of endpoint-tool explosion. - Better tool selection: agent maps intent with
search, then executes one explicitoperation_id. - Stronger safety: writes require both server policy and per-request confirmation token.
- Better runtime behavior: response truncation, read caching, and persisted catalog cache reduce latency and token waste.
Access from Any MCP Client
If your MCP client supports remote MCP directly:
{
"mcpServers": {
"mulesoft-code-mcp": {
"transport": "streamable_http",
"url": "http://127.0.0.1:3000/mcp",
"headers": {
"x-user-id": "default"
}
}
}
}
If your client needs a command bridge:
{
"mcpServers": {
"mulesoft-code-mcp": {
"command": "npx",
"args": ["mcp-remote", "http://127.0.0.1:3000/mcp"],
"env": {
"MCP_REMOTE_HEADERS": "{\"x-user-id\":\"default\"}"
}
}
}
}
Quick Start
cd mulesoft
npm install
npm run build
npm test
Seed access token from environment:
MULESOFT_ACCESS_TOKEN='<token>' npm run seed:token
Start server:
TOKEN_STORE_PATH=./data/tokens.integration.json \
TOKEN_ENCRYPTION_KEY_BASE64='<seed-output-key>' \
PORT=3000 HOST=127.0.0.1 npm run dev
Smoke test:
curl -sS http://127.0.0.1:3000/healthz
MCP_URL=http://127.0.0.1:3000/mcp USER_ID=default npm run smoke:mcp
Tool Calling Flow
- Call
auth_status. - Call
searchwith intent (for example,list exchange assets). - Pick an
operation_id. - Call
executewith required params. - For writes: call
dry_run=true, then replay withconfirm_write_tokenandALLOW_WRITES=true.
Example search input:
{
"query": "list exchange assets",
"limit": 5
}
Example read execute input:
{
"operation_id": "GET /exchange/api/v2/assets"
}
Example write execute dry run:
{
"operation_id": "DELETE /exchange/api/v2/assets/{assetId}",
"path_params": {
"assetId": "my-asset"
},
"dry_run": true
}
Configuration
Key environment variables:
ALLOW_WRITES(defaultfalse)REQUEST_TIMEOUT_MSMAX_RETRIESCATALOG_CACHE_PATHREAD_CACHE_TTL_MSEXECUTE_MAX_BODY_BYTESEXECUTE_BODY_PREVIEW_CHARS
See .env.example for the full set.
Safety Model
- Mutating methods are blocked unless
ALLOW_WRITES=true. - Mutating calls require
confirm_write_tokenfromdry_runfor exact request replay. - Sensitive headers and body fields are redacted.
Performance Model
- Fixed 3-tool MCP surface to keep context small.
- Persisted catalog cache enables fast startup and asynchronous refresh.
- Conditional refresh for upstream metadata where available.
- Short TTL cache for repeated read calls (
GET/HEAD). - Execute body truncation controls context overhead.
Troubleshooting
- MCP Inspector connect failure: confirm URL is
http://127.0.0.1:3000/mcpand server is running. AUTH_REQUIRED: seed token or complete OAuth bootstrap.- Write blocked: set
ALLOW_WRITES=trueand use returnedconfirm_write_token. - Sparse search results: include concrete resource terms (
exchange,assets,oauth).
Development
- Source:
src - Tests:
tests - References:
REFERENCES.md
Recommended Servers
playwright-mcp
A Model Context Protocol server that enables LLMs to interact with web pages through structured accessibility snapshots without requiring vision models or screenshots.
Magic Component Platform (MCP)
An AI-powered tool that generates modern UI components from natural language descriptions, integrating with popular IDEs to streamline UI development workflow.
Audiense Insights MCP Server
Enables interaction with Audiense Insights accounts via the Model Context Protocol, facilitating the extraction and analysis of marketing insights and audience data including demographics, behavior, and influencer engagement.
VeyraX MCP
Single MCP tool to connect all your favorite tools: Gmail, Calendar and 40 more.
graphlit-mcp-server
The Model Context Protocol (MCP) Server enables integration between MCP clients and the Graphlit service. Ingest anything from Slack to Gmail to podcast feeds, in addition to web crawling, into a Graphlit project - and then retrieve relevant contents from the MCP client.
Kagi MCP Server
An MCP server that integrates Kagi search capabilities with Claude AI, enabling Claude to perform real-time web searches when answering questions that require up-to-date information.
E2B
Using MCP to run code via e2b.
Neon Database
MCP server for interacting with Neon Management API and databases
Exa Search
A Model Context Protocol (MCP) server lets AI assistants like Claude use the Exa AI Search API for web searches. This setup allows AI models to get real-time web information in a safe and controlled way.
Qdrant Server
This repository is an example of how to create a MCP server for Qdrant, a vector search engine.