How do I install Gateway?

Gateway is a local plugin. Install it using npm package: @authzx/mcp-gateway and add the generated configuration snippet to your AI app's MCP config file. Then restart your AI app.

What credentials does Gateway need?

Gateway requires the following credentials or environment variables: YOUR_API_KEY. You can find setup instructions on the server detail page.

What AI apps work with Gateway?

Gateway uses the Model Context Protocol (MCP) and works with any MCP-compatible AI app, including Claude, ChatGPT / Codex, Gemini, Copilot, Cursor, and more.

Back to Browse

Gateway MCP Server

by Authzx

Developer ToolsLow Risk10.0MCP RegistryLocal

Free

Server data from the Official MCP Registry

AuthzX MCP Gateway — policy-enforcing proxy between AI agents and MCP servers

About

AuthzX MCP Gateway — policy-enforcing proxy between AI agents and MCP servers

Security Report

10.0

Low Risk10.0Low Risk

Valid MCP server (4 strong, 10 medium validity signals). No known CVEs in dependencies. Imported from the Official MCP Registry. 1 finding(s) downgraded by scanner intelligence.

10 files analyzed · 1 issue found

Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.

Permissions Required

This plugin requests these system permissions. Most are normal for its category.

database

Check that this permission is expected for this type of plugin.

env_vars

Check that this permission is expected for this type of plugin.

HTTP Network Access

Connects to external APIs or services over the internet.

file_system

Check that this permission is expected for this type of plugin.

What You'll Need

Set these up before or after installing:

Your API key for the serviceRequired

Environment variable: YOUR_API_KEY

How to Install

Add this to your MCP configuration file:

{
  "mcpServers": {
    "io-github-authzx-mcp-gateway": {
      "env": {
        "YOUR_API_KEY": "your-your-api-key-here"
      },
      "args": [
        "-y",
        "@authzx/mcp-gateway"
      ],
      "command": "npx"
    }
  }
}

Documentation

View on GitHub

From the project's GitHub README.

AuthzX MCP Gateway

Authorization gateway for AI agents and MCP tool calls.

Open-source. Drop-in. Works with any MCP client.

Why

AI agents connected to MCP servers can call any tool they have access to — read your database, delete files, execute arbitrary SQL. AuthzX MCP Gateway puts a policy enforcement point between the agent and those tools, so every call is authorized before it executes.

What it does

Sits between MCP clients (Claude Code, Cursor, VS Code, GitHub Copilot) and any MCP server
Intercepts every tool call and checks authorization before forwarding
Two modes: cloud (AuthzX Cloud API) and local (AuthzX Agent + .rego policy file)
Full audit trail of every tool invocation — subject, tool name, arguments, and decision are logged as structured JSON:

{"ts":"2026-05-25T10:03:11.482Z","level":"info","msg":"mcp_tool_call","subject":"agent:ai-assistant","tool":"database__query","allowed":true,"latency_ms":0.8}

Quick Start

Install and start the AuthzX Agent. The agent runs locally and evaluates your authorization policy — no cloud account needed.

go install github.com/authzx/agent/cmd/agent@latest
authzx-agent --policy ./policy.rego

Create a policy.rego to define what your agent can do:

package authzx.mcp

default allow := false

# Allow read-only tools
allow if { input.resource.name == "database__query" }
allow if { input.resource.name == "database__list_tables" }

# Allow writes, but block destructive SQL
allow if {
    input.resource.name == "database__execute"
    not contains(lower(input.resource.attributes.sql), "drop")
    not contains(lower(input.resource.attributes.sql), "delete from")
}

See demo/policies/ for more examples including Kubernetes namespace protection.

Create a gateway.config.json:

{
  "authzx": {
    "agentUrl": "http://localhost:8181"
  },
  "subject": "agent:ai-assistant",
  "servers": {
    "database": {
      "command": "node",
      "args": ["./my-database-mcp-server.js"]
    }
  }
}

Add to your MCP client (e.g. Claude Code):

claude mcp add --transport stdio authzx-gateway -- \
  npx authzx-mcp-gateway --config /path/to/gateway.config.json

Configuration

Config schema

Field	Type	Required	Description
`authzx.agentUrl`	string	*	URL of local AuthzX Agent (local mode)
`authzx.cloudUrl`	string	*	URL of AuthzX Cloud API (cloud mode)
`authzx.apiKey`	string		API key from AuthzX Cloud (or set `AUTHZX_API_KEY` env var)
`authzx.timeoutMs`	number		Authorization request timeout (default: 5000)
`subject`	string	yes	Identity of the agent making tool calls
`subjectType`	string		Subject type (default: `"agent"`)
`resourceType`	string		Resource type for authorization checks (default: `"mcp_tool"`)
`servers`	object	yes	Map of downstream MCP servers to proxy

* Provide either agentUrl (local mode) or cloudUrl (cloud mode).

Each entry in servers has:

Field	Type	Required	Description
`command`	string	yes	Command to spawn the MCP server
`args`	string[]		Command arguments
`env`	object		Additional environment variables

Modes

Cloud mode

Connect to AuthzX Cloud for managed policies:

{
  "authzx": {
    "cloudUrl": "https://api.authzx.com/v1/authorize",
    "apiKey": "azx_..."
  },
  "subject": "agent:prod-assistant",
  "servers": {
    "database": {
      "command": "node",
      "args": ["./db-server.js"]
    }
  }
}

Local mode

Run the AuthzX Agent locally with a .rego policy file for offline, self-contained authorization:

# Start the agent with your policy
authzx-agent --policy ./policy.rego

{
  "authzx": {
    "agentUrl": "http://localhost:8181"
  },
  "subject": "agent:dev-assistant",
  "servers": {
    "database": {
      "command": "node",
      "args": ["./db-server.js"]
    }
  }
}

CLI Flags

Flag	Description
`--config <path>`	Path to gateway config file (default: `./gateway.config.json`)
`--list-tools`	List all tools from configured downstream servers and exit
`--generate-policy [path]`	Generate a starter .rego policy file for the configured tools (default: `policy.rego`)

Environment variable overrides: AUTHZX_API_KEY, AUTHZX_AGENT_URL, AUTHZX_SUBJECT.

MCP Client Setup

The gateway runs as a stdio MCP server. Point your MCP client at it instead of the downstream server directly.

Claude Code

claude mcp add --transport stdio authzx-gateway -- \
  npx authzx-mcp-gateway --config /path/to/gateway.config.json

Cursor

Add to .cursor/mcp.json:

{
  "mcpServers": {
    "authzx-gateway": {
      "command": "npx",
      "args": ["authzx-mcp-gateway", "--config", "/path/to/gateway.config.json"]
    }
  }
}

Claude Desktop

Add to ~/Library/Application Support/Claude/claude_desktop_config.json:

{
  "mcpServers": {
    "authzx-gateway": {
      "command": "npx",
      "args": ["authzx-mcp-gateway", "--config", "/path/to/gateway.config.json"]
    }
  }
}

VS Code / GitHub Copilot

Add to .vscode/mcp.json:

{
  "servers": {
    "authzx-gateway": {
      "type": "stdio",
      "command": "npx",
      "args": ["authzx-mcp-gateway", "--config", "/path/to/gateway.config.json"]
    }
  }
}

See demo/ for full end-to-end examples with sample policies.

Feedback

GitHub Issues — Bug reports and feature requests
Documentation — Guides and API reference

License

Apache-2.0 — see LICENSE.

Reviews

No reviews yet

Be the first to review this server!

More Developer Tools MCP Servers

Git

Free

by Modelcontextprotocol · Developer Tools

Read, search, and manipulate Git repositories programmatically

Toleno

Free

by Toleno · Developer Tools

Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.

mcp-creator-python

Free

by mcp-marketplace · Developer Tools

Create, build, and publish Python MCP servers to PyPI — conversationally.

Gateway MCP Server

About

Security Report

Findings (1)

Permissions Required

What You'll Need

How to Install

Documentation

AuthzX MCP Gateway

Why

What it does

Quick Start

Configuration

Config schema

Modes

Cloud mode

Local mode

CLI Flags

MCP Client Setup

Claude Code

Cursor

Claude Desktop

VS Code / GitHub Copilot

Feedback

License

Reviews

No reviews yet

More Developer Tools MCP Servers

Git

Toleno

mcp-creator-python

MarkItDown

mcp-creator-typescript

FinAgent