MCP Gateway

New
  • Published on Feb 17, 2026
  • 2 minute(s) read
Prev Next

The MCP Gateway acts as a proxy and Orchestration layer between clients and multiple backend MCP servers. It enforces Authentication and Authorization and applies PlainID Policy permissions at Runtime while routing tool and resource requests.
The MCP Gateway's key features are:

  • Multi-backend support: Routes requests to different MCP servers based on configuration.
  • Header forwarding: Forwards only explicitly allowed headers to backend servers.
  • OAuth support: Supports OAuth 2.0 authentication for MCP servers and PlainID.
  • Authorization enforcement: Integrates with PlainID to enforce fine-grained access control.
  • Health checks: Periodically validates connectivity to MCP servers.
  • Extensibility: Supports adding new MCP servers and updating forwarding rules with minimal configuration changes.

Configuration Structure

The main configuration file, config.yaml, is organized into the following sections.

MCP Servers

Defines the backend MCP servers that the gateway can connect to. Each server entry includes the following properties.

  • url: The endpoint of the MCP server.
  • transportType: The communication protocol, for example streamable-http or sse.
  • headersToForward: Optional. A list of HTTP headers to forward from the client to the MCP server, such as Authorization or X-User-Token.
  • headers: Optional. Static headers that are always sent to the MCP server.
  • oauth: Optional. OAuth 2.0 configuration for secure access.

Example

mcpServers:
  rag:
    url: "http://docker.for.mac.localhost:4000/mcp"
    transportType: "streamable-http"
    headersToForward:
      - "X-User-Token"
      - "X-Agent-Token"
      - "Authorization"
  db:
    url: "http://docker.for.mac.localhost:4001/sse"
    transportType: "sse"
    headers: {}

Integration with the PlainID Authorization Service

Defines the configuration required to integrate the MCP Gateway with the PlainID authorization service.

  • runtimeBaseURL: The base URL of the PlainID Runtime API
  • toolsAsset: The Asset name used for tools
  • clientID and clientSecret: Credentials used to authenticate with PlainID
  • emptyOnError: When set to true, the gateway returns empty results if an authorization error occurs
  • oauth: Optional. OAuth 2.0 configuration for authenticating with PlainID
  • headersToForward: A list of headers forwarded to the PlainID Runtime
  • dataFilter: Optional - Advanced filtering options for data access

Example

plainID:
  runtimeBaseURL: "https://piddemo.northcentralus.cloudapp.azure.com/api"
  toolsAsset: "Tools"
  clientID: "PAGX2CKMH6MJXE0EHZT1"
  clientSecret: "erFcFiIcwoKctxa8Z3vhOhmr2HZyPddfxyfU6TYH"
  emptyOnError: false
  oauth: {...}
  headersToForward:
    - "Authorization"
    - "X-User-Token"
    - "X-Agent-Token"

MCP Proxy

Defines the settings for the MCP Gateway HTTP server.

  • addr: The address and port on which the gateway listens, for example :5235.
  • pingInterval: The interval, in seconds, at which the gateway pings MCP servers to validate connectivity.

Example

mcpProxy:
  addr: ":5235"
  pingInterval: 10

Security Notes

  • Sensitive values such as client secrets and OAuth credentials must be stored securely and must not be committed to public repositories.
  • Only headers explicitly listed in headersToForward are forwarded to backend MCP servers, reducing the risk of sensitive data exposure.
Related articles