mcp-composer

michaelfmnk/mcp-composer

3.2

If you are the rightful owner of mcp-composer and would like to certify it and/or have it hosted online, please leave a comment on the right or send an email to henry@mcphub.com.

MCP Composer is a multi-tenant MCP server that aggregates and manages multiple MCP servers for different users, enabling secure access through Google OAuth authentication.

MCP Composer

A multi-tenant MCP (Model Context Protocol) server that aggregates and manages multiple MCP servers for different users, enabling secure access through Google OAuth authentication.

Overview

MCP Composer acts as a centralized proxy that allows multiple users to configure and access their own MCP servers through a single endpoint. Each user authenticates via Google OAuth and only sees their own configured tools and resources.

Key Features

  • Multi-tenant Architecture: Each user has their own isolated MCP server configurations
  • Google OAuth Authentication: OAuth 2.1 flow integrated with Claude.AI
  • Flexible Server Support: Compatible with both HTTP and stdio-based MCP servers
  • MongoDB: User configurations and OAuth tokens are stored in MongoDB
  • MCP Isolation: Security middleware makes sure that users can access only their own MCPs

Use Cases

  • Share a single MCP endpoint across multiple team members with Claude.AI
  • Maintain separate tool configurations per user while using a common infrastructure
  • Secure access to private MCP with Google OAuth

Architecture

The project follows a clean architecture with dependency injection and no global state:

src/mcp_composer/
    auth/          # OAuth providers and security middleware
    database/      # MongoDB client and repositories
    server/        # MCP server management and proxy clients
    app.py         # Main application with dependency injection
    config.py      # Environment-based configuration
    models.py      # Pydantic data models
    main.py        # Application entry point

Key components:

  • McpComposerApp: Manages application lifecycle and dependency injection
  • MCPServerManager: Orchestrates server creation and user configuration loading
  • SecurityFilterMiddleware: Filters tools based on authenticated user
  • CustomProxyClient: Tracks tool ownership for multi-tenant isolation

Quick Start

Prerequisites

  • Python 3.11+
  • MongoDB instance
  • Google OAuth credentials (setup guide)

Local Development

  1. Clone the repository:
git clone git@github.com:michaelfmnk/mcp-composer.git
cd mcp-composer
  1. Create a .env file with required configuration:
GOOGLE_CLIENT_ID=your_client_id
GOOGLE_CLIENT_SECRET=your_client_secret
BASE_URL=http://localhost:8000
MONGODB_URI=mongodb://localhost:27017
MCP_HOST=0.0.0.0
MCP_PORT=8000
MCP_TRANSPORT=http
  1. Install dependencies and run:
uv sync
uv run mcp-composer

The server will start on http://localhost:8000.

Configuration

User MCP Server Configuration

User configurations are stored in MongoDB with the following structure:

{
  "_id": "user@example.com",
  "mcpServers": {
    "my-server": {
      "url": "https://example.com/mcp" 
    },
    "local-tool": {
      "command": "npx",                  
      "args": ["-y", "@modelcontextprotocol/server-filesystem"],
      "env": {
        "ALLOWED_PATHS": "/home/user/documents"
      }
    }
  }
}

Environment Variables

Required:

  • GOOGLE_CLIENT_ID - Google OAuth client ID
  • GOOGLE_CLIENT_SECRET - Google OAuth client secret
  • BASE_URL - Base URL for OAuth callbacks
  • MONGODB_URI - MongoDB connection string

Optional:

  • MCP_HOST - Server host address (default: "0.0.0.0")
  • MCP_PORT - Server port (default: 8000)
  • MCP_TRANSPORT - Transport protocol: "stdio", "http", "sse", or "streamable-http" (default: "http")
  • MONGODB_DATABASE - Database name (default: "mcp_composer")

Usage with Claude.AI

  1. Start the MCP Composer server
  2. Provide Claude.AI with your MCP Composer endpoint
  3. Authenticate with Google OAuth (you might need to refresh the page)
  4. Now you should be able to see your configured tools

Each user's tools are isolated and only visible to them after authentication.

Security Considerations

  • OAuth tokens are stored in MongoDB
  • Tools are filtered per user through middleware
  • Each user can only see their own configured MCP servers

Note: ⚠️ The current middleware is designed for segregation and development purposes.

License

MIT

Contributing

Contributions are welcome! Please open an issue or submit a pull request.