michaelfmnk/mcp-composer
If you are the rightful owner of mcp-composer and would like to certify it and/or have it hosted online, please leave a comment on the right or send an email to henry@mcphub.com.
MCP Composer is a multi-tenant MCP server that aggregates and manages multiple MCP servers for different users, enabling secure access through Google OAuth authentication.
MCP Composer
A multi-tenant MCP (Model Context Protocol) server that aggregates and manages multiple MCP servers for different users, enabling secure access through Google OAuth authentication.
Overview
MCP Composer acts as a centralized proxy that allows multiple users to configure and access their own MCP servers through a single endpoint. Each user authenticates via Google OAuth and only sees their own configured tools and resources.
Key Features
- Multi-tenant Architecture: Each user has their own isolated MCP server configurations
- Google OAuth Authentication: OAuth 2.1 flow integrated with Claude.AI
- Flexible Server Support: Compatible with both HTTP and stdio-based MCP servers
- MongoDB: User configurations and OAuth tokens are stored in MongoDB
- MCP Isolation: Security middleware makes sure that users can access only their own MCPs
Use Cases
- Share a single MCP endpoint across multiple team members with Claude.AI
- Maintain separate tool configurations per user while using a common infrastructure
- Secure access to private MCP with Google OAuth
Architecture
The project follows a clean architecture with dependency injection and no global state:
src/mcp_composer/
auth/ # OAuth providers and security middleware
database/ # MongoDB client and repositories
server/ # MCP server management and proxy clients
app.py # Main application with dependency injection
config.py # Environment-based configuration
models.py # Pydantic data models
main.py # Application entry point
Key components:
- McpComposerApp: Manages application lifecycle and dependency injection
- MCPServerManager: Orchestrates server creation and user configuration loading
- SecurityFilterMiddleware: Filters tools based on authenticated user
- CustomProxyClient: Tracks tool ownership for multi-tenant isolation
Quick Start
Prerequisites
- Python 3.11+
- MongoDB instance
- Google OAuth credentials (setup guide)
Local Development
- Clone the repository:
git clone git@github.com:michaelfmnk/mcp-composer.git
cd mcp-composer
- Create a
.env
file with required configuration:
GOOGLE_CLIENT_ID=your_client_id
GOOGLE_CLIENT_SECRET=your_client_secret
BASE_URL=http://localhost:8000
MONGODB_URI=mongodb://localhost:27017
MCP_HOST=0.0.0.0
MCP_PORT=8000
MCP_TRANSPORT=http
- Install dependencies and run:
uv sync
uv run mcp-composer
The server will start on http://localhost:8000
.
Configuration
User MCP Server Configuration
User configurations are stored in MongoDB with the following structure:
{
"_id": "user@example.com",
"mcpServers": {
"my-server": {
"url": "https://example.com/mcp"
},
"local-tool": {
"command": "npx",
"args": ["-y", "@modelcontextprotocol/server-filesystem"],
"env": {
"ALLOWED_PATHS": "/home/user/documents"
}
}
}
}
Environment Variables
Required:
GOOGLE_CLIENT_ID
- Google OAuth client IDGOOGLE_CLIENT_SECRET
- Google OAuth client secretBASE_URL
- Base URL for OAuth callbacksMONGODB_URI
- MongoDB connection string
Optional:
MCP_HOST
- Server host address (default: "0.0.0.0")MCP_PORT
- Server port (default: 8000)MCP_TRANSPORT
- Transport protocol: "stdio", "http", "sse", or "streamable-http" (default: "http")MONGODB_DATABASE
- Database name (default: "mcp_composer")
Usage with Claude.AI
- Start the MCP Composer server
- Provide Claude.AI with your MCP Composer endpoint
- Authenticate with Google OAuth (you might need to refresh the page)
- Now you should be able to see your configured tools
Each user's tools are isolated and only visible to them after authentication.
Security Considerations
- OAuth tokens are stored in MongoDB
- Tools are filtered per user through middleware
- Each user can only see their own configured MCP servers
Note: ⚠️ The current middleware is designed for segregation and development purposes.
License
MIT
Contributing
Contributions are welcome! Please open an issue or submit a pull request.