←back to thread

Show HN: MCP Gateway – Unifying Access to MCP Servers Without N×M Integrations

(www.truefoundry.com)
10 points supreetgupta | 1 comments | 03 Dec 25 16:14 UTC | HN request time: 0.201s | source

Many teams connecting LLMs to external tools eventually encounter the same architectural issue: as more tools and agents are added, the integration pattern becomes an N×M mesh of direct connections. Each agent implements its own auth, retries, rate limiting, and logging; each tool needs credentials distributed to multiple places and observability becomes fragmented.

We built LLM gateway with this goal to provide a single place to manage authentication, authorization, routing, and observability for MCP servers, with a path toward a more general agent-gateway architecture in the future.

The system includes a central MCP registry, support for OAuth2/DCR integration, Virtual MCP Servers for curated toolsets, and a playground for experimenting with tool calls.

Resources -

Architecture Blog – Covers the N×M problem, gateway motivation, design choices, auth layers, Virtual MCP Servers, and the overall model.

https://www.truefoundry.com/blog/introducing-truefoundry-mcp...

Tutorial – Step-by-step guide to writing an MCP server, adding Okta-based OAuth, and integrating it with the Gateway.

https://docs.truefoundry.com/docs/ai-gateway/mcp-server-oaut...

Feedback on gaps and edge cases is welcome.

https://www.truefoundry.com/mcp-gateway

1. deeptishukla22 ◴[03 Dec 25 16:24 UTC] No.46136355[source]
One of the trickiest parts of MCP in practice has been auth propagation. As soon as the agent backend invokes the MCP server instead of the client, the original user’s auth context disappears—tools that require the user's session_id (or equivalent) suddenly only see a generic token. We ended up needing a pattern for:

- M2M-issued short-lived tokens for backend → MCP calls

- Per-request user metadata injection so tool calls can still act on behalf of the user

- Consistent OAuth2 / Okta validation so both layers trust each other

Was looking for this standarization.