MCPNest Gateway unifies MCP server access with audit logging
MCPNest v1.11 introduces a Gateway that gives enterprise teams a single authenticated endpoint to manage, route, and audit all MCP server connections instead of per-developer JSON configs.
Score breakdown
Teams adopting MCP at scale can use MCPNest Gateway to enforce server allowlists, gain a full audit trail of AI tool calls, and eliminate the uncontrolled sprawl of per-developer MCP configs — without changing how Claude Desktop or Cursor connect.
- 01MCPNest v1.11 Gateway provides a single authenticated URL per enterprise workspace to proxy all approved MCP servers.
- 02Replaces per-developer JSON config files, giving IT central control over which MCP servers are approved.
- 03Aggregates `tools/list` from all upstream servers and auto-routes `tools/call` to the correct server.
Ricardo Rodrigues outlines the governance problem at the heart of team-scale MCP adoption: developers freely install MCP servers — GitHub integrations, database connectors, web scrapers — directly into Claude Desktop or Cursor via local JSON config files, with no central visibility, no versioning, no rollback capability, and no access control. For a solo developer this is fine; for a team of 20 at a security-conscious company, it is a meaningful gap. MCPNest v1.11's Gateway closes that gap by giving each enterprise workspace a single authenticated endpoint (`https://mcpnest.io/api/gw/{workspace-slug}`) secured with a `Bearer mng_...` token.
On `tools/list`, it fans out to every server approved in the workspace, aggregates the results, and returns a unified tool list — from Claude's perspective it is talking to one server.
The Gateway handles two core MCP operations transparently. On `tools/list`, it fans out to every server approved in the workspace, aggregates the results, and returns a unified tool list — from Claude's perspective it is talking to one server. On `tools/call`, it identifies which upstream server owns the requested tool and proxies the request automatically. The implementation uses three files: `auth.ts` stores tokens as SHA-256 hashes and uses `timingSafeEqual` to prevent timing attacks; `logging.ts` performs fire-and-forget writes to `mcp_tool_calls` so logging never blocks a tool call; and `route.ts` handles proxying with auto-detection of JSON vs. SSE transport via the response `Content-Type` header.
The database schema includes `gateway_workspaces`, `gateway_workspace_servers` (with position ordering and optional tool prefixes to avoid name collisions), and an append-only `mcp_tool_calls` table retained for 90 days. Each log row captures `workspace_id`, `server_slug`, `tool_name`, HTTP-style `status`, `latency_ms`, and `created_at` — no input parameters or output content are stored, making it GDPR-safe by design. In a live test against the Context7 MCP server, the Gateway returned two proxied tools with latencies between 821ms and 1440ms across 5 calls, all status 200.
Key facts
- 01MCPNest v1.11 Gateway provides a single authenticated URL per enterprise workspace to proxy all approved MCP servers.
- 02Replaces per-developer JSON config files, giving IT central control over which MCP servers are approved.
- 03Aggregates `tools/list` from all upstream servers and auto-routes `tools/call` to the correct server.
- 04`auth.ts` stores bearer tokens as SHA-256 hashes and uses `timingSafeEqual` to prevent timing attacks.
- 05Every tool call is logged (tool name, server, status code, latency) but no input or output content is stored — described as GDPR-safe.
- 06`mcp_tool_calls` log is append-only and retained for 90 days.
- 07Live test against Context7 MCP server showed 5 successful calls with latencies between 821ms and 1440ms.
Topics
Summary and scoring are generated automatically from the original article. We always link back to the publisher and never republish images or paywalled content. Last processed Apr 22, 2026 · 19:13 UTC. How this works →