MCPNest Gateway unifies MCP server access with audit logging
MCPNest v1.11 introduces a Gateway that gives enterprise teams a single authenticated endpoint to manage, route, and audit all MCP server connections instead of per-developer JSON configs.
Score breakdown
Teams adopting MCP at scale can use MCPNest Gateway to enforce server allowlists, gain a full audit trail of AI tool calls, and eliminate the uncontrolled sprawl of per-developer MCP configs — without changing how Claude Desktop or Cursor connect.
- 01MCPNest v1.11 Gateway provides a single authenticated URL per enterprise workspace to proxy all approved MCP servers.
- 02Replaces per-developer JSON config files, giving IT central control over which MCP servers are approved.
- 03Aggregates `tools/list` from all upstream servers and auto-routes `tools/call` to the correct server.
Ricardo Rodrigues outlines the governance problem at the heart of team-scale MCP adoption: developers freely install MCP servers — GitHub integrations, database connectors, web scrapers — directly into Claude Desktop or Cursor via local JSON config files, with no central visibility, no versioning, no rollback capability, and no access control. For a solo developer this is fine; for a team of 20 at a security-conscious company, it is a meaningful gap. MCPNest v1.11's Gateway closes that gap by giving each enterprise workspace a single authenticated endpoint (`https://mcpnest.io/api/gw/{workspace-slug}`) secured with a `Bearer mng_...` token.
On `tools/list`, it fans out to every server approved in the workspace, aggregates the results, and returns a unified tool list — from Claude's perspective it is talking to one server.
The Gateway handles two core MCP operations transparently. On `tools/list`, it fans out to every server approved in the workspace, aggregates the results, and returns a unified tool list — from Claude's perspective it is talking to one server. On `tools/call`, it identifies which upstream server owns the requested tool and proxies the request automatically. The implementation uses three files: `auth.ts` stores tokens as SHA-256 hashes and uses `timingSafeEqual` to prevent timing attacks; `logging.ts` performs fire-and-forget writes to `mcp_tool_calls` so logging never blocks a tool call; and `route.ts` handles proxying with auto-detection of JSON vs. SSE transport via the response `Content-Type` header.
The database schema includes `gateway_workspaces`, `gateway_workspace_servers` (with position ordering and optional tool prefixes to avoid name collisions), and an append-only `mcp_tool_calls` table retained for 90 days. Each log row captures `workspace_id`, `server_slug`, `tool_name`, HTTP-style `status`, `latency_ms`, and `created_at` — no input parameters or output content are stored, making it GDPR-safe by design. In a live test against the Context7 MCP server, the Gateway returned two proxied tools with latencies between 821ms and 1440ms across 5 calls, all status 200.
Key facts
- 01MCPNest v1.11 Gateway provides a single authenticated URL per enterprise workspace to proxy all approved MCP servers.
- 02Replaces per-developer JSON config files, giving IT central control over which MCP servers are approved.
- 03Aggregates `tools/list` from all upstream servers and auto-routes `tools/call` to the correct server.
- 04`auth.ts` stores bearer tokens as SHA-256 hashes and uses `timingSafeEqual` to prevent timing attacks.