Loading...
Loading...
Use when connecting a REST API to an MCP client, setting up mcp-openapi-proxy, exposing an OpenAPI-backed navigator/executor MCP server, or authenticating with OIDC/static tokens for API proxying.
npx skill4agent add rendis/mcp-openapi-proxy mcp-openapi-proxytoolNameREADME.mdgo install github.com/rendis/mcp-openapi-proxy/cmd/mcp-openapi-proxy@latestMCP_SPEC=./openapi.yaml \
MCP_BASE_URL=https://api.example.com \
MCP_AUTH_TOKEN=your-token \
mcp-openapi-proxyMCP_BASE_URLservermcp-openapi-proxy.mcp.json.mcp.json.examplecodex mcp add ..../.codex/config.tomlMCP_AUTH_TOKENMCP_OIDC_ISSUERMCP_OIDC_CLIENT_IDmcp-openapi-proxy loginmcp-openapi-proxy login <mcp_name>mcp-openapi-proxy login --mcp-config ./path/to/.mcp.jsonmcp-openapi-proxy login --mcp-config ./path/to/.mcp.json --server <mcp_name>mcp-openapi-proxy login --codex-server <name>mcp-openapi-proxy login --codex-config ~/.codex/config.tomlmcp-openapi-proxy login --codex-config ~/.codex/config.toml --server <name>list_endpointsdescribe_endpointcall_endpointlogin.mcp.jsonenvmcp-openapi-proxy login./.mcp.json~/.codex/config.toml$CODEX_HOME/config.tomllogincommandmcp-openapi-proxy.exegoenvdockerloginswag initswag initmcp-openapi-proxyswag init -g cmd/api/main.go
swagger2openapi ./docs/swagger.json -o ./docs/openapi.json
MCP_SPEC=./docs/openapi.json mcp-openapi-proxy| Variable | Required | Default | Description |
|---|---|---|---|
| Yes | — | Path or URL to OpenAPI 3.x spec (YAML/JSON) |
| No | — | Explicit API base URL. If omitted, the proxy uses a single absolute OpenAPI server when available |
| No | | Prefix for the 3 MCP tools and endpoint |
| No | | Namespace for stored OIDC tokens |
| No | — | Global bearer token fallback |
| No | — | OIDC issuer URL |
| No | — | OIDC client ID |
| No | Spec scopes or | Override OIDC login scopes |
| No | — | Comma-separated |
| No | | Maximum response body size to buffer and return |
| No | | Allow sending credentials over non-loopback |
| No | | Skip deprecated endpoints when generating tools |
.mcp.json{
"mcpServers": {
"my-api": {
"command": "mcp-openapi-proxy",
"env": {
"MCP_SPEC": "./openapi.yaml",
"MCP_BASE_URL": "https://api.example.com",
"MCP_TOOL_PREFIX": "myapi",
"MCP_AUTH_PROFILE": "myapi"
}
}
}
}{
"mcpServers": {
"my-api": {
"command": "mcp-openapi-proxy",
"env": {
"MCP_SPEC": "./openapi.yaml",
"MCP_BASE_URL": "https://api.example.com",
"MCP_TOOL_PREFIX": "myapi",
"MCP_AUTH_PROFILE": "myapi",
"MCP_AUTH_TOKEN": "your-token"
}
}
}
}{
"mcpServers": {
"my-api": {
"command": "mcp-openapi-proxy",
"env": {
"MCP_SPEC": "./openapi.yaml",
"MCP_BASE_URL": "https://api.example.com",
"MCP_TOOL_PREFIX": "myapi",
"MCP_AUTH_PROFILE": "myapi",
"MCP_OIDC_ISSUER": "https://auth.example.com/realms/myrealm",
"MCP_OIDC_CLIENT_ID": "my-client"
}
}
}
}.mcp.jsonmcp-openapi-proxy loginmcp-openapi-proxy login my-apimcp-openapi-proxy login --mcp-config ./path/to/.mcp.jsonmcp-openapi-proxy login --mcp-config ./path/to/.mcp.json --server my-api.codex/config.tomlcodex mcp add my-api \
--env MCP_SPEC=./openapi.yaml \
--env MCP_BASE_URL=https://api.example.com \
--env MCP_TOOL_PREFIX=myapi \
--env MCP_AUTH_TOKEN=your-token \
-- mcp-openapi-proxycodex mcp add my-api \
--env MCP_SPEC=./openapi.yaml \
--env MCP_BASE_URL=https://api.example.com \
--env MCP_TOOL_PREFIX=myapi \
--env MCP_AUTH_PROFILE=myapi \
--env MCP_OIDC_ISSUER=https://auth.example.com/realms/myrealm \
--env MCP_OIDC_CLIENT_ID=my-client \
-- mcp-openapi-proxy~/.codex/config.tomlcodex mcp add./.codex/config.toml[mcp_servers.my-api]
command = "mcp-openapi-proxy"
[mcp_servers.my-api.env]
MCP_SPEC = "./openapi.yaml"
MCP_BASE_URL = "https://api.example.com"
MCP_TOOL_PREFIX = "myapi"
MCP_AUTH_TOKEN = "your-token"mcp-openapi-proxy logincodex mcp loginmcp-openapi-proxy login --codex-server my-api
mcp-openapi-proxy login --codex-config ~/.codex/config.toml
mcp-openapi-proxy login --codex-config ~/.codex/config.toml --server my-api
mcp-openapi-proxy login --codex-config ./.codex/config.toml --server my-apicodex mcp login./.codex/config.toml~/.codex/config.toml~/.gemini/settings.json{
"mcpServers": {
"my-api": {
"command": "mcp-openapi-proxy",
"env": {
"MCP_SPEC": "./openapi.yaml",
"MCP_BASE_URL": "https://api.example.com",
"MCP_TOOL_PREFIX": "myapi",
"MCP_AUTH_TOKEN": "your-token"
}
}
}
}MCP_AUTH_<SCHEME>_*MCP_AUTH_TOKENMCP_AUTH_PROFILEMCP_AUTH_TOKEN.mcp.json -> mcpServers.<name>.env.MCP_AUTH_TOKEN.-/http beareroauth2openIdConnectMCP_AUTH_<SCHEME>_TOKENhttp basicMCP_AUTH_<SCHEME>_USERNAMEMCP_AUTH_<SCHEME>_PASSWORDapiKeyMCP_AUTH_<SCHEME>_KEYMCP_AUTH_PARTNER_AUTH_V2_TOKEN=secret-token
MCP_AUTH_ADMIN_BASIC_USERNAME=alice
MCP_AUTH_ADMIN_BASIC_PASSWORD=s3cr3t
MCP_AUTH_X_API_KEY_KEY=dev-keyMCP_OIDC_ISSUER=https://auth.example.com/realms/myrealm \
MCP_OIDC_CLIENT_ID=my-client \
mcp-openapi-proxy login.mcp.jsonenvmcp-openapi-proxy loginmcp-openapi-proxy login my-apimcp-openapi-proxy login --mcp-config ./path/to/.mcp.jsonmcp-openapi-proxy login --mcp-config ./path/to/.mcp.json --server my-apimcp-openapi-proxy login --codex-server my-apimcp-openapi-proxy login --codex-config ~/.codex/config.tomlmcp-openapi-proxy login --codex-config ~/.codex/config.toml --server my-apiMCP_AUTH_PROFILEMCP_OIDC_ISSUERMCP_OIDC_CLIENT_IDloginloginmcp-openapi-proxygoenvdockerloginloginMCP_BASE_URL=https://api.example.com mcp-openapi-proxy loginmcp-openapi-proxy loginmcp-openapi-proxy statusmcp-openapi-proxy logoutMCP_OIDC_SCOPESMCP_SPECopenid profile email offline_access~/.mcp-openapi-proxy/<profile>-tokens.json<profile>MCP_AUTH_PROFILEdefault{prefix}_list_endpoints{prefix}_describe_endpoint{prefix}_call_endpointtoolName{prefix}_{method}_{sanitized_path}toolNamedescribe_endpointcall_endpointMCP_TOOL_PREFIX=fe| Operation | Endpoint |
|---|---|
| |
| |
| |
| |
| |
fe_list_featuresfe_toggle_feature{prefix}_list_endpointstoolName{prefix}_describe_endpoint{prefix}_call_endpointlist_endpoints{
"q": "feature",
"path_prefix": "/admin",
"method": "PATCH",
"auth": "bearer",
"limit": 25
}{
"items": [
{
"toolName": "fe_patch_admin_features_key_toggle",
"method": "PATCH",
"path": "/admin/features/{key}/toggle",
"description": "Toggle a feature flag",
"requiredAuth": "bearer",
"tags": ["flags", "admin"],
"deprecated": false
}
],
"nextCursor": ""
}describe_endpoint{
"toolName": "fe_patch_admin_features_key_toggle"
}toolNamemethodpathsummarydescriptiondeprecatedrequiredAuthsecurityRequirementsparameters.path/query/headers/cookiesrequestBodyresponsesexternalDocsserversbaseURLHintcall_endpoint{
"toolName": "fe_patch_admin_features_key_toggle",
"path": {
"key": "checkout"
},
"headers": {
"X-Workspace": "acme"
},
"body": {
"enabled": true
}
}X-WorkspaceheadersMCP_EXTRA_HEADERScall_endpoint{
"status": 200,
"content_type": "application/json",
"headers": {
"X-Trace": ["abc123"]
},
"body": {
"id": "item-1"
}
}4xx/5xxIsError=truestatus: 0proxy_errorMCP_EXCLUDE_DEPRECATED=1{
"mcpServers": {
"users-api": { "command": "mcp-openapi-proxy", "env": { "MCP_TOOL_PREFIX": "users", "..." : "..." } },
"billing-api": { "command": "mcp-openapi-proxy", "env": { "MCP_TOOL_PREFIX": "billing", "..." : "..." } }
}
}MCP_SPECMCP_BASE_URLserverswag initswagger: "2.0"swagger.jsonswagger2openapiMCP_SPECMCP_AUTH_<SCHEME>_*MCP_AUTH_TOKENmcp-openapi-proxy loginhttp://MCP_ALLOW_INSECURE_HTTP=1toolNamelist_endpointsdescribe_endpointcall_endpointcall_endpointtoolNameREADME.md