MCPG

One governed MCP URL for every backend — identity, policy, audit on every call.

graduatedInfrastructureApache-2.0 core · BUSL-1.1 fleet
Overviewmcpg.dev
96
signed first-party plugins
~33
backend connector kinds
100%
MCP MUST coverage, CI-gated
~107k
lines of Rust

MCPG sits between the agents that call tools and the systems those tools reach. Consumers connect to a single MCP endpoint; every call flows through the same pipeline — identity, policy, rate limits, redaction, dispatch, tamper-evident audit — before it ever touches an upstream.

Any backend becomes a governed, signed, observable MCP tool: HTTP, gRPC, GraphQL, SQL, Kafka and NATS, subprocesses, LLM providers, other MCP servers, OpenAPI specs. Identity is per-request (OIDC, mTLS, SPIFFE, API keys, LDAP, Kerberos, SAML), authorization is policy-as-code (OPA, Cedar, Casbin, deny-by-default), and secrets are resolved server-side — agents and models never hold credentials.

It deploys from a single static binary on a laptop to a multi-tenant Kubernetes fleet with an operator (8 CRDs), Helm charts, and a control plane with an Ed25519 hash-chained audit ledger that verifies offline.

Give every agent one URL. Keep every decision yours.

Related projects