# MCP Integration

Integrate with Model Context Protocol servers for tool-level security.

TypeScript MCP Server

typescript

1import { SolonGateAPI } from '@solongate/sdk';
2import { Server } from '@modelcontextprotocol/sdk/server';
3
4const server = new Server({ name: 'secure-mcp', version: '1.0.0' });
5const solongate = new SolonGateAPI({ apiKey: process.env.SOLONGATE_API_KEY! });
6
7server.setRequestHandler('tools/call', async (request) => {
8  const { name, arguments: args } = request.params;
9
10  // Validate with SolonGate
11  const validation = await solongate.validate(name, args || {});
12
13  if (!validation.allowed) {
14    return {
15      content: [{ type: 'text', text: `Blocked: ${validation.decision?.reason}` }],
16      isError: true
17    };
18  }
19
20  // Execute the tool
21  const result = await executeTool(name, args, validation.token);
22  return { content: [{ type: 'text', text: result }] };
23});

Python MCP Server

python

1from solongate import SolonGateAPI
2from mcp.server import Server
3import os
4
5server = Server("secure-mcp")
6solongate = SolonGateAPI(api_key=os.environ["SOLONGATE_API_KEY"])
7
8@server.call_tool()
9async def call_tool(name: str, arguments: dict):
10    # Validate with SolonGate
11    validation = solongate.validate(name, arguments)
12
13    if not validation.allowed:
14        return f"Blocked: {validation.decision.reason}"
15
16    # Execute the tool
17    result = await execute_tool(name, arguments, validation.token)
18    return result

Server Verification

typescript

1import { ServerVerifier } from '@solongate/sdk';
2
3const verifier = new ServerVerifier({
4  allowedServers: ['my-mcp-server', 'trusted-server'],
5  requireSignature: true,
6  signatureSecret: process.env.MCP_SIGNATURE_SECRET!,
7});
8
9// Verify incoming request
10const isValid = verifier.verify({
11  serverName: request.headers['x-mcp-server'],
12  signature: request.headers['x-mcp-signature'],
13  timestamp: request.headers['x-mcp-timestamp'],
14  body: request.body,
15});
16
17if (!isValid) {
18  throw new Error('Invalid MCP request');
19}

Complete MCP Example

typescript

1import { SolonGateAPI, ServerVerifier } from '@solongate/sdk';
2import { Server } from '@modelcontextprotocol/sdk/server';
3import { StdioServerTransport } from '@modelcontextprotocol/sdk/server/stdio';
4
5const solongate = new SolonGateAPI({
6  apiKey: process.env.SOLONGATE_API_KEY!,
7});
8
9const server = new Server({
10  name: 'secure-file-server',
11  version: '1.0.0',
12}, {
13  capabilities: {
14    tools: {},
15  },
16});
17
18// Define tools
19server.setRequestHandler('tools/list', async () => ({
20  tools: [{
21    name: 'read_file',
22    description: 'Read a file from the filesystem',
23    inputSchema: {
24      type: 'object',
25      properties: {
26        path: { type: 'string', description: 'File path' },
27      },
28      required: ['path'],
29    },
30  }],
31}));
32
33// Handle tool calls with SolonGate
34server.setRequestHandler('tools/call', async (request) => {
35  const { name, arguments: args } = request.params;
36
37  // Validate with SolonGate
38  const validation = await solongate.validate(name, args || {}, {
39    serverName: 'secure-file-server',
40    trustLevel: 'VERIFIED',
41  });
42
43  if (!validation.allowed) {
44    return {
45      content: [{
46        type: 'text',
47        text: `Security policy denied: ${validation.decision?.reason}`
48      }],
49      isError: true,
50    };
51  }
52
53  // Execute the tool with capability token
54  try {
55    const content = await fs.readFile(args.path, 'utf-8');
56    return { content: [{ type: 'text', text: content }] };
57  } catch (error) {
58    return {
59      content: [{ type: 'text', text: `Error: ${error.message}` }],
60      isError: true,
61    };
62  }
63});
64
65// Start server
66const transport = new StdioServerTransport();
67await server.connect(transport);

Rate Limiting Path Matching

# MCP Integration

Integrate with Model Context Protocol servers for tool-level security.

TypeScript MCP Server

typescript

1import { SolonGateAPI } from '@solongate/sdk';
2import { Server } from '@modelcontextprotocol/sdk/server';
3
4const server = new Server({ name: 'secure-mcp', version: '1.0.0' });
5const solongate = new SolonGateAPI({ apiKey: process.env.SOLONGATE_API_KEY! });
6
7server.setRequestHandler('tools/call', async (request) => {
8  const { name, arguments: args } = request.params;
9
10  // Validate with SolonGate
11  const validation = await solongate.validate(name, args || {});
12
13  if (!validation.allowed) {
14    return {
15      content: [{ type: 'text', text: `Blocked: ${validation.decision?.reason}` }],
16      isError: true
17    };
18  }
19
20  // Execute the tool
21  const result = await executeTool(name, args, validation.token);
22  return { content: [{ type: 'text', text: result }] };
23});

Python MCP Server

python

1from solongate import SolonGateAPI
2from mcp.server import Server
3import os
4
5server = Server("secure-mcp")
6solongate = SolonGateAPI(api_key=os.environ["SOLONGATE_API_KEY"])
7
8@server.call_tool()
9async def call_tool(name: str, arguments: dict):
10    # Validate with SolonGate
11    validation = solongate.validate(name, arguments)
12
13    if not validation.allowed:
14        return f"Blocked: {validation.decision.reason}"
15
16    # Execute the tool
17    result = await execute_tool(name, arguments, validation.token)
18    return result

Server Verification

typescript

1import { ServerVerifier } from '@solongate/sdk';
2
3const verifier = new ServerVerifier({
4  allowedServers: ['my-mcp-server', 'trusted-server'],
5  requireSignature: true,
6  signatureSecret: process.env.MCP_SIGNATURE_SECRET!,
7});
8
9// Verify incoming request
10const isValid = verifier.verify({
11  serverName: request.headers['x-mcp-server'],
12  signature: request.headers['x-mcp-signature'],
13  timestamp: request.headers['x-mcp-timestamp'],
14  body: request.body,
15});
16
17if (!isValid) {
18  throw new Error('Invalid MCP request');
19}

Complete MCP Example

typescript

1import { SolonGateAPI, ServerVerifier } from '@solongate/sdk';
2import { Server } from '@modelcontextprotocol/sdk/server';
3import { StdioServerTransport } from '@modelcontextprotocol/sdk/server/stdio';
4
5const solongate = new SolonGateAPI({
6  apiKey: process.env.SOLONGATE_API_KEY!,
7});
8
9const server = new Server({
10  name: 'secure-file-server',
11  version: '1.0.0',
12}, {
13  capabilities: {
14    tools: {},
15  },
16});
17
18// Define tools
19server.setRequestHandler('tools/list', async () => ({
20  tools: [{
21    name: 'read_file',
22    description: 'Read a file from the filesystem',
23    inputSchema: {
24      type: 'object',
25      properties: {
26        path: { type: 'string', description: 'File path' },
27      },
28      required: ['path'],
29    },
30  }],
31}));
32
33// Handle tool calls with SolonGate
34server.setRequestHandler('tools/call', async (request) => {
35  const { name, arguments: args } = request.params;
36
37  // Validate with SolonGate
38  const validation = await solongate.validate(name, args || {}, {
39    serverName: 'secure-file-server',
40    trustLevel: 'VERIFIED',
41  });
42
43  if (!validation.allowed) {
44    return {
45      content: [{
46        type: 'text',
47        text: `Security policy denied: ${validation.decision?.reason}`
48      }],
49      isError: true,
50    };
51  }
52
53  // Execute the tool with capability token
54  try {
55    const content = await fs.readFile(args.path, 'utf-8');
56    return { content: [{ type: 'text', text: content }] };
57  } catch (error) {
58    return {
59      content: [{ type: 'text', text: `Error: ${error.message}` }],
60      isError: true,
61    };
62  }
63});
64
65// Start server
66const transport = new StdioServerTransport();
67await server.connect(transport);