Higress MCP service management helps build a private MCP market

Introduction

This March, the MCP protocol became a new hotspot in AI, widely recognized by most people. At that time, Higress quickly responded by adding an MCP protocol conversion feature, for more details see: https://higress.cn/ai/mcp-quick-start. This solution addresses the following issues:

1. Introduced Redis, leveraging its pub/sub feature to solve the problem of session persistence in the SSE protocol.

2. Provided the capability to convert OpenAPI to MCP Server; simply provide OpenAPI documentation that conforms to the OAS 3.0 specifications to automatically convert it to a gateway-managed MCP Server.

3. Provided Go Template and GJSON expressions for fine-grained processing of request and response templates, allowing users to optimize the MCP Server by simply changing configurations, with the process being entirely lossless and SSE connections remaining intact.

Once this feature was launched, it quickly garnered widespread attention from the open-source community. Additionally, many users reported configuration failures in the discussion groups, as the feature was too atomic and complex, leading to frequent configuration failures. To further enhance user experience, we decided to integrate Higress MCP-related capabilities in a scenario-based manner within the Higress Console, specifically the MCP service management module.

Users can officially experience all the features mentioned in this article in version 2.1.5 of Higress.

Introduction to Higress MCP Service Management

Overview of Higress MCP Service Management Features

The Higress MCP service management module provides the following capabilities:

• OpenAPI to MCP conversion. By connecting the existing HTTP backend services of the gateway with the OAS 3.0 document provided by users, it can automatically convert to MCP Server.

• DB to MCP conversion. Users only need to configure the database instance as the backend service of the gateway to automatically convert it to MCP Server, currently supporting MySQL, PostgreSQL, Clickhouse, and Sqlite.

• MCP direct routing. Can directly proxy backend services using the SSE/Streamable protocol.

• MCP authentication and authorization capabilities.

From the perspective of an open-source contributor to Higress, I would like to clarify Higress's own positioning. Its primary role is still as an AI gateway/MCP gateway, serving as infrastructure to help enterprises better build their MCP market. The MCP features it provides can be very friendly combined with scenarios such as MCP application stores (like mcp.so), MCP client markets (Cline, Cursor, Cherry Studio), and platform markets (Bailian, Modao, Dify); Higress is not in competition with these scenarios.

MCP Service Management and mcp.higress.ai

Previously, Higress officially released a SaaS version of the MCP market: mcp.higress.ai, which is entirely built on Higress MCP service management. Currently, the front-end and back-end code has not been open-sourced, and relevant capabilities are provided for user use in a SaaS format, serving merely as a functionality demo, allowing users to refer to the interactions on mcp.higress.ai to build their own MCP market based on Higress.

Higress, Naos 3.0, and the MCP Market

If you are building an enterprise privatized MCP market, you will definitely be concerned about the relationship between Higress MCP service management, Nacos 3.0, and the MCP market introduced in this article. Here are some clarifications.

Some enterprises have a demand for building their own MCP market. Higress MCP service management is merely a console representation of Higress MCP-related atomic capabilities, aiming to provide users with a more user-friendly interface, and it also provides the capability of integrating OpenAPI. It can be an important component of the enterprise privatized MCP market, but this single component is not sufficient to fully support all scene requirements.

Nacos 3.0 provides the capability of MCP Registry. In building an enterprise-level MCP market, Higress acts as the MCP Proxy, while Nacos assumes the role of MCP Registry, allowing Nacos to better gather market information and manage the runtime of the MCP Server. In the future, Higress will also have deeper integration with Nacos MCP Registry at the product level, forming an overall solution for the MCP market.

In the open-source self-built scenario: It is recommended to integrate Higress Console's OpenAPI or admin-sdk, along with Nacos MCP Registry. Enterprises should then develop a front-end and back-end application that conforms to the enterprise privatization identity to create their own privatized MCP market.

In the Alibaba Cloud commercialization scenario: Alibaba Cloud's Public Cloud API Gateway and the Enterprise Edition API Gateway plan to launch an out-of-the-box MCP market. This solution will be based on MCP service management and Nacos 3.0 to package a higher-level application that plans to offer two modes for commercial users to choose from:

• Mode 1: Out-of-the-box providing a scalable and customizable instantiated MCP market.

• Mode 2: Providing MCP market source code for enterprise users for secondary development.

Below, we will focus on introducing the three service types of Higress MCP service management: OpenAPI conversion MCP, MCP direct routing, and DB conversion MCP, as well as the business scenarios they each support.

OpenAPI Conversion MCP

When enterprises develop MCP Server for AI Agents, they can generally be categorized into two types of scenarios: existing scenarios and incremental scenarios. Existing scenarios refer to the IT assets already possessed by enterprises. Using the e-commerce scenario as an example, systems such as order systems, product systems, and address systems—which need to have the capability of being called by AI Agents—must be MCP-ified; incremental scenarios refer to MCP tools developed specifically for the better operation of AI Agents, with a typical example being the amap MCP Server provided by Amap.

Before providing the amap MCP Server, the Amap team also had a complete set of amap OpenAPI, although it was previously designed for traditional application calls. If the business teams of most enterprises are willing to invest a lot of effort and determination, they can certainly write out high-quality products like the amap MCP Server. However, the reality is that existing business within enterprises often has many concerns:

1. The maintenance personnel for existing business systems have changed several times, and some long-tail applications are reluctant to add incremental code.

2. There are many business systems, and the full transformation timeline is lengthy.

3. The learning curve for business staff regarding AI technology stacks is quite high.

4. Deploying MCP Server increases new resource consumption.

Once a new technology involves modifications to existing systems, coupled with a high barrier for the selected modification plan, it is highly likely that the transformation cannot be implemented, ultimately leading to disorder within the enterprise.

The OpenAPI conversion MCP feature offered by Higress is certainly not the only MCP access solution, but its advantages are very prominent:

• Zero-code transformation, easy integration. Simply provide the OpenAPI document of existing services (conforming to OAS 3.0 specifications), and no additional integration code is needed for Higress to manage it.

• Easy maintenance with white-screen tooling modifications. Later, adjustments to the OpenAPI converted MCP metadata (in YAML format) can be made in the Higress Console to fine-tune tools and descriptions, thereby improving cooperation between MCP and Agents.

• No need to provide MCP runtime, simplifying operations. Unlike traditional stdio/sse solutions, the Higress gateway does not require launching any MCP runtime resources such as Docker; the entire integration is achieved through protocol conversion, using only the resources of the gateway itself.

With this feature of Higress, businesses can focus more on describing MCP tools and how to better collaborate with Agents, rather than on how to implement MCP Server code, significantly enhancing the efficiency of business intelligence processes.

Next, we will use the interface of Higress Console to provide a more intuitive feature introduction.

In the AI gateway management - MCP management menu, selecting to create an MCP service allows the creation of a service type for OpenAPI MCP.

Selecting the MCP service enables editing tool operations. On this page, both Swagger and YAML modes are supported.

• Swagger Mode. Import OpenAPI documents that conform to OAS 3.0 specifications, and Higress Console will automatically convert them into MCP YAML metadata. It is recommended to use this during new additions.

• YAML Mode. Directly edit MCP YAML metadata, recommended for use during editing.

Viewing the tool list:

Under the basic information and tool list, the information for SSE/Streamable access points can also be directly viewed for MCP clients to connect.

MCP Direct Routing

In the OpenAPI conversion MCP scenario, I mentioned both existing and incremental scenarios. While I personally believe that existing business scenarios dominate, we cannot exclude cases where some prefer to develop their own MCP Server, and there has also emerged a large number of MCP Servers in the open-source MCP market. Considering this situation, Higress offers the MCP direct routing solution to connect with backend services using the SSE/Streamable protocol.

Some readers may wonder why, if they develop their own MCP Server and can connect directly with MCP clients, they still need to proxy through Higress. My view is that Higress serves as the MCP gateway here, with the following advantages:

• Gateway can achieve authentication and authorization, flow control, and observability for MCP Servers.

• Unified management of the external exposure of MCP Servers.

In fact, in both the current and future feature planning within Higress, MCP has always been regarded as an API type, with API types under AI scenarios including:

• LLM API

• MCP API

• Agent API

Combining this with traditional API gateway types:

• Rest API

• HTTP API

• Websocket API

This can further lead to discussions on API & AI open platforms, although all of this is still in the exploratory stage. You can follow the Higress community to learn about future related developments.

DB Conversion MCP

The DB conversion MCP Server capability provided by HIgress allows users to generate instance-level MCP Servers by simply providing the necessary connection information for the database (username, password, domain/IP, port), without the need for code writing or providing runtime resources.

This feature is still in the exploratory phase, so please note the following limitations:

• Only partial database types are supported: MySQL, PostgreSQL, Clickhouse, Sqlite.

• Only a fixed tool list is supported: ListTables, DescribeTable, Query, Execute; dynamic addition is not supported.

The DB conversion MCP is an attempt by Higress to generalize certain database and middleware components into MCP, presenting a potential direction for future evolution. We also hope to receive more feedback from users.

Based on this feature, in the future, Higress could also evolve to provide SQL MCP BI capabilities to compose SQL that matches business scenarios and convert it into MCP tools for intelligent analysis by upper-layer businesses, formatted as follows:

db_tool:
  name: xxxx
  kind: postgres-sql 
  source: my-pg-source # 通过 name 关联到对应 db_source
  
  # tools 所需元数据
  name: search-hotels-by-name # tools 的名
  description: Search for hotels based on name. # tools 的描述
  inputSchema: # 内容为自定义的 RawMessage
    - type: string
      properties: 
        table: 
          type: string
          description: 'hotel name'
      required: 
        - table
                
  # 执行语句
  statement: SELECT * FROM hotels WHERE name ILIKE '%' || $1 || '%';

Other Higress open-source contributors are also welcome to participate in contributing to this feature.

MCP Authentication

Current Status of MCP Official Authentication Scheme

The MCP community is currently focused on user-level permission management regarding the authentication scheme. To fully apply this set of schemes in enterprises, it is necessary to dive into the employee account system of the enterprise—transitioning from role-based permissions to user-based permissions.

Under this PR lead, the community has now accepted an authentication scheme based on the OAuth2 PRM (Protected Resource Metadata) draft, and it has already been released in the latest version.

https://github.com/modelcontextprotocol/modelcontextprotocol/pull/284#issuecomment-2825122408

In simple terms, it separates the responsibilities of the Auth Server from the MCP Server. When an MCP Client requests the MCP Server without credentials, the MCP Server returns 401 and provides PRM information, instructing the MCP Client to obtain a Token from the Auth Server. After receiving the Token, the MCP Client can then request the MCP Server.

This scheme addresses the issue of auto-discovering authentication endpoints for communication between MCP Client and MCP Server, but the overall scheme will likely face significant resistance during large-scale landing of the MCP client ecosystem, and its complexity and idealism may pose challenges during enterprise-level implementation.

Additionally, there's an interesting point: https://github.com/modelcontextprotocol/modelcontextprotocol/issues/544—the Alibaba Cloud security team raised potential security risks during the design process of this scheme, and this issue was just fixed last week.

Higress Provided MCP Authentication Scheme

We assess that even if the standardized authentication scheme established by the MCP community achieves technical breakthroughs, it will still encounter some resistance during enterprise implementation processes. In light of this, Higress has combined its gateway authentication scenarios and common user demands to provide a gateway-side authentication scheme.

Authentication for Higress MCP Server consists of two parts: one happens between the MCP Client and Higress (downstream), and the other happens from Higress to the MCP Server (upstream).

Higress Upstream Authentication Scheme

The MCP community does not clearly specify the authentication methods for remote MCP Server implementations. One possibility is that the types of backend services cannot be enumerated. Higress's conversion capabilities offer some conventions.

Higress offers the following out-of-the-box authentication capabilities based on the OpenAPI 3.0 specifications:

• HTTP Basic Auth

• HTTP Bearer Token

• API Key (Header)

• API Key (Query)

Thus, if the OAS 3.0 document in the OpenAPI conversion MCP scenario includes authentication and credentials for backend services, Higress will also use these credentials to access the backend services.

Higress Downstream Authentication Scheme

As an MCP gateway, one of Higress's main values is to provide unified authentication management for the MCP Server. It is recommended to adopt an API Key-based authentication scheme, consistent with the AI gateway scenarios when acting as a model service proxy.

The downstream authentication for MCP services, which is the authentication method on the gateway side, offers a user experience similar to routing and AI routing. Familiarity with gateway authentication plugins will make this scheme feel familiar.

Transparent Authentication Scheme

Additionally, the support for transparent authentication credential passing will be provided in the future to address some certification needs for MCP direct routing.

Comparison of Higress Commercialization vs. Open Source MCP Capabilities

Join the Higress Community

We welcome more partners to participate in the construction of the Higress community. To keep up with more community dynamics, you can join the

Higress Community Communication Group 3 DingTalk group number: 107690002780

Higress Community WeChat group QR code:(If the group is full, add zjjxg2018 to join the group)