MintMCP Gateway
AI and MCPs are starting to transform how we work. However, MCPs can be:
- Confusing for users: Which servers can they trust? How do they run STDIO servers? Some raw MCP servers expose 100s of tools and users have to figure out which ones to use.
- Problematic for IT & Security teams: API keys and credentials can become scattered across the organization, unvetted MCP servers can expose sensitive data, and users can send sensitive data to untrusted servers.
- Challenging for developers: Building reliable OAuth flows with SSO for every MCP server introduces complexity; tool names can conflict across servers; getting everything to work with different AI clients can be challenging.
How does an MCP gateway help?
Enterprises need a single entrypoint that authenticates end users, standardizes how tools are exposed, and captures telemetry before requests reach sensitive systems. With MintMCP:
- Users can discover and use MCPs curated by the organization, upleveling and unifying the way teams use AI with tools.
- IT & Security teams can enforce security, SSO, and audit logs across all MCP servers.
- Developers can quickly deploy MCP servers and share them with the organization easily and gain observability on how each is being used.
This rest of this document explains the core building blocks of the MintMCP gateway and how requests move between clients, the MintMCP platform, and downstream MCP servers. Use it alongside the Quickstart to begin provisioning your environment and the Security overview when you plan governance controls. Detailed authentication patterns live in the MintMCP Authentication Models guide.
Example Virtual MCP deployment
Consider a "Sales Intelligence" Virtual MCP (VMCP) created for account executives. Administrators curate connectors for CRM insights, contract storage, and communication tools. Sales reps connect from ChatGPT or Claude, authenticate once through MintMCP, and the gateway enforces which connectors, and even which CRM records, they can reach. All usage is logged centrally for audit and training improvements.
Architecture Overview
End-to-end flow
- An AI client (for example, ChatGPT Actions or a native MCP client) initiates an OAuth session with MintMCP when a user wants to use tools from the Sales Intelligence Virtual MCP.
- MintMCP validates the user's identity, evaluates organization policies, and returns the curated tool manifest for that Virtual MCP.
- When the client calls a tool, MintMCP maps the request to the correct connector configuration, injects the appropriate credentials, and forwards the MCP request to the downstream MCP server.
- The downstream MCP server fulfills the request, and MintMCP relays the response back to the client while recording telemetry and enforcing post-call policies.
For more details on the flow, see the Core Concepts guide.
Key components
| Component | Description | Responsibilities |
|---|---|---|
| AI clients | ChatGPT Actions, Claude, Cursor, or custom MCP-compatible agents | Present VMCPs to end users, initiate OAuth, and execute tools exposed by MintMCP |
| MintMCP gateway | Multi-tenant control plane and runtime that fronts every VMCP | Orchestrates authentication, authorization, policy enforcement, routing, logging, and governance |
| Virtual MCP (VMCP) | Logical grouping of connectors exposed as a single MCP endpoint | Defines which tools are available to a role or use case, manages per-VMCP access rules |
| MCP connectors | Hosted, remote, STDIO, or custom servers that implement the MCP specification | Provide domain-specific capabilities; authenticate to downstream systems using per-user or shared credentials |
| Observability & governance plane | Data stores and dashboards inside MintMCP | Capture telemetry, surface audit trails, power cost controls, and feed compliance workflows |
Related guides
- Learn about authentication strategies in MintMCP Authentication Models.
- See how to administer your Virtual MCPs in VMCP Administration.