mcp-context-forge
mcp-context-forge copied to clipboard
IBM
A Model Context Protocol (MCP) Gateway & Registry. Serves as a central management point for tools, resources, and prompts that can be accessed by MCP-compatible LLM applications. Converts REST API end...
When an MCP client calls an MCP server endpoint via the CF gateway, appropriate OAuth2 token operations and policy enforcement must be carried out by a tool plugin (which calls...
Passing suitable access credentials (e.g., OAuth2 tokens) to a given MCP server requires knowledge of the authorization server (typically also an identity provider) it relies on. We will follow RFC...
Various operations listed in https://github.com/IBM/mcp-context-forge/issues/1422 rely on OAuth2 protocol units as specified in the OAuth2 RFCs. We need to create a common library with a set of canonical functions for...
Enhance the functionalities of the IAM pre-tool plugin with following capabilities:- - [ ] Support for Rich Context Authorization - [ ] Support for human-in-the-loop approval - [ ] Support...
We will create a pre-tool plugin that will handle the IAM requirements for the given tool (we will limit our scope to MCP servers in this issue), which include token...
### 🐞 Bug Summary Briefly describe the issue or unexpected behavior. **1: The query_mapping and header_mapping in REST Passthrough Configuration are only defined by the schema and do not take...
# ✨ Feature / Enhancement PR ## 🔗 Epic / Issue _Link to the epic or parent issue:_ Closes # 1361 --- ## 🚀 Summary (1-2 sentences) _What does this...
### 🐞 Bug Summary Briefly describe the issue or unexpected behavior. I'm trying to register GitHub MCP server with Gateway which is registed through API. But the tools are not...
Today, the configuration pivots on plugin names, with each plugin defining where and how it applies (via `hooks`, `conditions`, `tags`, etc.). While flexible, this model introduces certain complexities: **Each plugin...
**Description** JWT tokens can include public claims (e.g., identity) and private claims (e.g., roles, attributes, groups, permissions, etc.). Private claims can also include fine-grained permissions for tool calls as documented...
