MXCP
Production Ready MCP Framework
Build enterprise-grade MCP servers using just YAML, SQL, and Python. Built-in auth, monitoring, ETL, policy enforcement, evals and guardrails—so you can focus on intelligence, not infrastructure.
$ pip install mxcpBuilt for Regulated Industries
Every query logged. Every action auditable. Every access controlled. Deploy AI with confidence in banking, healthcare, and government.
Authentication & RBAC
OAuth integration with GitHub, Google, Atlassian, and Salesforce out of the box. Role-based access control ensures users only see what they're allowed to.
- SSO with enterprise identity providers
- Fine-grained role definitions
- User context passed to every endpoint
Policy Enforcement
CEL-based policies control who can execute what. Input policies validate requests. Output policies filter sensitive data before it reaches the AI.
- Input validation policies
- Output filtering and redaction
- PII masking built-in
Complete Audit Trails
Every query, every result, every error logged automatically. Know who accessed what, when, and why. Export to your SIEM for compliance.
- Full request/response logging
- Export to CSV, DuckDB, or SIEM
- Compliance-ready reports
Full Observability
OpenTelemetry integration for metrics, traces, and logs. Monitor performance, debug issues, and understand AI behavior in production.
- OpenTelemetry native
- Distributed tracing
- Real-time performance metrics
Your Data Stack, AI-Ready
Connect your existing data infrastructure. No migration required.
MXCP
dbt Native
First-class integration with your existing dbt project. Models, tests, and documentation sync automatically.
DuckDB Powered
In-process analytics engine. Query Parquet, CSV, JSON. Cache remote data locally for blazing speed.
Full Python
When SQL isn't enough. Call APIs, run ML models, implement any complex business logic with type safety.
From Months to Minutes
Building a production MCP server from scratch means implementing authentication, policies, audit logging, observability, and more. MXCP handles all of it.
You need to build and maintain:
- ✗ Authentication layer
OAuth flows, token validation, session management
- ✗ Authorization & RBAC
Role definitions, permission checks, policy engine
- ✗ Data connectors
Database drivers, API clients, file parsers
- ✗ Audit logging
Request tracking, compliance reports, SIEM integration
- ✗ Observability
Metrics, traces, distributed logging
- ✗ Schema validation & drift detection
Type checking, breaking change alerts
- ✗ Testing infrastructure
Unit tests, integration tests, LLM evals
Thousands of lines of boilerplate code
With MXCP Just write your business logic:
tools: - name: get_customers source: sql/customers.sql auth: oauth policies: input: user.role in ['admin', 'analyst'] output: mask_pii(result) - ✓ Authentication & RBAC included
- ✓ Policy enforcement built-in
- ✓ Audit trails automatic
- ✓ OpenTelemetry native
- ✓ Schema validation & drift detection
- ✓ Testing & CI/CD ready
Focus on your data, not infrastructure
MXCP turns MCP servers into a commodity. Connect any data source, apply enterprise controls, and deploy securely—all through configuration.
Ship AI to Production Without Fear
AI systems fail silently. Bad data, broken schemas, wrong tool calls—you won't know until users complain. MXCP makes every failure visible before it reaches production.
The problem
"The AI keeps giving wrong answers"
Garbage in, garbage out. If your data has nulls, duplicates, or stale values, the LLM will confidently return nonsense.
The problem
"Last deploy broke everything"
Someone changed a SQL query and now the schema is different. The AI crashes or returns malformed data.
The problem
"Users saw data they shouldn't"
A policy bug let external users see internal data. Or PII wasn't masked. You found out from a support ticket.
The problem
"The AI uses the wrong tool"
Your tool descriptions are confusing. The AI calls get_all_customers when it should call search_customer. Users get frustrated.
Catch it in CI, not in production
MXCP is configuration and code—fully testable, fully version controlled. Run the complete test suite on every PR. Block merges when tests fail.
MXCP FAQ
What is the Model Context Protocol (MCP)? +
MCP is an open standard created by Anthropic that defines how AI agents communicate with external tools and data sources. Instead of every AI platform building custom integrations, MCP provides a universal way for agents to discover and use tools securely. It's becoming the standard interface between AI agents and enterprise systems.
What is MXCP and how is it different from MCP? +
MCP is the protocol—it defines how AI agents talk to tools. MXCP is our enterprise framework built on top of MCP that adds production-grade features. While basic MCP lets you expose a tool, MXCP adds authentication (OAuth, API keys), authorization policies, audit logging, testing frameworks, and deployment options. Think of MCP as HTTP and MXCP as a full web framework built on top of it.
Which AI models and platforms does MXCP support? +
MXCP works with any AI system that supports the Model Context Protocol. This includes Claude, ChatGPT, Gemini, and custom AI applications built with frameworks like LangChain or PydanticAI. We're model-agnostic by design—your governance policies stay consistent regardless of which AI provider you're using, and you can switch providers without rebuilding your integrations.
What data sources can I connect with MXCP? +
MXCP can connect to virtually any data source. We have native support for PostgreSQL, MySQL, SQLite, DuckDB, Snowflake, and other SQL databases. You can also connect to REST APIs, files (CSV, JSON, Parquet), and SaaS applications. If you can query it with SQL or call it from Python, MXCP can expose it as a governed MCP endpoint.
How does MXCP handle authentication and authorization? +
MXCP supports enterprise OAuth 2.0 and API key authentication out of the box. For authorization, you define policies that control which users or agents can access which endpoints, with optional row-level security and data masking. Every request is authenticated before any query executes, and you can integrate with your existing identity provider.
Is MXCP open source? +
Yes, MXCP is open source under the Business Source License (BSL 1.1). You can use it freely for internal projects and most commercial purposes. The source code is on GitHub, and we welcome contributions. For organizations needing enterprise support, SLAs, or managed hosting, we offer commercial options.
Can I run MXCP on my own infrastructure? +
Absolutely. MXCP can run anywhere—your own servers, Kubernetes clusters, or major cloud providers like AWS, GCP, and Azure. Many of our customers in regulated industries require on-premise deployment for compliance reasons. We provide Docker images, Helm charts, and deployment guides for various environments.
How long does it take to get started with MXCP? +
You can have your first MCP server running in about 15 minutes using our CLI. Just install MXCP, define your SQL or Python endpoints in a YAML file, and run mxcp serve. For production deployments with full authentication, policies, and integration with existing systems, teams typically go to production in 2-4 weeks.
Have more questions? Get in touch
Ready to Build Production AI Tools?
Get started in minutes. Open source, well-documented, and production-ready.
$ pip install mxcp Free and open source. Deploy anywhere.