Managing MCP tools in production?
Posted by mpetryshyn1@reddit | ExperiencedDevs | View on Reddit | 7 comments
I've run into this a bunch: APIs with no MCP servers, so I end up writing a tiny MCP server for each one.
That means repeated work, messy infra, and maintaining a bunch of little hosts for no good reason.
Feels like there should be an SDK or service that handles client-level auth and lets agents call tools directly.
Think Auth0 or Zapier but for MCP tools - integrate once, manage permissions centrally, agents just use the tools.
Has anyone built or used something like that already? not sure why I can't find a clear winner.
Right now we hack together proxies or reuse the same server, which still blows my mind.
I’d love something that removes the hosting and ops overhead so teams can ship more agents.
Curious how other people handle this in production, or if I'm missing an obvious solution.
Infamous-Hand-707@reddit
Why would you want to do this (just curious)? Interacting with an api should only be trough its endpoints, it should bot expose anything else. What is the purpose of the mcp server here
gjionergqwebrlkbjg@reddit
You don't want to give the agent unlimited access to credentials or full permissions, you need to limit it.
jac1013@reddit
I find myself writing a new MCP server for every API as well.
What you can do (which you are probably already doing) is making the provisioning of MCPs as automated as possible.
You can accomplish this with Terraform/Pulumi and the configuration will vary depending on the deployment model of your MCPs and how you prefer to handle them (single container with multiple MCPs or a container per MCP).
martinbean@reddit
Well who is the target audience for this MCP? It sounds like just you. If so, then the MCP should be local and not pushed to production if it has no need to be publicly-accessible.
vassadar@reddit
Why not feed an LLM with swaggers?
Cosmicdev_058@reddit
Writing a new MCP server for every API feels dumb but I haven't found a clean way around it either.
xXNoVa-FaNGXx@reddit
why is auth any different from the APIs auth? Every mcp server i’ve built has a forwarding mechanism for the user’s token the agent is operating on behalf of or a service token.