MCPcopy Index your code
hub / github.com/stacklok/toolhive

github.com/stacklok/toolhive @v0.33.0

Chat with this repo
repository ↗ · DeepWiki ↗ · release v0.33.0 ↗ · + Follow
15,551 symbols 87,767 edges 1,761 files 10,863 documented · 70% 72 cross-repo links updated 1d agov0.33.0 · 2026-07-01★ 1,926221 open issues
What it actually does AI analysis from the code graph — generated when you open this
loading…
README

ToolHive logo

The open source MCP platform trusted by developers and enterprises

Release Build status Coverage Status License: Apache 2.0 Star on GitHub Discord

Run any MCP server securely, instantly, anywhere.

ToolHive runs every MCP server in an isolated container, enforces identity and access policy per request when configured with an authentication source, and gives platform teams the observability they need to put MCP in production.

Why ToolHive?

Here are some of the more common use cases for ToolHive:

Developers. Run MCP servers with more security and more (token) savings Platform Engineers. Run MCP on your existing Kubernetes infrastructure Enterprises. Self-host MCP servers and stay in control of your data
Connect Claude Code, Cursor, GitHub Copilot, or your preferred client to MCP servers with a single click or command. ToolHive wraps every MCP server in an isolated container with a minimal permission file (no local credentials) and uses semantic tool search to reduce your token usage by up to 85%. Put an end to shadow MCP use by your developers, and give your security team the audit logs and configurable identity enforcement they require. ToolHive includes a Kubernetes operator, so you can declare policies, integrate with your IdP and observability stack, emit OTel traces, and more … all with familiar tools and patterns. Most MCP solutions are SaaS, but your compliance requirements prohibit sensitive info from being processed by SaaS providers. ToolHive is the exception that allows you to self-host your MCP registry, gateway, etc. You can pilot the entire platform, and when you’re ready to scale, Stacklok’s got the added capabilities and expert team ready!
Download ToolHive and get started Explore the Kubernetes operator in our docs Read more about running MCP on Kubernetes Learn more about Stacklok’s platform Compare open source ToolHive and Stacklok Enterprise

ToolHive diagram

Quick links


Core capabilities

ToolHive architecture: Gateway, Registry Server, Runtime, and Portal

ToolHive is built on a modular architecture to streamline secure MCP server management and integration. Here's how the main components work.

🔌 Gateway

Define dedicated endpoints from which your teams can securely and efficiently access tools.

  • Orchestrate multiple tools into a virtual MCP with a deterministic workflow engine
  • Define access policies and network endpoints
  • Centralize control of security policy, authentication, authorization, auditing, etc.
  • Integrate with your IdP for SSO (OIDC/OAuth compatible)
  • Customize and filter tools and descriptions to improve performance and reduce token usage
  • Connect with local clients like Claude Desktop, Cursor, VS Code, and VS Code Server

📦 Registry Server

Curate a catalog of trusted servers your teams can quickly discover and deploy.

  • Integrate with the official MCP registry
  • Add custom MCP servers
  • Group servers based on role or use case
  • Manage your registry with an API-driven interface (or embed in existing workflows for seamless integration and governance)
  • Verify provenance and sign servers with built-in security controls
  • Preset configurations and permissions for a frictionless user experience

⚙️ Runtime

Deploy, run, and manage MCP servers locally or in a Kubernetes cluster with security guardrails.

  • Deploy MCP servers in the cloud via Kubernetes for enterprise scalability
  • Run MCP servers locally via Docker or Podman
  • Proxy remote MCP servers securely for unified management
  • Kubernetes Operator for fleet and resource management
  • Leverage OpenTelemetry and Prometheus for monitoring and audit logging

💻 Portal

Simplify MCP adoption for developers and knowledge workers across your enterprise

  • Cross-platform desktop app and browser-based cloud UI
  • Make it easy for admins to curate MCP servers and tools
  • Automate server discovery
  • Install MCP servers with a single click
  • Compatible with hundreds of AI clients

How it works together

  1. Admins curate and organize MCP servers in the Registry, configuring access and policies.
  2. Users discover and request MCP servers from the Portal, and ToolHive orchestrates installation and access.
  3. Runtime securely deploys and manages MCP servers across local and cloud environments, integrating seamlessly with existing SDLC workflows, exporting analytics, and enforcing fine-grained access control.
  4. Gateway handles all inbound traffic, secures context and credentials, optimizes tool selection, and applies organizational policies.

Flexible deployment

Desktop experience

Individual developers can get started in minutes with the desktop UI or CLI, then apply the same concepts in enterprise environments.

Key features:

  • Run any MCP server from a container image, or build one dynamically from common package managers
  • Manage encrypted secrets and control network isolation with simple, local tooling
  • Test and validate MCP servers using built-in tools like the official MCP Inspector
  • Optimize token usage and tool execution with the MCP Optimizer

Get started with the UI: Quickstart, How-to guides
Get started with the CLI: Quickstart, How-to guides, Command reference

MCP guides: learn how to run common MCP servers with ToolHive

Kubernetes Operator

Teams and organizations manage MCP servers and registries centrally using familiar Kubernetes workflows.

Key features:

  • Custom Resource Definitions for MCP servers, registries, and other ToolHive components
  • Secure execution with container-based isolation and multi-namespace support
  • Automated service creation and discovery, with ingress integration for secure access
  • Enterprise-grade security and observability: OIDC/OAuth SSO, secure token exchange, audit logging, OpenTelemetry, and Prometheus metrics
  • Hybrid registry server: curate from upstream registries, dynamically register local MCP servers, or proxy trusted remote services

Get started: Quickstart, How-to guides, CRD reference, Example manifests

Hybrid

ToolHive's complete solution for teams and enterprises supports MCP servers across all environments: on developer machines, inside your Kubernetes clusters, or hosted externally by trusted SaaS providers.

End users access approved MCP servers through a secure, browser-based cloud UI. Developers can also connect using the ToolHive CLI or desktop UI for advanced integration and testing workflows.

Enterprise teams can also leverage ToolHive to integrate MCP servers into custom internal tools, agentic workflows, or chat-based interfaces, using the same runtime and access controls.

ToolHive platform diagram


Contributing

We welcome contributions and feedback from the community!

If you have ideas, suggestions, or want to get involved, check out our contributing guide or open an issue. Join us in making ToolHive even better!

Contribute to the CLI, API, and Kubernetes Operator (this repo): - 🤝 [Contributing guide](./CONTRIBUTING.md) - 📖 [Developer guides](./docs/README.md) - 📐 [Architecture documentation](./docs/arch/README.md) Contribute to the UI, registry, and docs: - 💻 [Desktop UI repository](https://github.com/stacklok/toolhive-studio) - ☁️ [Cloud UI repository](https://github.com/stacklok/toolhive-cloud-ui) - 📦 [ToolHive registry server repository](https://github.com/stacklok/toolhive-registry-server) - 🛠️ [ToolHive's built-in registry](https://github.com/stacklok/toolhive-catalog) - 📚 [Documentation repository](https://github.com/stacklok/docs-website) ToolHive mascot

License

This project is licensed under the Apache 2.0 License.

Extension points exported contracts — how you extend this code

Deployer (Interface)
Deployer contains the methods to start and stop a workload. This is intended as a subset of the Runtime interface for th [6 …
pkg/container/runtime/types.go
TokenSource (Interface)
TokenSource provides authentication tokens for registry HTTP requests. [18 implementers]
pkg/registry/auth/auth.go
ElicitationRequester (Interface)
go:generate mockgen -destination=mocks/mock_elicitation_requester.go -package=mocks -source=elicitation.go ElicitationRe [8 …
pkg/vmcp/elicitation.go
EnvVarValidator (Interface)
EnvVarValidator defines the interface for checking that the expected environment variables and secrets have been supplie [49 …
pkg/runner/env.go
TokenSource (Interface)
TokenSource obtains fresh OIDC access tokens for the LLM gateway. *llm.TokenSource satisfies this interface. [18 implementers]
pkg/llm/proxy/proxy.go
StatusUpdater (Interface)
StatusUpdater is an interface for updating workload authentication status. This abstraction allows the monitored token s [7 …
pkg/auth/monitored_token_source.go
Middleware (Interface)
Middleware defines a middleware interceptor and a close method. [25 implementers]
pkg/transport/types/transport.go
SkillStore (Interface)
go:generate mockgen -destination=mocks/mock_skill_store.go -package=mocks -source=interfaces.go Note: -source mode gener [8 …
pkg/storage/interfaces.go

Core symbols most depended-on inside this repo

Run
called by 3689
pkg/workloads/manager.go
Helper
called by 1788
test/e2e/cimd_auth_helpers_test.go
Set
called by 1061
pkg/vmcp/cache/cache.go
Join
called by 916
pkg/git/fs.go
Error
called by 904
pkg/config/errors.go
Len
called by 829
pkg/cache/validating_cache.go
Get
called by 779
cmd/thv-operator/pkg/httpclient/client.go
Close
called by 753
pkg/vmcp/core/core.go

Shape

Function 8,610
Method 5,052
Struct 1,564
Interface 151
TypeAlias 89
FuncType 85

Languages

Go100%

Modules by API surface

cmd/thv-operator/api/v1beta1/zz_generated.deepcopy.go280 symbols
pkg/authserver/storage/mocks/mock_storage.go152 symbols
pkg/config/interface.go132 symbols
cmd/thv-operator/api/v1alpha1/zz_generated.deepcopy.go84 symbols
pkg/workloads/manager.go83 symbols
cmd/thv-operator/controllers/virtualmcpserver_controller.go81 symbols
pkg/authserver/storage/memory_test.go80 symbols
pkg/runner/config_builder.go76 symbols
pkg/authserver/storage/redis.go74 symbols
pkg/transport/types/mocks/mock_transport.go70 symbols
pkg/container/docker/client.go67 symbols
pkg/config/mocks/mock_provider.go66 symbols

Dependencies from manifests, versioned

cel.dev/exprv0.25.1 · 1×
dario.cat/mergov1.0.2 · 1×
github.com/1password/onepassword-sdk-gov0.3.1 · 1×
github.com/Azure/go-ansitermv0.0.0-2025010203350 · 1×
github.com/KyleBanks/depthv1.2.1 · 1×
github.com/Masterminds/semver/v3v3.4.0 · 1×
github.com/Microsoft/go-winiov0.6.2 · 1×
github.com/ProtonMail/go-cryptov1.1.6 · 1×
github.com/adrg/xdgv0.5.3 · 1×
github.com/antlr4-go/antlr/v4v4.13.1 · 1×
github.com/asaskevich/govalidatorv0.0.0-2023030114320 · 1×

Datastores touched

dbDatabase · 1 repos
mydbDatabase · 1 repos
production_dbDatabase · 1 repos

For agents

$ claude mcp add toolhive \
  -- python -m otcore.mcp_server <graph>

⬇ download graph artifact