MCP.so
Sign In
H

Hal (http Api Layer)

@DeanWard

About Hal (http Api Layer)

HAL is a Model Context Protocol (MCP) server that provides HTTP API capabilities to Large Language Models. It allows LLMs to make HTTP requests and interact with web APIs through a secure, controlled interface. HAL can also automatically generate tools from OpenAPI/Swagger specif

Basic information

Category

Developer Tools

Transports

stdio

Publisher

DeanWard

Submitted by

Dean Ward

Config

Add this server to your MCP-compatible client using the configuration below.

{
  "mcpServers": {
    "hal": {
      "command": "npx",
      "args": [
        "hal-mcp"
      ]
    }
  }
}

Tools

8

Make an HTTP GET request to a specified URL. Supports secret substitution using {secrets.key} syntax where 'key' corresponds to HAL_SECRET_KEY environment variables.

Make an HTTP POST request to a specified URL with optional body and headers. Supports secret substitution using {secrets.key} syntax in URL, headers, and body where 'key' corresponds to HAL_SECRET_KEY environment variables.

Make an HTTP PUT request to a specified URL with optional body and headers. Supports secret substitution using {secrets.key} syntax in URL, headers, and body where 'key' corresponds to HAL_SECRET_KEY environment variables.

Make an HTTP PATCH request to a specified URL with optional body and headers. Supports secret substitution using {secrets.key} syntax in URL, headers, and body where 'key' corresponds to HAL_SECRET_KEY environment variables.

Make an HTTP DELETE request to a specified URL with optional headers. Supports secret substitution using {secrets.key} syntax in URL and headers where 'key' corresponds to HAL_SECRET_KEY environment variables.

Make an HTTP HEAD request to a specified URL with optional headers (returns only headers, no body). Supports secret substitution using {secrets.key} syntax in URL and headers where 'key' corresponds to HAL_SECRET_KEY environment variables.

Make an HTTP OPTIONS request to a specified URL to check available methods and headers. Supports secret substitution using {secrets.key} syntax in URL and headers where 'key' corresponds to HAL_SECRET_KEY environment variables.

Get a list of available secret keys that can be used with {secrets.key} syntax. Only shows the key names, never the actual secret values.

Overview

What is Hal (http Api Layer)?

Hal (http Api Layer) is a Model Context Protocol (MCP) server that gives Large Language Models the ability to make HTTP requests and interact with web APIs through a secure, controlled interface. It supports common HTTP methods, includes built-in secret management using environment variables, and can automatically generate tools from OpenAPI/Swagger specifications.

How to use Hal (http Api Layer)?

Install Hal globally via npm install -g hal-mcp or run it on demand with npx hal-mcp. Configure it in MCP-compatible clients (e.g., Claude Desktop) by adding an entry to the mcpServers configuration object. Optionally set environment variables like HAL_SWAGGER_FILE and HAL_SECRET_* to enable Swagger integration and secure token management.

Key features of Hal (http Api Layer)

  • Supports GET, POST, PUT, PATCH, DELETE, OPTIONS, and HEAD requests.
  • Automatically generates tools from OpenAPI/Swagger specifications.
  • Secure secret management with {secrets.key} template substitution.
  • Organizes secrets into namespaces with URL restrictions.
  • Built-in tools like list-secrets, http-get, and http-post.
  • Runs in an isolated environment for controlled access.

Use cases of Hal (http Api Layer)

  • Let an LLM fetch data from external REST APIs during a conversation.
  • Enable an LLM to submit data to web services (e.g., create records, send messages).
  • Integrate with existing OpenAPI-defined APIs without writing custom code.
  • Securely expose API keys and tokens to the AI without revealing their values.

FAQ from Hal (http Api Layer)

How do I install Hal (http Api Layer)?

The recommended method is npx hal-mcp. Alternatively, install globally with npm install -g hal-mcp and then run hal-mcp.

How does secret management work?

Define secrets as environment variables with the HAL_SECRET_ prefix (e.g., HAL_SECRET_API_KEY=abc). In HTTP requests, use {secrets.api_key} as a placeholder. The AI never sees the actual secret; it is substituted at request time.

Can Hal automatically generate tools from an OpenAPI spec?

Yes. Set the HAL_SWAGGER_FILE environment variable to the path of your OpenAPI/Swagger file (JSON or YAML). Optionally override the base URL with HAL_API_BASE_URL. Hal will then create tools for each endpoint.

How do I restrict a secret to only work with certain URLs?

Use namespaces and HAL_ALLOW_* environment variables. For example, HAL_SECRET_MICROSOFT_API_KEY=key and HAL_ALLOW_MICROSOFT="https://azure.microsoft.com/*" ensures that secret is only substituted in requests matching those patterns.

What HTTP methods does Hal support?

Hal provides tools for GET, POST, PUT, PATCH, DELETE, OPTIONS, and HEAD requests through built-in tools like http-get and http-post.

Comments

More Developer Tools MCP servers