MCP.so
Sign In
Servers

Swagger MCP Server

@dcolley

Swagger to MCP server

Overview

What is Swagger MCP Server?

A server that ingests and serves Swagger/OpenAPI specifications through the Model Context Protocol (MCP). It automatically generates MCP tools from API endpoints and supports multiple authentication methods, making it suitable for developers who want to expose REST APIs to AI assistants via MCP.

How to use Swagger MCP Server?

Clone the repository, install dependencies with Yarn, create a .env file, and configure your Swagger/OpenAPI specification (file path or URL) in config.json. Start the development server with yarn dev, or build and run with yarn build and yarn start. The server listens on configurable host/port and exposes endpoints for health checks, SSE connections, and message posting.

Key features of Swagger MCP Server

  • Loads Swagger/OpenAPI specifications from file or URL
  • Supports Basic Auth, Bearer Token, API Key, and OAuth2 authentication
  • Automatically generates MCP tools from API endpoints
  • Server-Sent Events (SSE) support for real-time communication
  • TypeScript support

Use cases of Swagger MCP Server

  • Integrate any REST API defined by an OpenAPI spec into an MCP ecosystem
  • Allow AI assistants to call API endpoints through auto-generated MCP tools
  • Expose a personal or internal API to MCP clients without writing custom MCP servers

FAQ from Swagger MCP Server

Is this server safe to expose to the public internet?

No. The README explicitly warns: "This is a personal server!! Do not expose it to the public internet." If the underlying API requires authentication, the MCP server should also not be exposed publicly.

What are the runtime prerequisites?

Node.js v18 or higher, the Yarn package manager, and TypeScript.

How does the server handle authentication?

It supports Basic Auth, Bearer Token, API Key (in header or query), and OAuth2. The authentication configuration can be provided in config.json as a fallback, but the Swagger specification's security schemes take priority.

How does the server prioritize settings between the Swagger file and config?

The Swagger specification takes precedence. If the Swagger file contains a servers array, the first server URL is used as the base URL. If it defines security schemes, those are used for authentication. The config file settings serve only as fallbacks.

What environment variables are available?

  • PORT (default: 3000)
  • API_USERNAME, API_PASSWORD (fallback for basic auth)
  • API_TOKEN (fallback for bearer/OAuth2 tokens)
  • DEFAULT_API_BASE_URL (fallback base URL)
  • DEFAULT_SWAGGER_URL (default Swagger spec URL)

More from Other