Features

📄️Tool Customization

Tool Customization (also known as tool hardening) is an MCPX feature that lets you create hardened variants of existing tools with fixed input values, rewritten descriptions, or both. Tool hardening is the practice of constraining what an MCP tool can do at the gateway layer, before agents call it. These customized tools appear alongside the original tool and can be used to enforce constraints, improve security, and guide AI agents toward the correct tool behavior.

📄️Agent Access Control

Agent Access Control in Lunar.dev MCPX lets you manage which tools and services each agent can use, through a toggle-based interface in the MCPX UI.

📄️Tool Groups

Lunar.dev MCPX lets you organize tools from multiple servers into reusable collections called Tool Groups. Instead of assigning tools service by service, you can create cross-server groups such as Testing, Development, or Communication, then reuse them across multiple agents.

📄️Dynamic Tool Discovery

Dynamic Tool Discovery in Lunar.dev MCPX lets agents load only the tools a task needs at runtime, instead of injecting the full tool catalog into the model's context. It is built on Tool Groups.

📄️Basic API Key Authorization

MCPX supports basic API key authentication for new connections to MCPX.

📄️Consumer Tags

MCPX lets clients identify themselves using the x-lunar-consumer-tag HTTP header. This enables fine-grained control over access, rate limiting, and observability.

📄️IP Access Control

IP access control lets users decide which clients can connect to an MCPX Server by checking their IP address. This can be handy when it is necessary to limit access to trusted sources such as office networks, VPNs, or specific load balancers. Both IPv4 and IPv6 addresses are supported, and users can define ranges with CIDR notation. If you do not configure anything, all IPs are allowed by default.

📄️MCPX Metrics

The MCPX server exposes detailed Prometheus metrics about tool calls available at//localhost:3000/metrics

📄️OAuth

MCPX Enterprise includes native Identity Provider (IdP) integration with the identity systems your organization already uses. Connect to leading IdPs such as Okta, Microsoft Entra ID, Active Directory, Google Workspace, JumpCloud, and more—so users and agents sign in through your existing SSO and governance model, not separate credentials.

📄️Static OAuth

Static OAuth support in MCPX extends the existing Client Credentials Flow by adding support for Device Flow Authorization (OAuth 2.0 Device Authorization Grant). Users can now configure either authentication method depending on their needs.

📄️Audit Logs

Track agent tool-usage and configuration changes through MCPX with structured, persistent audit logs.