Features
📄️ Tool Customization
Tool Customization lets you create modified versions of existing tools with fixed input values, rewritten descriptions, or both. These customized tools appear alongside the originals and can be used to enforce constraints when tools are called by AI agents.
📄️ Access Control List
MCPX lets you control tool access per consumer using Access Control Lists (ACLs). You can define rules globally, by service, or per tool. ACLs rely on the x-lunar-consumer-tag header to identify which consumer is making the request.
📄️ Basic API Key Authorization
MCPX supports basic API key authentication for new connections to MCPX.
📄️ Consumer Tags
MCPX lets clients identify themselves using the x-lunar-consumer-tag HTTP header. This enables fine-grained control over access, rate limiting, and observability.
📄️ MCPX Metrics
The MCPX server exposes detailed Prometheus metrics about tool calls available at//localhost:3000/metrics
📄️ OAuth
MCPX now supports OAuth-based authentication for remote MCP servers, enabling a more secure and streamlined connection process. You can authenticate servers with a few clicks, eliminating the need to manage tokens manually or navigate complex setup steps.
📄️ Static OAuth
Static OAuth support in MCPX extends the existing Client Credentials Flow by adding support for Device Flow Authorization (OAuth 2.0 Device Authorization Grant). Users can now configure either authentication method depending on their needs.
📄️ IP Access Control
IP access control lets users decide which clients can connect to an MCPX Server by checking their IP address. This can be handy when it is necessary to limit access to trusted sources such as office networks, VPNs, or specific load balancers. Both IPv4 and IPv6 addresses are supported, and users can define ranges with CIDR notation. If you do not configure anything, all IPs are allowed by default.