Back to all articles
Model Context Protocol

Turn Any GraphQL API into an MCP Server

Josh Twist
·
December 3, 2025
·
3 min read

Turn any GraphQL API into an MCP server in minutes with Zuplo. Add authentication, rate limiting, and let AI agents query your GraphQL schema automatically.

December 3, 2025

At Zuplo, we've made it easy to transform REST APIs into MCP servers with full authentication, rate limiting, and monetization built in. Now, we've extended that same capability to GraphQL.

Watch the demo

GraphQL to MCP Server Demo
Video Tutorial

GraphQL to MCP Server Demo

See how to transform any GraphQL API into an MCP server with automatic schema introspection and query execution.

Why GraphQL and MCP?

GraphQL APIs are powerful, but they present a unique challenge for AI agents. Unlike REST endpoints with discrete operations, GraphQL exposes a flexible query language. An LLM needs to understand the schema before it can construct useful queries.

Zuplo's GraphQL-to-MCP support solves this by automatically generating two MCP server tools:

  1. Introspection tool - Fetches the GraphQL schema so the LLM understands what queries are available
  2. Execute tool - Runs GraphQL queries against the endpoint

This two-step approach lets AI systems dynamically discover and interact with any GraphQL API without manual tool definitions for each query type.

MCP Servers with GraphQL Documentation

Learn how to expose GraphQL APIs as MCP tools with automatic schema introspection and query execution.

Auto-generated introspectionQuery execution toolCustom tool support

Example: Rick and Morty API

There's a great Rick and Morty GraphQL API that we love to use for examples, and this demo is no different. Here's what the setup looks like:

1. Create a GraphQL route

Add a POST route that forwards to your GraphQL backend. This can be done directly in the Route Designer found in the Zuplo Portal.

Setting up the GraphQL endpoint in the Zuplo Route Designer

Or, you can specify the setup in the OpenAPI document as shown here:

JSONjson
{
  "/graphql": {
    "post": {
      "operationId": "graphql",
      "x-zuplo-route": {
        "handler": {
          "export": "urlRewriteHandler",
          "module": "$import(@zuplo/runtime)",
          "options": {
            "baseUrl": "https://rickandmortyapi.com/graphql"
          }
        },
        "mcp": {
          "type": "graphql"
        }
      }
    }
  }
}

The key is the mcp.type: "graphql" configuration. This tells Zuplo to expose this endpoint through the MCP server with the introspection and execution capabilities as specific tools.

2. Add authentication

Drop in an API key authentication policy. Any authentication you add to the GraphQL endpoint carries forward to the MCP server automatically. You can also add rate limiting at this stage as well.

3. Add the MCP server

Include the GraphQL route in your MCP server configuration. This can also be done by adding a new MCP route in the Route Designer and selecting the /graphql endpoint as the tool you expose.

You can also specify the MCP options directly on the /graphql endpoint by clicking the MCP GraphQL button. This allows you to specify that the endpoint is a GraphQL endpoint, and you can customize how the introspection and execution MCP tools are named.

Setting up the MCP tools in the Zuplo Route Designer

Of course, you can also specify that same setup in the OpenAPI specification:

JSONjson
{
  "/graphql": {
    "post": {
      "operationId": "graphql",
      "x-zuplo-route": {
        "handler": {
          "export": "urlRewriteHandler",
          "module": "$import(@zuplo/runtime)",
          "options": {
            "baseUrl": "https://rickandmortyapi.com/graphql"
          }
        },
        "mcp": {
          "type": "graphql",
          "introspectionTool": {
            "name": "rickmorty_schema",
            "description": "Fetch the Rick and Morty GraphQL schema"
          },
          "executeTool": {
            "name": "rickmorty_query",
            "description": "Execute a query against the Rick and Morty GraphQL API"
          }
        }
      }
    }
  }
}

That's it. In under a minute, you have a production-ready MCP server backed by a GraphQL API.

Testing It Out

Add the MCP server to your client of choice (OpenAI Playground, MCP Inspector, MCPJam, you can choose!) and ask

"Who was in Season 4, Episode 6 of Rick and Morty? What was the episode called?"

The LLM will then:

  1. Call the introspection tool to understand the schema
  2. Construct and execute a GraphQL query
  3. Return the answer: "Never Ricking Morty" featuring Rick Sanchez, Morty Smith, and others

The whole flow happens automatically because the LLM has access to the schema through introspection and the tools that Zuplo automatically provides.

It is worth noting that introspection needs to stay enabled for the MCP server to work. Without it, the LLM can't discover the schema.

Additional GraphQL Policies

Zuplo offers a few additional options for working with GraphQL in the form of built-in policies that can be added to any route. These policies let you lock down the public GraphQL endpoint while still giving the MCP server what it needs to work correctly.

GraphQL Introspection Filter

Filter which types and fields appear in GraphQL introspection responses.

Filter schema typesHide internal fieldsOutbound policy

GraphQL Disable Introspection

Block introspection on public routes while keeping it available for internal MCP calls.

Block public introspectionProtect schemaInbound policy

GraphQL Complexity Limit

Prevent resource-intensive queries from overwhelming your backend.

Query cost analysisDepth limitingProtect backend resources

Get Started

GraphQL-to-MCP support is available now in Zuplo. Try it for yourself!

Try it yourself

GraphQL MCP Server Example

A complete working example of exposing a GraphQL API as an MCP server with automatic introspection and query execution.

Deploy
Documentation:MCP Server GraphQL Docs
Get Started:Sign up for a free Zuplo account

Related Articles

Continue reading from the Zuplo blog.

API Monetization

Why API Gateways Should Handle API Monetization Natively

Piecing together separate systems to monetize an API is a hassle. That's why we put native metering and billing into the API gateway itself.

5 min read
API Monetization 101

API Monetization 101: Your Guide to Charging for Your API

A three-part series on API monetization: what to count, how to structure plans, and how to decide what to charge. Start here for the full picture.

4 min read

On this page

Watch the demoWhy GraphQL and MCP?Example: Rick and Morty APITesting It OutAdditional GraphQL PoliciesGet Started

Scale your APIs with
confidence.

Start for free or book a demo with our team.
Book a demoStart for Free
SOC 2 TYPE 2High Performer Spring 2025Momentum Leader Spring 2025Best Estimated ROI Spring 2025Easiest To Use Spring 2025Fastest Implementation Spring 2025

Get Updates From Zuplo

Zuplo logo
© 2026 zuplo. All rights reserved.
Products & Features
API ManagementAI GatewayMCP ServersMCP GatewayDeveloper PortalRate LimitingOpenAPI NativeGitOpsProgrammableAPI Key ManagementMulti-cloudAPI GovernanceMonetizationSelf-Serve DevX
Developers
DocumentationBlogLearning CenterCommunityChangelogIntegrations
Product
PricingSupportSign InCustomer Stories
Company
About UsMedia KitCareersStatusTrust & Compliance
Privacy PolicySecurity PoliciesTerms of ServiceTrust & Compliance
Docs
Pricing
Sign Up
Login
ContactBook a demoFAQ
Zuplo logo
DocsPricingSign Up
Login