--- title: "MCP Gateway (Private Beta) — Govern Employee Access to MCP Servers" description: "The access layer between your employees and the MCP servers they connect to from Claude, Cursor, and ChatGPT. Central catalog, per-role RBAC, SSO, and audit logs for every tool call. Private beta." canonicalUrl: "https://zuplo.com/mcp-gateway" sourceUrl: "https://zuplo.com/mcp-gateway" pageType: "product" generatedAt: "2026-04-23" --- # Govern the MCP Servers Your Employees Use. > **Private Beta.** Employees are connecting Claude, Cursor, and ChatGPT to > third-party MCP servers faster than IT can review them. MCP Gateway is the > access layer in between — a central catalog of approved servers, per-role > RBAC, SSO, and an audit log for every tool call. ## What it does Employees point their AI client at a single Gateway URL instead of registering each third-party MCP server individually. The Gateway authenticates the employee via your SSO, looks up which catalog entries they are allowed to use, and proxies the request to the underlying server. The client gets back exactly the tools IT has approved for that user. - **Central catalog** of approved MCP servers (third-party, internal, and virtual) - **Per-role RBAC** over which tools each employee can call - **SSO / OIDC** for employee identity; credential brokering to downstream servers - **Virtual MCP servers** — curated views that expose a subset of tools from one or more upstream servers - **Audit log** for every tool call across the organization - **Claude Desktop, Cursor, ChatGPT** compatible via the 2025-06-18 MCP spec over streamable HTTP ## MCP Gateway vs MCP Server These solve opposite problems: - **MCP Server** (GA, inside the API Gateway) is for teams _building_ MCP servers. Auto-generate one from your OpenAPI definition so agents can call your product. - **MCP Gateway** is for IT and security teams _governing_ the MCP servers your employees already connect to from Claude, Cursor, or ChatGPT — most of which are third-party (Linear, GitHub, Notion, Stripe, etc.). ## Compatible MCP servers Any MCP server that speaks the 2025-06-18 spec over streamable HTTP: - Third-party hosted servers (Linear, GitHub, Notion, Stripe, Atlassian, and the growing public registry) - Internal servers built by your own teams - Virtual servers that expose a curated subset of tools from either ## Authentication Employees authenticate to the Gateway with your SSO / OIDC provider. The Gateway brokers credentials to downstream MCP servers — either shared service accounts managed by IT, or per-user OAuth for servers that require individual authorization. Auth translation (e.g. converting a user's SSO session into an API key an MCP server requires) is a first-class feature for the beta. ## Availability Currently in private beta. Zuplo is working with design partners through 2026. GA will follow once the governance model is validated with production workloads. Private beta customers get hands-on support from the Zuplo team and shape the product. - [Request beta access](https://zuplo.com/signup) - [AI platform overview](/ai.md) - [AI Gateway](/ai-gateway.md) ## FAQ ### What is a virtual MCP server? A policy-backed view into one or more underlying MCP servers. IT picks which tools to expose and who can call them. Finance gets a read-only view of Stripe and QuickBooks; engineering gets a separate view with GitHub and deployment tools — all governed centrally, without forking any upstream server.