The Developer’s Guide to MCP Gateways

MCP servers are designed for single applications but face scalability challenges when connecting multiple B2B customers due to the need for individual credentials and consent screens. This complexity is compounded by MCP's use of OAuth 2.1, making multi-tenancy more intricate than traditional API scenarios. To address these issues, MCP gateway products like Descope's Agentic Identity Hub offer managed identity infrastructure that centralizes tenant configurations and policies. The guide discusses when an MCP gateway is necessary, exploring solutions such as single-server, per-tenant server, and gateway with identity provider models. It highlights how Descope supports MCP gateway implementations by managing authentication and authorization, and providing client registration and credential storage. Integration examples with Golf.dev show the practical application of these concepts, illustrating how Descope acts as an identity provider, enhancing the functionality of gateways like those offered by Kong and Traefik. While not all organizations need an MCP gateway, those with complex multi-tenant requirements benefit from the centralized control and identity management these solutions provide.