MCP proxy / gateway / remote access

MCP proxy for databases and APIs.
Hosted links with explicit boundaries.

Give AI clients remote MCP access to PostgreSQL or OpenAPI without placing backend credentials in every client. Authenticate each link, apply source-specific permissions, and revoke access centrally.

PostgreSQL 12+ and OpenAPI 3.xAPI key or OAuth 2.0 + PKCEPer-link policy and revocation
LIVE ROUTEACCESS POLICY / ENFORCED
SOURCEDatabase / APIschema discovered
GATEWAYdatamcpauth · policy · route
CLIENTMCP clientshosted MCP link
REQUESTtools/call → productionPOLICY CHECKED
AUTHOAuth 2.0
ACCESSScoped
SECRETSEncrypted
ROUTEHosted

Direct answer

Should you use an MCP proxy or an MCP gateway?

Use a simple MCP proxy when you only need transport forwarding. Choose a gateway-style control layer when remote clients also need authentication, backend credential isolation, source-specific permissions, and independent link revocation.

Proxy role
Forwards or translates traffic between an MCP client and another service. Authentication and policy may be absent or implemented separately.
Gateway role
Owns client authentication, permission checks, backend credential handling, revocation, and operational controls around the MCP path.
datamcp scope
Creates hosted remote MCP endpoints for PostgreSQL 12+ and OpenAPI 3.x or supported Swagger documentation. It is not a relay for arbitrary third-party MCP servers.
Credential boundary
The MCP client receives a datamcp link or OAuth flow. PostgreSQL and upstream API credentials stay on the connection side instead of being copied into each client.
Policy boundary
PostgreSQL links can narrow operations and tables. OpenAPI links can restrict visible operations and allow only GET and HEAD in read-only mode.
Logging boundary
PostgreSQL query activity and denials are reviewable in datamcp. OpenAPI calls require upstream API or infrastructure logs.

The production path

Proxy transport is only one part of production MCP

An MCP proxy is commonly described as the layer between an AI client and an MCP server or backend. That description is accurate but incomplete. Forwarding a request does not decide who may connect, which operation they may call, where the upstream secret lives, or how one compromised client is revoked.

Those additional responsibilities turn a transport proxy into a gateway-style control layer. datamcp hosts that layer for two current source types: PostgreSQL and OpenAPI. It connects to the source, publishes a remote HTTPS MCP endpoint, authenticates the client, evaluates the MCP link policy, and executes the approved database or API operation.

This distinction matters when comparing products. Some MCP proxies relay existing MCP servers. Others translate protocols, terminate OAuth, or aggregate tools. datamcp does not proxy arbitrary third-party MCP servers. It creates managed MCP access from supported PostgreSQL and OpenAPI connections.

For the broader architecture, read the hosted MCP gateway guide. If you are choosing between managed and self-operated infrastructure, use the hosted vs. local MCP server comparison.

What you get

Production access.
Without production guesswork.

01 / CAPABILITY
RE

Remote HTTPS transport

Connect supported MCP clients without running a local proxy process beside every client.

02 / CAPABILITY
SE

Separate client identity

Authenticate the MCP client with an API key or OAuth 2.0 with PKCE instead of sharing a backend credential.

03 / CAPABILITY
SE

Server-side credentials

Keep PostgreSQL and supported upstream API credentials on the managed connection side.

04 / CAPABILITY
SO

Source-specific policy

Narrow PostgreSQL operations and tables or restrict OpenAPI links to approved operations and HTTP methods.

05 / CAPABILITY
IN

Independent revocation

Delete one MCP link without rotating the backend credential used by other approved links.

06 / CAPABILITY
PO

PostgreSQL activity review

Review query execution and permission denials, then export the visible activity as CSV or JSON.

Source to controlled MCP link

One. Two.
Three.

Connect the source once. DataMCP handles discovery, hosted transport, client authentication, and link policy.

Read the setup guide
  1. 01
    Connect the source

    Register PostgreSQL credentials or provide an OpenAPI 3.x specification and supported upstream authentication.

  2. 02
    Define the MCP link

    Choose client authentication and narrow the database operations, tables, API operations, or HTTP methods.

  3. 03
    Add the remote URL

    Configure the generated HTTPS MCP endpoint in Cursor, Claude, ChatGPT, VS Code, or another compatible client.

Build or use datamcp

MCP proxy vs. gateway control layer

See what stays on your engineering backlog when the MCP runtime and control layer are managed for you.

CAPABILITYDATAMCPTransport-only proxy
Primary responsibilityHosted MCP transport plus access controls

Forward or translate traffic

Client authenticationAPI key or OAuth 2.0 with PKCE

Implementation-dependent

Backend credentialsStored on the connection side

Often supplied by the client or proxy config

Permission modelDefined per MCP link and source type

Usually delegated to the upstream server

RevocationDelete one link

Depends on shared credentials and proxy configuration

Supported scopePostgreSQL and OpenAPI

May relay arbitrary MCP servers

Frequently asked questions

Questions before
you connect.

Clear answers about architecture, access, credentials, and supported clients.

01

What is an MCP proxy?

An MCP proxy sits between an MCP client and a backend or MCP server. Depending on the implementation, it can forward transport traffic, authenticate clients, inject upstream credentials, enforce policy, and centralize revocation. A proxy does not automatically provide all of those controls, so evaluate the exact implementation rather than the label alone.

02

What is the difference between an MCP proxy and an MCP gateway?

A proxy primarily forwards or translates traffic. A gateway usually owns a broader control layer that includes authentication, authorization, credential handling, policy, and operational management. The terms overlap in current MCP products, so compare responsibilities and supported source types instead of relying only on naming.

03

Is datamcp a generic proxy for existing MCP servers?

No. datamcp creates and hosts remote MCP access for PostgreSQL 12+ and REST APIs described by OpenAPI 3.x or supported Swagger documentation. It does not currently relay arbitrary third-party MCP servers.

04

Why use a hosted MCP proxy instead of a local server?

A hosted layer gives remote clients a stable HTTPS endpoint and avoids keeping a local process running. It can also keep backend credentials out of client configuration and make link revocation independent from rotating the backend credential.

05

How does datamcp authenticate MCP clients?

MCP clients can use a datamcp API key or OAuth 2.0 with PKCE. That client credential is separate from the PostgreSQL password or upstream API credential stored on the connection.

06

Can an MCP proxy make backend access safe by itself?

No. Proxy or gateway policy is one boundary. PostgreSQL roles, upstream API authorization, network controls, and least-privilege credentials remain independent boundaries and should still restrict the backend directly.

07

Does datamcp log proxied activity?

PostgreSQL query execution and permission denials are available in the datamcp activity log. OpenAPI endpoint calls do not currently appear there, so use upstream API, gateway, or infrastructure logs for those requests.

08

Can I self-host the datamcp proxy?

No. datamcp is a hosted service and does not currently offer a self-hosted or on-premise edition.

Start with one link

Create a controlled remote MCP path

Connect one PostgreSQL or OpenAPI source and publish one hosted MCP link for free. Keep the backend credential out of client configuration.