MCP Gateway
Execute MCP tool calls via the JSON-RPC 2.0 gateway endpoint.
Overview
The MCP Gateway provides a JSON-RPC 2.0 interface for executing tool calls on registered MCP servers. The gateway handles authentication, access control enforcement, request routing, and response normalization.
Gateway endpoint
POST https://mcp-gateway.mythic-analytics.com/rpc
Authentication
Include your MCP API key in the Authorization header.
Authorization: Bearer YOUR_MCP_API_KEY
JSON-RPC 2.0 format
All requests and responses follow the JSON-RPC 2.0 specification.
Request format
{
"jsonrpc": "2.0",
"id": "req-001",
"method": "tools/call",
"params": {
"name": "query_analytics",
"arguments": {
"client_id": "acme-retail",
"metric": "page_views",
"period": "30d"
}
}
}
Must be "2.0".
Unique request identifier. Returned in the response for correlation.
The MCP method to invoke. Use tools/call for tool execution.
Method-specific parameters. For tools/call, include name and arguments.
Success response
{
"jsonrpc": "2.0",
"id": "req-001",
"result": {
"content": [
{
"type": "text",
"text": "{"page_views": 42600, "period": "30d"}"
}
]
}
}
Error response
{
"jsonrpc": "2.0",
"id": "req-001",
"error": {
"code": -32600,
"message": "Invalid request",
"data": "Missing required field: method"
}
}
Standard JSON-RPC error codes
| Code | Meaning |
|---|---|
-32700 | Parse error — invalid JSON |
-32600 | Invalid request — missing required fields |
-32601 | Method not found |
-32602 | Invalid params |
-32603 | Internal error |
MCP-specific error codes
| Code | Meaning |
|---|---|
-32001 | Authentication failed — invalid or expired API key |
-32002 | Access denied — client not allowed to use this tool |
-32003 | Tool execution failed — upstream server error |
-32004 | Server unavailable — MCP server is not reachable |
Available methods
tools/call
Execute a tool on a registered MCP server.
{
"jsonrpc": "2.0",
"id": "req-002",
"method": "tools/call",
"params": {
"name": "generate_report",
"arguments": {
"client_id": "acme-retail",
"report_type": "monthly_summary"
}
}
}
tools/list
List all available tools the API key has access to.
{
"jsonrpc": "2.0",
"id": "req-003",
"method": "tools/list",
"params": {}
}
ping
Health check endpoint.
{
"jsonrpc": "2.0",
"id": "req-004",
"method": "ping",
"params": {}
}
Batch requests
The gateway supports JSON-RPC batch requests. Send an array of request objects to execute multiple tool calls in a single HTTP request.
[
{
"jsonrpc": "2.0",
"id": "req-005",
"method": "tools/call",
"params": {
"name": "query_analytics",
"arguments": { "client_id": "acme-retail", "metric": "page_views" }
}
},
{
"jsonrpc": "2.0",
"id": "req-006",
"method": "tools/call",
"params": {
"name": "query_analytics",
"arguments": { "client_id": "acme-retail", "metric": "unique_visitors" }
}
}
]
Batch requests are executed concurrently. The response array maintains the same order as the request array.
Rate limiting
The gateway enforces rate limits per API key. Current limits:
| Tier | Requests per minute | Concurrent connections |
|---|---|---|
| Standard | 60 | 10 |
| Enterprise | 600 | 100 |
When rate limited, the gateway returns a -32603 error with a Retry-After header.
Rate limits are applied per API key, not per client. Create separate API keys for different services to isolate rate limits.
Last updated today