Home / MCP Traffic Gateway
Edit
Report

Secure GitHub MCP Server traffic with Kong Gateway and AI Gateway

Uses: Kong Gateway AI Gateway deck
Incompatible with
konnect
Related Documentation
Gateway Documentation decK Documentation
In This Series
  1. Secure GitHub MCP Server traffic with Kong Gateway and AI Gateway
  2. Use Kong AI Gateway to govern GitHub MCP traffic
  3. Observe GitHub MCP traffic with Kong AI Gateway
Tags
#ai #openai #mcp
Related Resources
AI Gateway
Key Auth plugin
Minimum Version
Kong Gateway - 3.11
TL;DR

Enable the Key Authentication plugin on your MCP service and require API keys from Consumers. Kong AI Gateway then enforces these keys on all incoming MCP requests, ensuring secure, authorized access.

For further authentication of your MCP traffic you can also use The OpenID Connect (OIDC) plugin lets you integrate Kong Gateway with an identity provider (IdP), or you can extend plugins to support fine-grained Authorization models via JWT claims or declarative Access Control Lists (ACLs)

Prerequisites

Kong Gateway running

This tutorial requires Kong Gateway Enterprise. If you don’t have Kong Gateway set up yet, you can use the quickstart script with an enterprise license to get an instance of Kong Gateway running almost instantly.

  1. Export your license to an environment variable:

     export KONG_LICENSE_DATA='LICENSE-CONTENTS-GO-HERE'

  2. Run the quickstart script:

    curl -Ls https://get.konghq.com/quickstart | bash -s -- -e KONG_LICENSE_DATA

    Once Kong Gateway is ready, you will see the following message:

     Kong Gateway Ready

decK   v1.43+

decK is a CLI tool for managing Kong Gateway declaratively with state files. To complete this tutorial, install decK version 1.43 or later.

This guide uses deck gateway apply, which directly applies entity configuration to your Gateway instance. We recommend upgrading your decK installation to take advantage of this tool.

You can check your current decK version with deck version.

Required entities

For this tutorial, you’ll need Kong Gateway entities, like Gateway Services and Routes, pre-configured. These entities are essential for Kong Gateway to function but installing them isn’t the focus of this guide. Follow these steps to pre-configure them:

  1. Run the following command:

    echo '
_format_version: "3.0"
services:
  - name: example-clean-service
    url: http://httpbin.konghq.com/
routes:
  - name: example-route
    paths:
    - "/anything"
    service:
      name: example-clean-service
' | deck gateway apply -

To learn more about entities, you can read our entities documentation.

OpenAI

This tutorial uses OpenAI:

  1. Create an OpenAI account.
  2. Get an API key.

  3. Create a decK variable with the API key:

    export DECK_OPENAI_API_KEY='YOUR OPENAI API KEY'

GitHub

To complete this tutorial, you’ll need access to GitHub, a GitHub repository, and a Github Access Token.

Once you’ve created your Github Personal Access Token, export it as an environment variable by running the following command:

export GITHUB_PAT='YOUR_GITHUB_TOKEN'

Configure the AI Proxy Advanced plugin

To enable model-driven access to remote tools, we’ll route MCP traffic through OpenAI using the AI Proxy Advanced plugin. In this tutorial, we’ll use the OpenAI /responses API endpoint via the llm/v1/responses route type in the AI Proxy Advanced plugin to communicate with a GitHub-hosted remote MCP server. This approach simplifies integration: instead of routing each tool invocation through your backend, Kong AI Gateway forwards model-generated requests directly to the MCP server. That server exposes standardized tools, giving you conversational control over your GitHub repositories—secured and governed by Kong’s built-in capabilities. No custom glue code is required to enable this integration.

echo '
_format_version: "3.0"
plugins:
  - name: ai-proxy-advanced
    config:
      targets:
      - route_type: llm/v1/responses
        auth:
          header_name: Authorization
          header_value: Bearer ${{ env "DECK_OPENAI_API_KEY" }}
        model:
          provider: openai
          name: gpt-4o
          options:
            max_tokens: 512
            temperature: 1.0
' | deck gateway apply -

Enable the Key Authentication plugin on the Service

Enable Key Auth for the Service.

echo '
_format_version: "3.0"
plugins:
  - name: key-auth
    service: example-clean-service
    config:
      key_names:
      - apikey
' | deck gateway apply -

Create a Consumer

Consumers let you identify the client that’s interacting with Kong Gateway. The Consumer needs an API key to access any Services.

echo '
_format_version: "3.0"
consumers:
  - username: alex
    keyauth_credentials:
    - key: hello_world
' | deck gateway apply -

Validate

After configuring the Key Authentication plugin, you can verify that it was configured correctly and is working, by sending requests with and without the API key you created for your Consumer.

The following request is valid, as it includes the apikey required by the Consumer:

curl -X POST "http://localhost:8000/anything" \
     --no-progress-meter --fail-with-body  \
     -H "Content-Type: application/json"\
     -H "apikey: hello_world"\
     -H "Authorization: Bearer $OPENAI_API_KEY" \
     --json '{
       "tools": [
         {
           "type": "mcp",
           "server_label": "gitmcp",
           "server_url": "https://api.githubcopilot.com/mcp/",
           "require_approval": "never",
           "headers": {
             "Authorization": "Bearer '$GITHUB_PAT'"
           }
         }
       ],
       "input": "How do I use GitHub MCP?"
     }'

You should see the following response:

OK

On the following request, include an invalid value for apikey:

curl -X POST "http://localhost:8000/anything" \
     --no-progress-meter --fail-with-body  \
     -H "Content-Type: application/json"\
     -H "apikey: another_key"\
     -H "Authorization: Bearer $OPENAI_API_KEY" \
     --json '{
       "tools": [
         {
           "type": "mcp",
           "server_label": "gitmcp",
           "server_url": "https://api.githubcopilot.com/mcp/",
           "require_approval": "never",
           "headers": {
             "Authorization": "Bearer '$GITHUB_PAT'"
           }
         }
       ],
       "input": "How do I use GitHub MCP?"
     }'

You should see the following response:

Unauthorized

Now, remove the required apikey from the request entirely:

curl -X POST "http://localhost:8000/anything" \
     --no-progress-meter --fail-with-body  \
     -H "Content-Type: application/json"\
     -H "Authorization: Bearer $OPENAI_API_KEY" \
     --json '{
       "tools": [
         {
           "type": "mcp",
           "server_label": "gitmcp",
           "server_url": "https://api.githubcopilot.com/mcp/",
           "require_approval": "never",
           "headers": {
             "Authorization": "Bearer '$GITHUB_PAT'"
           }
         }
       ],
       "input": "How do I use GitHub MCP?"
     }'

You should see the following response:

Unauthorized: No API key found in request
Next → 2. Use Kong AI Gateway to govern GitHub MCP traffic
Something wrong?
Report an Issue | Edit this Page

Help us make these docs great!

Kong Developer docs are open source. If you find these useful and want to make them better, contribute today!
Contribute

Still need help

Ask in our Forum
Contact Support