Hi HN,
While the Model Context Protocol (MCP) is useful for various applications, deploying MCP servers in enterprise environments brings specific challenges around governance: authenticating users, enforcing permissions (RBAC), managing secrets for handlers, and generating audit trails for compliance. Building this infrastructure consistently across services is time-consuming.
To address this, I built @ithena-one/mcp-governance. It's an open-source TypeScript SDK designed for production/enterprise MCP deployments.
It wraps the standard MCP server and adds a governance pipeline. You can plug in modules for Identity Resolution, RBAC, Credential Injection, and Audit Logging using defined interfaces, allowing integration with existing enterprise systems (like IdPs, secret managers, SIEMs). Basic defaults are also included for faster setup (for dev use only).
This is aimed at teams needing robust governance for their MCP applications. Looking forward to feedback and questions.
Comments URL: https://news.ycombinator.com/item?id=43559321
Points: 1
# Comments: 0