home / mcp / portero mcp server
Unified MCP gateway with data anonymization, 2FA approvals, and policy-based control over multiple MCP sources.
Configuration
View docs{
"mcpServers": {
"andycufari-portero": {
"url": "https://your-server:8443/mcp/message",
"headers": {
"REAL_NAME": "Your Name",
"REAL_EMAIL": "[email protected]",
"BEARER_TOKEN": "<BEARER_TOKEN>",
"GITHUB_TOKEN": "<GITHUB_TOKEN>",
"TELEGRAM_BOT_TOKEN": "<TELEGRAM_BOT_TOKEN>",
"TELEGRAM_ADMIN_CHAT_ID": "<TELEGRAM_ADMIN_CHAT_ID>"
}
}
}
}Portero is a self-hosted MCP gateway that sits between Claude Code and multiple MCP servers, unifying access, protecting privacy with data anonymization, and enabling controlled, auditable operations through 2FA approvals and policy-based permissions over a secure HTTPS endpoint.
You connect your MCP client to Porteroβs public HTTPS endpoint to access multiple MCP servers as a single source. Portero anonymizes data as it travels to and from your MCPs, enforces permission policies for tool usage, and requires Telegram-based approvals for sensitive actions unless temporary grants bypass approval. When a tool requires approval, you receive a Telegram notification to approve or deny, and the gateway only forwards the response to Claude Code after your decision.
Prerequisites you need before starting are Node.js 20+ (LTS recommended) and a configured Telegram bot.
Follow these steps to set up Portero and connect your MCPs.
git clone <your-repo-url>
cd portero
npm installSet up the environment variables and MCP definitions shown in the following examples. These are essential for secure operation and for connecting to multiple MCP servers.
cp .env.example .env
# Edit .env with your settingsPoint Claude Code to Porteroβs HTTP endpoint for MCP messages. Use the endpoint URL and include your bearer token in the request headers.
Define the MCPs Portero will manage. The following example shows two local MCP entries using npm-run commands to start server packages.
{
"mcps": [
{
"name": "filesystem",
"command": "npx",
"args": ["-y", "@modelcontextprotocol/server-filesystem", "/workspace"],
"env": {}
},
{
"name": "github",
"command": "npx",
"args": ["-y", "@modelcontextprotocol/server-github"],
"env": {
"GITHUB_TOKEN": "${GITHUB_TOKEN}"
}
}
]
}Set up fakeβreal data mappings to protect sensitive information and define who can perform which actions. You can configure bidirectional replacements and control case sensitivity. You also establish per-tool policies to allow, deny, or require approval for operations.
{
"replacements": [
{
"fake": "John Doe",
"real": "${REAL_NAME}",
"bidirectional": true
},
{
"fake": "[email protected]",
"real": "${REAL_EMAIL}",
"bidirectional": true,
"caseSensitive": false
}
]
}Use a strong bearer token, enable SSL in production, restrict access to the gateway port, and ensure only your admin Telegram chat can issue approvals.
BEARER_TOKEN=$(openssl rand -hex 32)
# Use TLS in production; consider Let's Encrypt or a reverse proxyStart Portero in development mode for hot reloading, or build for production and run the built artifact.
# Development mode (hot reload)
npm run dev
# Production mode
npm run build
npm startIf the gateway wonβt start, verify the Node.js version, ensure the .env file exists with required variables, and inspect logs. If MCP connections fail, confirm MCP commands and environment variables are correct. If the Telegram bot does not respond, check the bot token, admin chat ID, and that the bot is started.
Test the health endpoint and connectivity from Claude Code with a simple curl request.
curl -X POST https://localhost:8443/healthReplace real user data with fake values in requests and responses to protect privacy.
Evaluate tool usage against configured policies to determine allow, deny, or require-approval results.
Coordinate two-factor approvals via Telegram to authorize sensitive actions.
Record grants, approvals, and actions for auditing and compliance.
Aggregate several MCP sources into a single unified endpoint.
Serve MCP endpoints over HTTPS for access from anywhere.