v1.2 Open Source — MIT License

Your organization runs MCP servers.
Do you control who uses them?

Hangar is the control plane between your AI agents and your MCP servers. One place to decide who can call what, see what's happening, and prove it to your auditors.

Open-source, self-hosted. No cloud account required to get started.

Install v1.2 GitHub

Why Hangar

Know who called what

Every tool call logged with caller identity, MCP server, and timestamp. No more guessing what your AI agents are doing.

Decide who can do what

Per-caller, per-server, per-tool access policies. Block write operations. Allow read-only access for specific teams.

Answer the auditors

Identity-aware audit trail with CEF export. SOC2 evidence, EU AI Act readiness, SIEM integration out of the box.

Built for production

Sub-millisecond proxy overhead. Load balancing, failover, and circuit breakers across your MCP server fleet.

Built for real problems

Access control per team

Team A gets read access to the knowledge base MCP. Team B is blocked. Enforced at the proxy level — no changes to your MCP servers required.

Usage you can explain

Your production database MCP was called 4,200 times last week. Here is who called it, from which system, and with what arguments.

Controlled write rollouts

Your CI pipeline wants write access to the repo MCP. Review the request, approve it, monitor the rollout. Roll back in one config change.

Enterprise features (coming soon)

Cloud

Hangar Cloud adds a managed dashboard, team RBAC, and compliance exports on top of the OSS agent.

Web Dashboard

Fleet overview, audit log viewer, policy management, top callers widget. Full web UI for your MCP infrastructure.

Identity Propagation

Track every caller from tool invocation to audit log. HTTP header and JWT extraction, contextvar binding, end-to-end identity chain.

Audit Trail

Identity-aware audit records with queryable REST API. Caller, severity, and time range filters. Cloud-managed retention and search.

Behavioral Profiling

Network behavioral baselines, deviation detection, tool schema drift monitoring. Enterprise-grade runtime analysis.

K8s Operator

McpServer and McpServerGroup CRDs. Validating admission webhook, leader election, health probes. Deploy with Helm.

K8s Enforcement

Kubernetes operator with validating webhooks, NetworkPolicy generation, capability verification, and violation signals.

Open-Source Agent

Open Source

Parallel Execution

Concurrent tool calls across MCP servers. Backpressure and fair scheduling keep your fleet stable under load.

Security & Access Control

SSRF protection, command allow-list, granular RBAC with per-resource permissions, constant-time auth, and exponential rate limiting.

Tool Access Filtering

Allowlist and denylist tools by glob pattern. Block delete_* across the board, or allow only read_* per MCP server.

Lifecycle Management

Lazy loading — MCP servers start on first call. Automatic shutdown after idle TTL. Health monitoring keeps them alive.

Circuit Breaker

One failing MCP server does not take down your whole fleet. Automatic isolation, exponential backoff, graceful degradation.

Observability

Correlation IDs across parallel calls. OpenTelemetry traces, Prometheus metrics. Debug batch execution, not black boxes.

Cost Attribution

Know what each tool call costs. Per-server, per-tool Prometheus metrics with token, duration, and composite pricing models.

Compliance Export

Ship audit logs to your SIEM. Built-in JSONL, LEEF (QRadar), and Syslog (RFC 5424) exporters. File, callback, or stderr output.

Multi-Server Orchestration

Local subprocess, Docker containers, remote HTTP — mix in single batch. Unified interface, heterogeneous backends.

Server Groups

Load balancing, failover, and health tracking across MCP server pools. Round-robin, weighted, and priority-based routing.

Digest Pinning

SHA-256 fingerprint of every tool schema. Detect drift, block mutations, pin approved versions. Preemptive SEP-1766 compliance.

Interceptor Framework

Hook-based event model with wildcard subscriptions. Discoverable via interceptors/list. SEP-1763 compliant interceptor sidecar.

Mutator Pipeline

Priority-ordered payload transformations on MCP traffic. Built-in response truncation. Audit-only shadow mode for safe rollouts.

Quick Start

From install to first parallel call in 2 minutes.

  1. 1

    Install the agent

    Install from PyPI with pip or uv. Works on macOS, Linux, and Windows.

    bash
    pip install mcp-hangar
  2. 2

    Configure MCP servers

    The wizard detects your runtimes, lets you pick MCP servers, and configures Claude Desktop automatically.

    yaml
    # ~/.config/mcp-hangar/config.yaml
mcp_servers:
  filesystem:
    mode: subprocess
    command: [npx, -y, "@anthropic/mcp-server-filesystem"]
    args: [/Users/you/Documents]
    idle_ttl_s: 300

  fetch:
    mode: subprocess
    command: [npx, -y, "@anthropic/mcp-server-fetch"]
    idle_ttl_s: 300

  memory:
    mode: subprocess
    command: [npx, -y, "@anthropic/mcp-server-memory"]
    idle_ttl_s: 300
  3. 3

    Start the server

    Launch the agent. MCP servers come online, cloud connection is established.

    bash
    $ mcp-hangar serve
Starting MCP Hangar v1.2...
  ● filesystem  ready  (245ms)
  ● fetch       ready  (189ms)
  ● memory      ready  (156ms)
→ 3 servers ready | 12 tools | parallel execution enabled
  4. 4

    You're ready

    Restart Claude Desktop. Your tools are available with parallel execution, health monitoring, and circuit breakers — all out of the box.

    [ok] 3 servers ready · 12 tools · parallel execution enabled

Benchmarks

Scenario Time Notes
Full proxy path (p50 / p99) 0.21ms / 0.24ms 20x under 5ms target
Policy engine (1,000 policies) 6.5µs 100%
Event buffer with WAL persist 158µs 100%
15 tools, 2 servers (parallel) 380ms 100%
Domain event mapping 5.3µs 100%

Measured via pytest-benchmark (Python) and Go benchmark suite. Full results in the v1.2 benchmark report .

Cloud dashboard

Cloud

A managed web interface for your MCP infrastructure. Fleet-wide visibility, compliance-grade audit log, and policy management — without running your own backend.

Monitor

  • Fleet overview with agent health and MCP server inventory
  • Top callers widget with call/error counts per user
  • Live metrics charts and MCP server state distribution

Audit

  • Identity-aware audit log with caller tracking
  • Filter by MCP server, event type, severity, caller
  • CEF compliance export for SOC2 and EU AI Act

Manage

  • Start, stop, and inspect MCP servers across clusters
  • Policy editor with real-time push to agents
  • RBAC and tool access policy configuration

Open Source vs Cloud

OSS Agent v1.2
Available now		 Cloud Free
coming 2026		 Pro
coming 2026		 Enterprise
coming 2026
MCP servers Unlimited Unlimited Unlimited Unlimited
Hangar instances Self-hosted 2 Unlimited Unlimited
Cloud dashboard
Policy editor
CEF compliance export
SSO / SAML
Uptime SLA

Security built into the proxy layer

Authentication

  • API keys with bcrypt hashing, prefix lookup, automatic expiration
  • JWT/OIDC integration with JWKS validation and SSO support
  • Identity propagation: track callers from HTTP header to audit log

Hardening

  • Agent TLS with custom CA and mTLS support
  • Tool access filtering with allow/deny lists and glob patterns
  • Capability declaration and runtime verification

Documentation

Everything you need to get started with the open-source agent.

Getting Started

Install the agent and make your first parallel call

Cookbook

13 recipes from zero to production

Reference

Configuration, CLI, REST API, MCP tools

Built on Open Source

The mcp-hangar agent is MIT-licensed and always will be. Run it locally, on your servers, or in Kubernetes — no cloud account required. The platform adds managed infrastructure, team collaboration, and enterprise compliance on top.

$ pip install mcp-hangar
Contributing Guide Good First Issues Star on GitHub