🔌

MCP Plexus

Enterprise400

Multi-tenant Python framework for enterprise MCP server deployment with OAuth 2.1.

All MCP-compatible clientsEnterprise SSO

Overview

Multi-tenant Python framework for enterprise MCP server deployment with OAuth 2.1.

Setup

Run with npx:

pip install mcp-plexus

Configuration

PostgreSQL, Redis, OAuth 2.1 provider

Documentation

MCP Plexus

Overview

MCP Plexus is a multi-tenant Python framework for building and deploying MCP (Model Context Protocol) servers. It provides enterprise-grade features including OAuth 2.1 authentication, user management, rate limiting, and centralized server orchestration. MCP Plexus is designed for organizations that need to deploy MCP servers at scale with proper security and governance.

MCP Plexus addresses the challenges of running MCP servers in production environments — multi-tenant isolation, access control, auditing, and centralized management. It provides a complete platform for deploying, managing, and monitoring MCP servers across an organization.

Features

  • Multi-Tenant Architecture: Isolated server instances per tenant
  • OAuth 2.1 Authentication: Secure authentication with OAuth 2.1
  • User Management: Built-in user and role management
  • Rate Limiting: Configurable rate limits per tenant and user
  • Centralized Orchestration: Manage all servers from one control plane
  • Audit Logging: Comprehensive audit trails for compliance
  • Resource Isolation: CPU, memory, and network isolation per tenant
  • High Availability: Built-in clustering and failover
  • Python Native: Built with Python, integrates with Python ecosystem

Installation

Using pip

pip install mcp-plexus

Using Docker

docker pull mcpplexus/plexus:latest

Quick Start with Docker Compose

# docker-compose.yml
version: "3.8"
services:
  plexus:
    image: mcpplexus/plexus:latest
    ports:
      - "8000:8000"
    environment:
      - PLEXUS_SECRET_KEY=your-secret-key
      - PLEXUS_DATABASE_URL=postgresql://user:pass@db:5432/plexus
    volumes:
      - ./servers:/app/servers

Quick Start

Define a Server

# servers/github_server.py
from mcp_plexus import MCPServer, tool, resource
from pydantic import BaseModel

class GitHubServer(MCPServer):
    name = "github"
    version = "1.0.0"

    @tool
    async def list_repos(self, visibility: str = "all") -> list[dict]:
        """List repositories for the authenticated user."""
        # Your implementation
        return [{"name": "repo1", "url": "https://github.com/user/repo1"}]

    @resource
    async def get_readme(self, repo: str) -> str:
        """Get the README for a repository."""
        # Your implementation
        return "# README\n\nThis is a sample README."

Register with Plexus

# plexus_config.py
from mcp_plexus import Plexus, register_server
from servers.github_server import GitHubServer

plexus = Plexus()

register_server(plexus, GitHubServer, tenant="default")

Run the Server

python -m mcp_plexus run --config plexus_config.py

Core Concepts

Tenants

Tenants provide isolation between different organizations or projects:

# Create a tenant
tenant = await plexus.create_tenant(
    name="acme-corp",
    display_name="Acme Corporation",
    config={
        "rate_limit_requests": 1000,
        "rate_limit_window": "1h",
        "allowed_models": ["claude-3-5-sonnet"]
    }
)

Users and Roles

# Create a user
user = await plexus.create_user(
    email="alice@acme.com",
    tenant="acme-corp"
)

# Assign a role
await plexus.assign_role(user.id, "admin")

Rate Limiting

# Configure rate limits per tenant
await plexus.update_tenant("acme-corp", {
    "rate_limit_requests": 5000,
    "rate_limit_window": "1h",
    "burst_limit": 100
})

Advanced Features

OAuth 2.1 Integration

from mcp_plexus import OAuthProvider

oauth = OAuthProvider(
    issuer="https://plexus.example.com",
    client_id="your-client-id",
    client_secret="your-client-secret"
)

# Protect a server
@plexus.server("github", oauth_required=True)
class GitHubServer(MCPServer):
    ...

Custom Middleware

from mcp_plexus import Middleware

class AuditMiddleware(Middleware):
    async def on_request(self, request):
        # Log all requests
        await audit_log.create(
            tenant=request.tenant,
            user=request.user,
            action=request.tool_name,
            timestamp=datetime.utcnow()
        )
        return request

    async def on_response(self, response):
        # Add response metadata
        response.metadata["audit_id"] = response.audit_id
        return response

plexus.use(AuditMiddleware())

Server Clustering

# Configure high availability
plexus.config.cluster = {
    "enabled": True,
    "nodes": ["plexus-1:8000", "plexus-2:8000", "plexus-3:8000"],
    "load_balancer": "round-robin",
    "health_check_interval": 30
}

Audit Logging

# Query audit logs
logs = await plexus.audit_logs.list(
    tenant="acme-corp",
    user_id="user-123",
    action="github.list_repos",
    start_time="2024-01-01",
    end_time="2024-01-31"
)

Examples

Multi-Tenant GitHub Server

from mcp_plexus import MCPServer, tool
from pydantic import BaseModel

class TenantGitHubServer(MCPServer):
    name = "github"
    version = "1.0.0"

    @tool
    async def list_repos(self, visibility: str = "all") -> list[dict]:
        """List repositories scoped to tenant."""
        tenant = self.context.tenant
        # Use tenant-specific GitHub app installation
        github = await self.get_github_client(tenant)
        repos = await github.repos.list_for_authenticated_user(visibility=visibility)
        return repos.data

Enterprise Deployment

# enterprise_config.py
from mcp_plexus import Plexus, register_server

plexus = Plexus(
    database_url="postgresql://...",
    redis_url="redis://...",
    secret_key="your-secret-key"
)

# Register servers with tenant isolation
register_server(plexus, GitHubServer, tenant="engineering")
register_server(plexus, PostgreSQLServer, tenant="data-team")
register_server(plexus, NotionServer, tenant="marketing")

# Configure rate limits
for tenant in ["engineering", "data-team", "marketing"]:
    plexus.set_rate_limit(tenant, requests=10000, window="1h")

# Enable audit logging
plexus.enable_audit_logging()

# Run with clustering
plexus.run(cluster=True)

Pros

  • ✅ Enterprise-grade multi-tenant architecture
  • ✅ OAuth 2.1 authentication built-in
  • ✅ Comprehensive user and role management
  • ✅ Built-in rate limiting and quotas
  • ✅ Audit logging for compliance
  • ✅ High availability with clustering
  • ✅ Python-native with rich ecosystem
  • ✅ Centralized management and monitoring

Cons

  • ❌ Python-only (no TypeScript version)
  • ❌ More complex setup than simple MCP servers
  • ❌ Requires additional infrastructure (PostgreSQL, Redis)
  • ❌ Steeper learning curve
  • ❌ Overkill for single-tenant use cases

When to Use

  • Enterprise MCP deployments — Multi-tenant requirements
  • Regulated industries — Audit logging and compliance
  • Large organizations — Centralized management
  • Production at scale — High availability and performance
  • Security-conscious environments — OAuth 2.1 and isolation

Resources