Omni Rest-to-MCP is an enterprise-grade developer gateway proxy and real-time observability console. It bridges arbitrary JSON/YAML OpenAPI microservices dynamically into standardized Model Context Protocol (MCP) tools for AI orchestrators (e.g., Cursor, Claude Desktop, Langchain) while optimizing LLM token consumption, safeguarding API secrets, and providing deep OpenTelemetry tracking.
graph TD
A[AI Client: Cursor / Claude] -- 1. JSON-RPC over SSE --> B[Omni MCP Gateway]
B -- 2. Token Decrypt & Header Injection --> C[Downstream Rest APIs]
C -- 3. Raw REST JSON Response --> D[Token-Saver Optimizer]
D -- 4. Pruned & Capped Output --> B
B -- 5. Standard JSON-RPC Response --> A
B -- Observability Telemetry --> E[(MongoDB Trace Storage)]
E --> F[Glassmorphic Trace Dashboard]
- ⚡ Dynamic OpenAPI Translation: Connect any OpenAPI-compliant JSON/YAML URL or specification. The gateway compiles paths, schemas, and descriptors on-the-fly into standardized MCP tool definitions (
tools/list). - 📉 Token-Saver Compression Engine: Automatically slices massive REST arrays, prunes nested elements beyond maximum depth thresholds, and strips metadata (such as
_linksorhref), reducing prompt sizes by 70% to 90% for massive cost savings. - 🗜️ TOON Custom Serialization: Compresses nested JSON responses into Tabular Object-Oriented Notation (TOON). Formats arrays of objects (uniform or non-uniform) into ultra-compact tabular rows using key unions and the
Nshortcut for missing values. Features a byte-size guard that falls back to JSON if TOON is larger, avoiding token wastage. - 🔭 Traceparent Context Propagation: Fully implements W3C Trace Context propagation. Every proxied execution carries standard
traceparentheaders downstream, enabling complete distributed OpenTelemetry tracking. - 🧠 Advanced AI Telemetry Extraction: Captures the orchestrating client program identifier (Cursor/Claude Desktop), active AI model (e.g.,
claude-3-5-sonnet), and the exact prompt intent, logging them in database execution traces. - 🛡️ Secure Symmetric Secrets Vault: Employs AES-256-GCM symmetric encryption for custom headers and authorization keys. Secrets are decrypted solely in-memory at execution, and database trace logs redact sensitive credentials as
[REDACTED]. - 🔒 Multi-Tenant Auth Architecture: Built with secure, cryptographically signed HTTP-Only Cookie-based sessions, timing-safe password validations, and numeric 6-digit OTP verification flows.
- 📊 Premium Glassmorphic Dashboard: A stunning real-time console with interactive timeline explorer widgets mapping handshake splits, remote API latencies, and payload size reductions.
- Node.js (v20+ recommended)
- MongoDB (local instance or Atlas connection)
Create a .env file inside /backend folder:
PORT=3001
MONGODB_URI=mongodb://localhost:27017/rest-to-mcp
SESSION_SECRET=your_cookie_signed_secret_32_chars_min
VAULT_KEY=your_aes_256_symmetric_key_64_hex_chars# Install and run backend
cd backend
npm install
npm run dev
# Install and run frontend
cd ../frontend
npm install
npm run devOpen http://localhost:3000 in your browser.
- Sign up/Log in using the secure OTP flow.
- Under Connect New API, drop an OpenAPI Spec JSON/YAML URL or raw specification.
- Your gateway SSE endpoint will live at:
http://localhost:3001/api/mcp/sse?apiKey=YOUR_SECURE_VAULT_KEY - Connect this SSE link directly into Cursor or Claude Desktop to start using your custom APIs!
For a thorough deep-dive into our backend architectures, security vault encryptions, Token-Saver parameters, and OpenTelemetry heuristics, review our Features Guide.
Execute the full mock-based integration and regression suite in /backend:
cd backend
npm testAll route checks, adversarial payload sanitizers, and token cryptographies compile under strict TypeScript type checks.
This project is licensed under the MIT License - see the LICENSE file for details.