openapi-mcpify
Advanced tools
Turn any OpenAPI spec into a live MCP server — with built-in confirmation prompts for mutating operations.
Turn any OpenAPI spec into a live MCP server — with built-in confirmation prompts for mutating operations.
openapi-mcpify reads an OpenAPI 3.x spec, generates one MCP tool per route, and exposes them over stdio. When an AI agent tries to call a POST, PUT, or DELETE route, it triggers a MCP elicitation dialog asking the user to confirm before the HTTP request is actually sent.
OpenAPI spec → MCP tools → AI agent calls → (confirm if mutating) → HTTP request
bunx openapi-mcpify --spec ./openapi.json --url https://api.example.com
| Parameter | Required | Description |
|---|---|---|
--spec | yes | Path or URL to the OpenAPI 3.x spec (JSON or YAML) |
--url | yes | Base URL of the target API |
--default-args | no | JSON string injected into every tool call (useful for auth headers) |
--disable-methods | no | Comma-separated HTTP methods to exclude (e.g. post,delete) |
# Basic usage
dist/index.js --spec ./petstore.json --url https://petstore.example.com
# With an auth header injected by default
dist/index.js \
--spec ./petstore.json \
--url https://petstore.example.com \
--default-args '{"headers": {"Authorization": "Bearer mytoken"}}'
# Read-only mode: disable all mutating methods
dist/index.js \
--spec ./petstore.json \
--url https://petstore.example.com \
--disable-methods post,put,delete,patch
Add this to your MCP client configuration (e.g. claude_desktop_config.json):
{
"mcpServers": {
"petstore": {
"command": "dist/index.js",
"args": [
"--spec", "/path/to/openapi.json",
"--url", "https://api.example.com",
"--default-args", "{\"headers\":{\"Authorization\":\"Bearer mytoken\"}}"
]
}
}
}
bun install
bun run build
The compiled output lands in dist/.
src/
index.ts — entry point, wires CLI args → OpenAPI → MCP server
cli.ts — argument parser
swager.ts — OpenAPI spec loader & route extractor
tool.ts — OpenAPI route → MCP tool + HTTP call + elicitation logic
Each route in the spec becomes one MCP tool named {METHOD}_{path} (e.g. GET_pets__id_). Its input schema is built from:
application/json) → body fieldheaders → always optional, merged with --default-args headersFor POST, PUT, and DELETE routes, the server calls server.elicitInput() before executing the HTTP request. The client (e.g. Claude Desktop) displays a confirmation form showing the method, path, and parameters. The request is only sent if the user confirms.
MIT
FAQs
Turn any OpenAPI spec into a live MCP server — with built-in confirmation prompts for mutating operations.
We found that openapi-mcpify demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
Malicious packages published to npm, PyPI, Go Modules, crates.io, and Packagist impersonate developer tooling to fetch staged malware, steal credentials and wallets, and enable remote access.
Security News
Microsoft has released an open source toolkit for enforcing runtime security policies on AI agents as adoption accelerates faster than governance controls.
Security News
Multiple high-impact npm maintainers confirm they have been targeted in the same social engineering campaign that compromised Axios.