spring-boot
MCP server from girisenji/spring-boot-mcp-server
claude mcp add --transport stdio girisenji-spring-boot-mcp-server docker run -i girisenji/spring-boot-mcp-server:latest \ --env SPRING_PROFILES_ACTIVE="prod" \ --env MCP_SERVER_TOOL_APPROVAL_APPROVED_TOOLS_CONFIG="file:/path/to/approved-tools.yml"
How to use
This Spring Boot MCP Server automatically discovers REST and GraphQL endpoints in your application and exposes them as MCP tools. It uses OpenAPI specifications to generate tool schemas and supports GraphQL queries and mutations as separate tools. Tools are served over Server-Sent Events (SSE), enabling real-time, streaming interaction with AI agents. Security is enforced through a config-driven approval model, so only tools listed in a version-controlled YAML file are allowed to be used. The server also supports runtime reloading of approved tools without restarting the application.
To use it, run your Spring Boot application with the MCP server dependency included. The server will scan your REST controllers and GraphQL schema, build tool definitions, and publish them as MCP tools that clients can discover, approve, and invoke. You can manage tool approvals via the approved-tools.yml file, and you can customize tool filtering, rate limiting, timeouts, and logging through the mcp server configuration in your application properties or external config files.
How to install
Prerequisites:
- Java 21+ (JDK 21 or newer)
- Spring Boot 3.2+ application
- Maven or Gradle build tool
Installation steps:
-
Add the MCP server dependency to your project:
-
Maven: <dependency> <groupId>com.girisenji.ai</groupId> <artifactId>spring-boot-mcp-server</artifactId> <version>1.0.0</version> </dependency>
-
Gradle: implementation 'io.github.girisenji.ai:spring-boot-mcp-server:1.0.0'
-
-
Enable and configure the MCP server in your application properties (yaml or properties). Example (application.yml): mcp: server: enabled: true endpoint: /mcp eager-init: true discovery: openapi-enabled: true rest-enabled: true graphql-enabled: true tools: include-patterns: "/" exclude-patterns: - "/actuator/" - "/error" - "/swagger-ui/" - "/v3/api-docs/" approval-mode: config-based approval-config-file: classpath:approved-tools.yml rate-limiting: enabled: true default-requests-per-hour: 100 execution: default-timeout: PT30S default-connect-timeout: PT5S max-request-body-size: 10MB max-response-body-size: 10MB audit: enabled: true format: PLAIN
-
Create the approved tools YAML file (src/main/resources/approved-tools.yml or externalized) to specify allowed tools, and customize per-tool settings as needed. Example: approvedTools:
- greet
- tool_name_1
-
Run your Spring Boot application as usual (via IDE, mvn spring-boot:run, or java -jar).
-
Access MCP endpoints and resources as configured. Optional: enable metrics and Actuator for observability.
Additional notes
Tips and common notes:
- Tools are denied by default; always declare approved tools in a YAML file and reference it via approved-tools-config.
- Use external config files in production (e.g., file:/etc/mcp/approved-tools.yml) to keep secrets and configuration outside the JAR.
- You can reload tool approvals at runtime without restarting the application.
- Enable metrics with Spring Boot Actuator and Micrometer for Prometheus/Grafana observability. Expose metrics endpoints as part of your actuator configuration.
- Customize per-tool limits (rate limits, timeouts, and body size) via approved-tools.yml to control behavior per tool.
- The server exposes APIs for discovery and management of tools, as well as an SSE stream for tool interactions. Ensure your environment allows SSE connections and that firewalls permit the required endpoints.
