Skip to main content

MCP Hub API Documentation

Welcome to the MCP Hub API documentation. This guide describes how to scan MCP (Model Context Protocol) servers for security vulnerabilities — both source-based scans (a GitHub repo or npm package) and hosted scans (a live, running MCP server).

Purpose

MCP Hub is the Enkrypt vulnerability scanner for MCP servers. Two scan flows are supported:
  • Source scans clone a GitHub repository or fetch an npm package, discover the MCP server’s tools/resources/prompts statically, and analyze the metadata for known vulnerability classes (prompt injection, data exfiltration, shadow tools, and more).
  • Hosted scans connect to a running MCP server over its live transport (SSE, HTTP, etc.), perform the same discovery against the server’s actual tool surface, and run the same analysis. Hosted scans accept a full authentication config (API key, bearer token, OAuth 2.0, custom headers, or mTLS) so the scanner can authenticate against the target server.
Every scan produces a job_id. Scans run asynchronously in the background — poll the status endpoint until the job is completed, then fetch the full results.

Offered APIs

Our API suite includes the following endpoints:
  • scan: Start a new source-based scan from a GitHub URL or npm package. Returns a job_id.
  • hosted-scan: Start a new hosted-server scan against a live MCP endpoint with optional authentication.
  • hosted-scan-from-config: Submit a Claude/Cursor-style mcpServers config JSON; one hosted scan job is created per server entry.
  • get-status: Poll a scan job’s status, including per-tool progress and overall severity once analysis is in flight.
  • get-results: Fetch the complete scan output (vulnerabilities, tools scanned, scan metadata) once the job is completed.
  • list-scans: List scan jobs across both scan types with filters for visibility, status, repo name, and opaque cursor pagination (see Pagination below).
  • dashboard-stats: Fetch aggregate scan statistics across the hub — totals (servers/tools scanned, vulnerabilities), the severity breakdown, and the most common vulnerability types.
  • usage: Self-service usage insights for your organization — call totals, per-endpoint and per-project breakdowns, the top endpoints, an HTTP status-class split, and a daily time-series over a chosen window. Returns aggregate counts only (no raw data), and is restricted to the organization owner or an admin.
The scan retrieval endpoints — get-status, get-results, list-scans, dashboard-stats, and usage (all the GET endpoints) — are an enterprise data-license feature. Your organization must have MCP Hub API access enabled by Enkrypt, otherwise these endpoints return 403 Forbidden. The usage endpoint additionally requires the caller to be the organization owner or an admin, and is rate-limited. Submitting scans (the POST endpoints) is open to all authenticated callers. Contact support@enkryptai.com to enable access.

Rate limits

The gated MCP Hub GET endpoints are rate-limited per API key. The usage endpoint has its own dedicated limit, separate from your account’s general API limits:
EndpointLimit (per API key)
usage2 / second, 20 / minute, 120 / hour, 500 / day
get-status, get-results, list-scans, dashboard-statsYour account’s standard API rate limits
These usage-endpoint limits apply on every plan, including enterprise. When a limit is exceeded the API returns 429 Too Many Requests with RateLimit-* and Retry-After response headers indicating when to retry. Because results are also cached for a few minutes, polling for dashboards stays comfortably within these limits.

Pagination

GET /mcp-hub/scans uses opaque cursor pagination. Each response includes a next_cursor string; pass it back verbatim as the cursor query parameter on the next request to fetch the next page:
GET /mcp-hub/scans?limit=20                       # first page
GET /mcp-hub/scans?limit=20&cursor=<next_cursor>  # subsequent pages
When next_cursor is null you have reached the end of the result set. The cursor is a base64url string — treat it as opaque and round-trip verbatim. By default total is omitted to keep page fetches constant-time regardless of depth — pass ?include_total=true if your UI needs an “X of N” counter.

Public vs. Private Scans

Both scan-creation endpoints accept is_private:
  • Public scans (is_private: false, the default) are visible across the platform and contribute to community/leaderboard data.
  • Private scans (is_private: true) are scoped to your account. Status and results endpoints will return 403 Forbidden if the calling key does not own the private job.

Required Headers

  • apikey (or api_key): API key for authentication. Required on every call.
User identity (org, user, project) is inferred from the API key — you do not need to pass these as request fields.

Obtaining an API Key

To get started with the MCP Hub API, you need to obtain an API key. Follow these steps:
  1. Login: Access your account at app.enkryptai.com.
  2. Get API Key: Navigate to the API section to get your unique API key.
  3. Authentication: Use this API key in the apikey header of your API calls.
Let’s ensure safer AI together!