PlugMCP / Guides / OpenAPI to MCP

OpenAPI to MCP: Turn Any REST API into Agent-Ready Tools

Updated July 2026 · one upload, no code · works with Claude, ChatGPT, Cursor, Copilot & any MCP client

Your company already documented its APIs — every OpenAPI/Swagger spec is a complete, machine-readable description of what an AI agent could do. The missing piece is the translation to Model Context Protocol, plus the governance you'd want before an agent starts calling production endpoints.

The short answer: import the OpenAPI 3.x document (JSON or YAML, file or URL) into the open-source PlugMCP gateway. Every operation becomes an MCP tool with a parameter schema, injected auth and a read/write classification. No code generation, no SDK, no server to write.

Why not just generate an MCP server from the spec?

Code generators exist, but they produce one more service to build, deploy and patch — per API. A gateway approach differs in three ways:

Step 1 — Import the spec

# run the gateway (single binary or Docker)
docker run -d -p 8080:8080 -v plugmcp:/data ghcr.io/plugmcp/plugmcp

Admin UI → Connectors → Add → OpenAPI → upload the file or paste the spec URL. The importer handles JSON and YAML, resolves $ref, allOf and oneOf, strips HTML from vendor descriptions, and synthesizes a description when the spec has none — so the resulting tools read cleanly to a model.

✓ imported petstore: 19 operations → 19 tools (14 read, 5 write)

Step 2 — Configure auth once

Set it on the connector; the gateway injects it on every call, server-side. The agent never sees a credential.

SchemeTypical API
Bearer tokenGitHub, Stripe, most SaaS
Header / query API keylegacy REST, internal services
Basic authJira, older enterprise APIs
OAuth2 client-credentialsMicrosoft Graph, enterprise IdPs — token cached & auto-refreshed

Credentials are stored AES-256-GCM encrypted; an SSRF guard blocks connectors from reaching internal networks unless explicitly allowed.

Step 3 — Connect the agent

Mint a scoped API key (this connector only, read-only if you like) and add the endpoint to your client:

claude mcp add --transport http plugmcp https://your-gateway/mcp \
  --header "Authorization: Bearer pmcp_…"

Claude Desktop, claude.ai, Cursor, ChatGPT and Copilot connect the same way — PlugMCP speaks standard MCP over streamable HTTP.

Or skip the spec: 417 ready connectors

For public SaaS APIs you often don't need to hunt for a spec at all. PlugMCP ships a catalog of 417 connectors generated from public API specifications, each one quality-gated (it must import into working tools) — GitHub, Stripe, Trello, Mailchimp, Telegram and hundreds more. One click, add your credential, done.

Write safety: operations classified as writes (POST/PUT/PATCH/DELETE) can be excluded per key, and with approvals enabled each write waits for a human click in the UI before it executes — with a full audit trail either way.

FAQ

Which OpenAPI versions are supported?

OpenAPI 3.x in JSON or YAML. Swagger 2.0 documents can be converted with the standard swagger2openapi tool first.

What happens with huge specs?

They import fine — and agents don't drown, because past a configurable threshold the gateway exposes search-based tool discovery instead of hundreds of schemas.

Can I edit tool descriptions?

Yes — descriptions, recommended flags and read-only classification are editable per tool, and overlay files let you version-control those improvements.

What does it cost?

Nothing. 100% AGPL-3.0 open source, self-hosted, no license keys, no phone-home. Commercial licenses exist for OEM embedding.

Your APIs are already documented. Make them agent-ready.
Get PlugMCP on GitHub Learn more