Platform Settings
5 min read
Platform settings control the global behavior of MCP Hub. These settings are managed by platform administrators and affect all users, organizations, and services across the platform.
Platform Administrator Configuration
Platform administrators are designated via the ADMIN_USERS environment variable in the .env file:
ADMIN_USERS=[email protected],[email protected],[email protected]
This is a comma-separated list of email addresses. When a user logs in with one of these emails, they are automatically granted the PLATFORM_ADMIN role. Changes to this variable take effect on the next login of each affected user.
Important Notes
- The
platform_rolefield is set in the database when the user authenticates. If an email is removed fromADMIN_USERS, the user loses admin access on their next login. - For immediate revocation without waiting for the next login, update the database directly:
UPDATE users SET platform_role = NULL WHERE email = '[email protected]'. - The platform role is orthogonal to organization roles – a platform admin can also be an organization Member or Viewer.
Future Roles
The platform role system is designed to support additional roles beyond PLATFORM_ADMIN:
| Role | Description | Status |
|---|---|---|
PLATFORM_ADMIN | Full platform access | Available |
MODERATOR | Content moderation, user support | Planned |
SUPPORT | Customer support with read-only access | Planned |
AUDITOR | Read-only access to audit logs | Planned |
Global Configuration
MCP Hub is configured entirely through environment variables. The following categories control platform-wide behavior:
Server Configuration
| Variable | Default | Description |
|---|---|---|
SERVER_HOST | 0.0.0.0 | Bind address for the web server |
SERVER_PORT | 8080 | Port for the web server |
Database Configuration
| Variable | Description |
|---|---|
DB_HOST | PostgreSQL host |
DB_PORT | PostgreSQL port (default: 5432, Docker dev: 15432) |
DB_USER | Database username |
DB_PASSWORD | Database password |
DB_NAME | Database name (default: mcphub) |
Cache and Rate Limiting
| Variable | Description |
|---|---|
REDIS_HOST | Redis host |
REDIS_PORT | Redis port (default: 6390 in Docker dev) |
Redis is used for session storage, access tokens, and rate limiting counters. Rate limits are enforced per plan:
| Plan | API Rate Limit |
|---|---|
| Anonymous | 15 requests/minute |
| Free | 30 requests/minute |
| PRO | 300 requests/minute |
| Enterprise | Custom (up to 5000 requests/minute) |
Storage Configuration
| Variable | Description |
|---|---|
S3_ENDPOINT | S3-compatible endpoint (MinIO in development) |
S3_ACCESS_KEY_ID | S3 access key |
S3_SECRET_ACCESS_KEY | S3 secret key |
S3_BUCKET_SOURCES | Bucket for source tarballs |
S3_BUCKET_ANALYSIS | Bucket for analysis results |
Two S3 buckets are used: one for MCP source code tarballs and one for analysis results and generated reports. The minio-init container in development creates these buckets automatically.
Authentication
| Variable | Description |
|---|---|
AUTH0_DOMAIN | Auth0 tenant domain |
AUTH0_CLIENT_ID | OAuth2 client ID |
AUTH0_CLIENT_SECRET | OAuth2 client secret |
AUTH0_CALLBACK_URL | OAuth2 callback URL |
Worker and AMQP
| Variable | Description |
|---|---|
AMQP_URL | LavinMQ connection URL |
AMQP_EXCHANGE | Main exchange name (default: mcp.jobs) |
WORKER_POLL_INTERVAL | Scheduler polling interval |
WORKER_MAX_CONCURRENT | Maximum concurrent jobs per worker |
Registry Integration
| Variable | Description |
|---|---|
REGISTRY_URL | URL of the mcp-registry service |
REGISTRY_SERVICE_TOKEN | JWT service token for hub-to-registry authentication |
Admin Dashboard
The admin dashboard at /admin provides a high-level overview of platform health and activity.
Statistics Cards
- Total Users: Total registered users and active count.
- Organizations: Total organizations and active count.
- Total MCPs: Registered MCPs with public/private breakdown.
- Activity (Last 24h): Recent platform events with 7-day and 30-day trends.
User Distribution
A visual breakdown showing the percentage of users on each plan (Free, PRO, Enterprise), useful for understanding revenue distribution and conversion rates.
Quick Actions
Direct navigation links to:
- Manage Users:
/admin/users - Manage Organizations:
/admin/orgs - Audit Logs:
/admin/audit
Organization Management
Platform administrators can manage all organizations from /admin/orgs:
- View all organizations: List with name, slug, plan, status, member count, and creation date.
- Organization details: View members, activity, areas, and configuration.
- Change organization plan: Upgrade or downgrade between Free, PRO, and Enterprise.
- Suspend organization: Temporarily disable access for all members (requires a reason).
- Activate organization: Restore access after suspension.
- Delete organization: Soft-delete the organization (data preserved for compliance).
Global Audit Log
The platform audit log at /admin/audit records all administrative actions across the platform:
GET /api/v1/admin/audit
Supports filtering by:
- Action type:
user.suspend,org.create,mcp.delete, etc. - Date range: Events within a specific time period.
- Pagination: Page and limit parameters.
Action Categories
User actions: user.create, user.update, user.suspend, user.activate, user.delete, user.plan_update, user.role_change, user.bulk_suspend, user.bulk_activate
Organization actions: org.create, org.update, org.suspend, org.activate, org.delete, org.plan_update
MCP actions: mcp.create, mcp.update_metadata, mcp.delete, mcp.assign_tags, mcp.featured
Category/Tag actions: category.create, category.update, category.delete, tag.create, tag.update, tag.delete
Each audit event includes the administrator who performed the action, the affected resource, a timestamp, and metadata with action-specific details.
Health Monitoring
Health Check Endpoints
MCP Hub exposes health check endpoints for monitoring and orchestration:
| Endpoint | Purpose | Checks |
|---|---|---|
GET /healthz | Liveness probe | Application is running |
GET /readyz | Readiness probe | Database and Redis connectivity |
Service Ports
In a full deployment, three services run simultaneously:
| Service | Port | Purpose |
|---|---|---|
| Web (hub-web) | 8080 | Dashboard and REST API |
| Worker (hub-worker) | 8082 | Job processing (health/metrics) |
| Scheduler | 8081 | Git polling |
All three services must be running for the complete certification pipeline to function. The web service handles user-facing requests, the scheduler detects new commits, and the worker processes analysis jobs.
Infrastructure Services
| Service | Port | Purpose |
|---|---|---|
| PostgreSQL | 15432 (dev) | Primary database |
| Redis | 6390 (dev) | Cache, sessions, rate limiting |
| MinIO | 9000/9001 | S3-compatible storage |
| LavinMQ | 5672/15672 | AMQP message queue |
The LavinMQ management UI at port 15672 provides visibility into message queues, job distribution, and dead letter queues.
Security Best Practices
- Limit platform administrators: Keep the
ADMIN_USERSlist as short as possible. - Rotate secrets: Periodically rotate
AUTH0_CLIENT_SECRET,REGISTRY_SERVICE_TOKEN, S3 credentials, and the session secret. - Monitor audit logs: Review the admin audit log regularly for unexpected actions.
- Use separate environments: Keep development and production configurations strictly separated, especially Auth0 and Stripe credentials.
- Never log secrets: The platform is designed to never log secret values. Verify this behavior when adding custom logging.
- Secure the
.envfile: Ensure the environment file has restricted permissions and is never committed to version control.