MCPJungle Enterprise mode overview

MCPJungle ships in two modes. Development mode (the default) is designed for individuals running the gateway locally: no authentication is enforced and any MCP client can reach any registered server. Enterprise mode is designed for teams and organisations that deploy MCPJungle on a shared server: it enforces authentication on both the admin API and the MCP proxy, enables per-client access control lists (ACLs), and turns on OpenTelemetry metrics automatically.

Choosing a mode

	Development	Enterprise
Target audience	Individual developers	Teams and organisations
Authentication on admin API	None	Bearer token required
Authentication on MCP proxy	None	Per-client bearer token required
Access control lists	All clients access all servers	Explicit allow-list per client
OpenTelemetry metrics	Disabled by default	Enabled by default

Enterprise mode was previously called production mode. The --prod flag and SERVER_MODE=production still work but are deprecated — use --enterprise and SERVER_MODE=enterprise instead.

Enabling enterprise mode

CLI flag
Environment variable
Docker Compose (recommended for production)

mcpjungle start --enterprise

export SERVER_MODE=enterprise
mcpjungle start

Use the production Docker Compose file, which starts MCPJungle in enterprise mode alongside a Postgres database and a Prometheus instance:

curl -O https://raw.githubusercontent.com/mcpjungle/MCPJungle/refs/heads/main/docker-compose.prod.yaml
docker compose -f docker-compose.prod.yaml up -d

The compose file sets SERVER_MODE=enterprise and OTEL_ENABLED=true by default. It also wires up a Prometheus scrape job against the /metrics endpoint.

Initializing the server

When MCPJungle starts in enterprise mode for the first time, it does not create any users automatically. You must run the init-server command from your client machine to bootstrap the admin account:

Start the server in enterprise mode

Start MCPJungle using any of the methods above. The server will print a reminder to run init-server before accepting requests.

Run init-server

Point the CLI at your server (the default registry URL is http://127.0.0.1:8080) and run:

mcpjungle init-server

This creates an admin user on the server and saves the admin access token to ~/.mcpjungle.conf on your local machine. You will see output similar to:

Initializing the MCPJungle Server in Enterprise Mode...
Your Admin access token has been saved to /home/you/.mcpjungle.conf
All done!

Verify access

All subsequent CLI commands will automatically read the token from ~/.mcpjungle.conf and send it in the Authorization: Bearer header. You can verify by running:

mcpjungle list tools

Run mcpjungle init-server exactly once. If you run it again after the server is already initialised, the command will fail. Keep ~/.mcpjungle.conf safe — it holds your admin token.

Next steps

Access control

Create MCP clients and user accounts, and configure which servers each client can reach.

Observability

Scrape Prometheus-compatible metrics from the /metrics endpoint to monitor tool call activity.

Get Started

Deployment

Managing MCP Servers

Tool Groups

Enterprise

Integrations

MCPJungle Enterprise mode overview

Choosing a mode

Enabling enterprise mode

Initializing the server

Next steps

Access control

Observability

Get Started

Deployment

Managing MCP Servers

Tool Groups

Enterprise

Integrations

​Choosing a mode

​Enabling enterprise mode

​Initializing the server

​Next steps

Access control

Observability

Choosing a mode

Enabling enterprise mode

Initializing the server

Next steps