Getting Started
ToolMesh runs as a single Go binary or Docker container. It exposes an MCP server that AI agents connect to.
Prerequisites
Section titled “Prerequisites”- Docker and Docker Compose
- An AI agent that speaks MCP (Claude Desktop, Claude Code, Claude.ai, or any MCP client)
- Optional: a reverse proxy for TLS (Caddy, Cloudflare Tunnel, nginx)
Quick Start
Section titled “Quick Start”# Clone the repositorygit clone https://github.com/DunkelCloud/ToolMesh.gitcd ToolMesh
# Create your configurationcp .env.example .envOpen .env and set at least one authentication method:
# For interactive login (Claude Desktop, Claude.ai):TOOLMESH_AUTH_PASSWORD=my-secure-password
# For programmatic access (Claude Code, scripts):TOOLMESH_API_KEY=my-api-keyWithout a password or API key, all requests are rejected.
# Start ToolMeshdocker compose up -d
# Verify it's running (default port: 8123)curl http://localhost:8123/healthThe MCP endpoint is available at http://localhost:8123/mcp.
TLS (Important)
Section titled “TLS (Important)”ToolMesh serves plain HTTP. Most MCP clients — including Claude Desktop — require HTTPS and will reject http:// URLs. You need a TLS-terminating reverse proxy in front of ToolMesh:
| Option | When to use |
|---|---|
| Caddy | Self-hosted with a public domain — automatic Let’s Encrypt certs |
| Cloudflare Tunnel | No open ports needed, zero-config TLS |
| nginx / Traefik | Already in your stack |
For local development only, you can bypass TLS by editing claude_desktop_config.json by hand (the GUI enforces https://).
Connect an AI Agent
Section titled “Connect an AI Agent”Claude Desktop
Section titled “Claude Desktop”Add to your Claude Desktop MCP config (claude_desktop_config.json):
{ "mcpServers": { "toolmesh": { "url": "https://toolmesh.example.com/mcp" } }}For local development without TLS proxy:
{ "mcpServers": { "toolmesh": { "url": "http://localhost:8123/mcp" } }}Claude.ai (Custom Connector)
Section titled “Claude.ai (Custom Connector)”ToolMesh supports OAuth 2.1 with PKCE S256 for remote access. Configure users in config/users.yaml and use the public HTTPS URL as the MCP endpoint.
Claude Code
Section titled “Claude Code”Claude Code connects via API key. Set TOOLMESH_API_KEY in your .env, then add the MCP endpoint:
claude mcp add toolmesh http://localhost:8123/mcpAdd a Backend
Section titled “Add a Backend”Backends are configured in config/backends.yaml.
MCP Backend (proxy an existing MCP server)
Section titled “MCP Backend (proxy an existing MCP server)”backends: - name: memorizer transport: http url: "https://memorizer.example.com/mcp" api_key_env: "MEMORIZER_API_KEY"Set the credential as an environment variable in .env:
CREDENTIAL_MEMORIZER_API_KEY=sk-mem-xxxxxCredentials are injected at runtime — the LLM never sees API keys.
REST Backend (via DADL)
Section titled “REST Backend (via DADL)”Instead of building an MCP wrapper server, describe the REST API declaratively in a .dadl file:
backends: - name: github transport: rest dadl: /app/dadl/github.dadl url: "https://api.github.com"Download DADL files from the DADL Registry or generate one with your LLM:
“Create a DADL for the GitHub API — list repos, open issues, and create pull requests.”
What’s Next
Section titled “What’s Next”- Architecture — understand the execution pipeline
- DADL — describe REST APIs without code
- Configuration — all environment variables
- Authentication — OAuth 2.1, API keys, multi-user