Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.harbormcp.ai/llms.txt

Use this file to discover all available pages before exploring further.

Harbor’s gateway (called the Lighthouse) exposes your MCP servers over HTTP, enabling remote access and tool discovery. It bridges both local stdio servers and remote HTTP MCP servers.

Starting the Gateway

CLI

harbor lighthouse [--port 3100] [--host 127.0.0.1] [--expose] [--token <secret>]
FlagDescription
--portPort to listen on (default: 3100)
--hostIP to bind to (default: 127.0.0.1)
--exposeShorthand for --host 0.0.0.0 (expose to network)
--tokenBearer token required for remote access

Desktop App

Use the dedicated Lighthouse page in the sidebar to start/stop the gateway and configure settings.

Endpoints

Once running, the gateway provides these endpoints:
EndpointMethodDescription
/healthGETHealth check — returns 200 with version. No auth required.
/toolsGETList all available tools across your docked servers
/serversGETList all running MCP servers
/mcpPOSTJSON-RPC endpoint for MCP protocol messages
/reloadPOSTRe-read config from disk and hot-reload servers and auth token
/sseGETServer-sent events stream for real-time updates

Query Parameters

The /tools endpoint supports optional filters:
ParameterDescription
?host=<name>Apply host-specific tool overrides (e.g., ?host=claude)
?server=<name>Only return tools from a specific server

Authentication

The gateway uses bearer token authentication for remote access:
  • Localhost connections are always trusted — no token required
  • Remote connections require Authorization: Bearer <token> when gateway_token is configured
  • If no token is configured and the gateway is exposed to the network, a warning is logged

Configuring a token

[harbor]
gateway_host = "0.0.0.0"
gateway_token = "my-secret-token"
The token also supports vault references: 
gateway_token = "vault:gateway_token"

Examples

# Check health (no auth needed)
curl http://localhost:3100/health

# List available tools
curl http://localhost:3100/tools

# List tools for a specific host
curl http://localhost:3100/tools?host=claude

# List running servers
curl http://localhost:3100/servers

# Call a tool via JSON-RPC
curl -X POST http://localhost:3100/mcp \
  -H "Content-Type: application/json" \
  -d '{"jsonrpc":"2.0","id":1,"method":"tools/call","params":{"name":"get_issues","arguments":{}}}'

# Hot-reload config from disk
curl -X POST http://localhost:3100/reload

# Remote access with bearer token
curl -H "Authorization: Bearer my-secret-token" http://my-server:3100/tools

Configuration

[harbor]
gateway_port = 3100          # Port to listen on
gateway_host = "127.0.0.1"   # Bind address ("0.0.0.0" for network)
gateway_token = "my-secret"  # Bearer token for remote access
The gateway enables CORS by default, allowing cross-origin requests from web applications. The HTTP server starts before initializing MCP servers, so the health endpoint is available immediately.