MCP Catalog

The MCP Catalog is a built-in collection of official MCP servers published by providers like Linear, Sentry, Notion, and more. These aren’t community forks — each server is built and maintained by the provider itself. When you install a server from the catalog, the Keycard MCP Gateway sits in front of the official remote MCP server and gives you a protected URL to use instead — enforcing your zone’s identity provider, access policies, and audit logging on every tool call.

What’s in the Catalog

Ahrefs api.ahrefs.com/mcp/mcp

SEO data — backlink analysis, keyword research, organic traffic, site audits, and competitive intelligence

108 tools

Amplitude mcp.amplitude.com/mcp

Product analytics — experiments, user behavior, dashboards, cohorts, and feature flags

35 tools

Apify mcp.apify.com

Discover and run web scraping Actors, access datasets, and automate data extraction

8 tools

Atlassian mcp.atlassian.com/v1/mcp

Jira issues, Confluence pages, and Compass components — search, create, and manage across products

26 tools

Attio mcp.attio.com/mcp

CRM workspace — search, create, and update people, companies, deals, tasks, and pipeline

33 tools

Axiom mcp.axiom.co/mcp

Query and analyze observability data — logs, traces, dashboards, and monitors

17 tools

Close mcp.close.com/mcp

Sales CRM — search leads, manage opportunities and pipelines, and track activities

30 tools

Cloudflare mcp.cloudflare.com/mcp

Manage DNS zones, Workers scripts, security configurations, analytics, and account resources

2 tools

Granola mcp.granola.ai/mcp

AI meeting notes — query meetings, browse folders, retrieve details, and access full transcripts

5 tools

Linear mcp.linear.app/mcp

Issue tracking, project management, cycles, and documents for engineering teams

42 tools

Neon mcp.neon.tech/mcp

Serverless Postgres — branching, SQL queries, schema management, and migrations

29 tools

Notion mcp.notion.com/mcp

Search, create, and manage pages, databases, and content across your workspace

14 tools

Sentry mcp.sentry.dev/mcp

Investigate errors, analyze stack traces, review performance, and manage issues

13 tools

More servers coming soon

Note

The catalog is regularly updated with new MCP servers.

Why the Keycard MCP Gateway Matters

Without Keycard, connecting to a remote MCP server means each user authenticates independently with no centralized visibility into what tools are being used or by whom.

The Keycard MCP Gateway sits between your development tools and the remote MCP server, providing:

• Identity-based access - users authenticate with your zone’s identity provider (e.g., Okta, Auth0) via standard OAuth flows, giving you a single authentication layer across all MCP servers
• Policy enforcement - access policies control which users and applications can access which MCP servers
• Audit trail - every MCP server access is logged with the authenticated user’s identity
• Automatic credential management - Keycard handles OAuth token exchange, refresh, and lifecycle with the remote MCP server on the user’s behalf

Prerequisites

• A Keycard zone with an identity provider connected (e.g., Okta, Auth0, Google)
• Create application permission in your zone

Note

If you haven’t set up your zone yet, see the Quickstart guide for initial setup.

Add an MCP Server to Your Gateway

Adding an MCP server is a two-step process: first you install it to your zone’s Keycard MCP Gateway from the catalog, then you connect it to your development tools.

Step 1: Install to Keycard MCP Gateway

Navigate to Applications in your zone’s Keycard Console, click Add Application, then select Explore MCP Servers.

Browse the grid or use the search bar to find an MCP server. You can click Install directly from the grid, or click a server to view its details first.

The detail view shows the server’s description, tags, version, and available tools. Click Install to add it to your Keycard MCP Gateway.

Once installed, the server appears as an application on the Applications page with a Keycard MCP Gateway URL.

Step 2: Connect to Your Development Tool

Click the installed application to open its detail dialog. Use the Install dropdown to connect the Keycard MCP Gateway-protected server to your development tool.

Cursor

1. Select Cursor from the Install dropdown

   Your browser asks to open Cursor. Click Open Cursor to continue.

2. Confirm the installation

   Cursor opens its Tools & MCP settings with the server pre-filled. Click Install to add it.

3. Authenticate

   The server initially shows Needs authentication. Click Connect to start the auth flow.

4. Start using the tools

   Once authenticated, the server shows a green status indicator with the number of available tools.

Claude Code

1. Select Claude Code from the Install dropdown

   A dialog appears with a claude mcp add command and three scope options:

   • User (recommended) - available across all your projects
   • Project - shared with your team via .mcp.json
   • Local - private to you, current project only

2. Copy and run the command

   Copy the command and run it in your terminal:

   claude mcp add --transport http --scope user <server-name> <gateway-url>

3. Authenticate when prompted

   The first time Claude Code calls a tool from this server, you’ll authenticate through your browser.

Any MCP Client

Select Install manually to see the server Name and Server URL. Copy these values into any MCP-compatible client that supports HTTP transport.

Authentication Flow

The first time a user connects to an MCP server through the Keycard MCP Gateway from their development tool, they complete a two-step authentication:

1. Identity provider sign-in - sign in with your zone’s identity provider (e.g., Okta) to verify your identity

2. MCP server authorization - the remote MCP server (e.g., Axiom) asks you to approve access, then Keycard manages tokens on your behalf

After both steps, you see an Authentication Successful confirmation. Return to your development tool to complete the connection where it started.

Keycard handles token refresh automatically.

Tip

Want to control which users can access specific MCP servers? Create an access policy to restrict access based on user attributes, roles, or application identity.