Hub MCP Proxy
Connect AI assistants to PodWarden through Hub — no ports to open, no VPN required
PodWarden Hub acts as an MCP proxy between your AI client and your PodWarden instance. Instead of connecting directly to your instance, your AI client connects to Hub. Hub routes tool calls through a secure WebSocket tunnel to your instance.
How it works
- PodWarden opens an outbound tunnel — Your instance connects to Hub via WebSocket. The connection is outbound, so no ports need to be opened.
- AI client connects to Hub — You point Claude, Cursor, or any MCP client at Hub's MCP endpoint using your
pwc_API key. - Hub routes tool calls — When the AI calls a tool, Hub forwards the request through the tunnel to your instance. The tool executes locally and the result flows back.
- Everything is logged — Every tool call through the tunnel appears in PodWarden's MCP Activity Log.
Setting up the tunnel
1. Connect to Hub
If you haven't already, connect your PodWarden instance to Hub:
- Go to Settings > Hub
- Enter the Hub URL (
https://apps.podwarden.com) - Enter your API key (create one in Hub Dashboard > API Keys)
- Click Test Connection then Save
2. Enable the tunnel
- Go to Settings > MCP
- Find the Hub MCP Tunnel section (appears when Hub is configured)
- Toggle Enable Tunnel on
PodWarden opens a persistent WebSocket connection to Hub. You can verify the connection in Hub Dashboard > MCP — your instance should appear as "Connected".
3. Set the access level
In the same MCP settings page, under MCP Access Level, choose:
| Level | What's exposed |
|---|---|
| Read Only (default) | List and view tools only — no changes to infrastructure |
| Full Access | All tools including create, update, deploy, and delete |
The access level controls which tools are available through both direct MCP connections and the Hub tunnel. Changing the access level automatically reconnects the tunnel to update the available tool list — no restart needed.
Connecting your AI client
Endpoint: https://mcp.podwarden.com/mcp
Auth: Your Hub API key (pwc_...) as a Bearer token.
Ready-to-copy config snippets are available in Hub Dashboard > MCP. See Client Configuration for per-client setup instructions.
Available tools
When connected through Hub, three extra tools are available for managing instances:
| Tool | Description |
|---|---|
list_instances | List connected PodWarden instances (name, status, tool count) |
list_instance_tools | List available tools on an instance |
call_instance_tool | Execute a tool on a connected instance |
If your organization has only one connected instance, call_instance_tool automatically targets it — no need to specify an instance ID.
Privacy and security
- Outbound only — Hub cannot reach into your network unless you explicitly enable the tunnel.
- Opt-in — The tunnel is disabled by default.
- Access control — You choose read-only or full access. Individual token roles further restrict what each connection can do.
- Audit trail — Every tool call is logged. Entries show "Hub Tunnel" as the token source.
- Disable anytime — Toggle the tunnel off to immediately cut the connection.
Direct vs. Hub proxy comparison
| Direct | Hub Proxy | |
|---|---|---|
| Requires open port | Yes | No — outbound tunnel |
| Auth | pwm_ MCP token | pwc_ Hub API key |
| RBAC | Token role | Access level + token role |
| Audit | MCP Activity Log | MCP Activity Log (Hub Tunnel) |
| Multiple instances | One connection each | One Hub endpoint |
| Latency | Direct | +1 hop through Hub |