toolhive
ToolHive is an open-source platform for securely running and managing Model Context Protocol (MCP) servers across desktop, Kubernetes, and hybrid environments. It isolates MCP servers in containers, enforces identity and access policies, and provides observability for enterprise adoption of AI tools.
Key facts
Objective fields from the source. Values we can't verify are shown as “Unknown” rather than guessed.
| Field | Value |
|---|---|
| Repository | stacklok/toolhive |
| Owner | stacklok |
| Primary language | Go |
| License | Apache-2.0 — OSI-approved |
| Stars | 1.9k |
| Forks | 240 |
| Open issues | 248 |
| Latest release | v0.34.0 (2026-07-07) |
| Last updated | 2026-07-08 |
| Source | https://github.com/stacklok/toolhive |
What toolhive is
Built in Go, ToolHive comprises a modular architecture (Gateway, Registry Server, Runtime, Portal) that orchestrates MCP server lifecycle, enforces fine-grained access control via OIDC/OAuth integration, runs servers in isolated containers, and exports OpenTelemetry traces and Prometheus metrics for observability.
Get the toolhive source
Clone the repository and explore it locally.
git clone https://github.com/stacklok/toolhive.gitcd toolhive# follow the project's README for install & configurationNeed it deployed, integrated, or customized instead? DEV.co ships production installs.
Best use cases
Implementation considerations
- Requires Docker/Podman for local deployments or a functional Kubernetes cluster (with operator support) for enterprise use; evaluate existing infrastructure compatibility.
- Identity integration via OIDC/OAuth is available but requires configuration; audit requirements and SSO architecture mapping before deployment.
- Container image supply and MCP server catalog curation (via Registry Server) requires planning; decide whether to use official MCP registry, build custom images, or proxy external servers.
- OpenTelemetry and Prometheus integration for observability is included; ensure monitoring stack compatibility and alert configuration before production.
- Isolated container execution per request may increase latency and resource consumption; benchmark token savings claims and performance against your typical MCP server usage patterns.
When to avoid it — and what to weigh
- You need a fully managed, zero-ops SaaS solution — ToolHive is open-source and requires self-hosting, operational maintenance, and infrastructure provisioning. If you want minimal operational overhead, consider managed alternatives.
- Your environment does not support containerization — ToolHive's core design relies on Docker/Podman containers (desktop) or Kubernetes (enterprise). Organizations without container runtimes cannot easily adopt this platform.
- You lack Kubernetes expertise for enterprise deployment — The Kubernetes operator requires Kubernetes cluster management knowledge. Enterprises without K8s operations teams may face significant learning curve and ongoing maintenance burden.
- You need proven, stable production track record — ToolHive was created 2025-03-12 and is at v0.34.0 (released 2026-07-07). The project is active but relatively young; long-term production stability and maintenance guarantees are Unknown.
License & commercial use
ToolHive is released under Apache License 2.0 (Apache-2.0), a permissive OSI-approved open-source license. It permits commercial use, modification, and distribution, provided license and copyright notices are retained and liability disclaimers are honored.
Apache-2.0 is a permissive open-source license that allows commercial use without requiring proprietary source code disclosure. However, verify whether Stacklok's commercial terms, support obligations, or dual-licensing arrangements impose additional restrictions; the README references 'Stacklok Enterprise' as a commercial variant, suggesting potential commercial licensing considerations. Consult legal counsel if your use case involves proprietary modifications or commercial redistribution.
DEV.co evaluation signals
Editorial assessment — not user reviews. Directional, with an explicit confidence level.
| Signal | Assessment |
|---|---|
| Maintenance | Active |
| Documentation | Strong |
| License clarity | Clear |
| Deployment complexity | High |
| DEV.co fit | Good |
| Assessment confidence | High |
ToolHive implements per-server container isolation, identity-based access policies (OIDC/OAuth), audit logging, and OpenTelemetry tracing. Container isolation reduces blast radius of compromised MCP servers. However, ensure: (1) container runtime security hardening (Pod Security Standards, network policies); (2) secret management strategy (encrypted local storage, Kubernetes Secrets integration); (3) identity provider security posture; (4) audit log retention and access control. No formal security audit, penetration test results, or CVE history provided; conduct threat modeling aligned with your risk profile. Requires security review before production deployment.
Alternatives to consider
Anthropic Claude API (managed MCP)
Fully managed, zero-ops service if you accept SaaS deployment; no self-hosting or Kubernetes overhead, but less control over data residency and custom server integration.
LangChain / LlamaIndex framework-based MCP wrappers
Lightweight, framework-integrated MCP orchestration without standalone platform overhead; suitable for application-embedded use but lacks enterprise registry, policy enforcement, and observability.
Stacklok Enterprise (commercial variant)
Managed platform with added capabilities, expert support, and SaaS or on-premises options; eliminates self-hosting burden but requires commercial licensing and vendor lock-in.
Build on toolhive with DEV.co software developers
Download ToolHive, explore the Kubernetes operator, or review the enterprise variant. Start with the quickstart guide (desktop, CLI, or K8s) and join the Discord community for support.
Talk to DEV.coRelated open-source tools
Surfaced by semantic similarity across the DEV.co open-source index.
Related on DEV.co
Explore the category and the services that help you build with it.
toolhive FAQ
Can I run ToolHive without Kubernetes?
Does ToolHive support existing MCP servers from the official registry?
What is the claimed token savings?
Is Stacklok Enterprise required for production?
Software development & web development with DEV.co
Need help beyond evaluating toolhive? DEV.co is a software development agency offering software development services and web development for teams of every size. Our software developers and web developers build custom software, web applications, APIs, and mcp servers integrations — and maintain them long-term.
Ready to secure and scale MCP servers?
Download ToolHive, explore the Kubernetes operator, or review the enterprise variant. Start with the quickstart guide (desktop, CLI, or K8s) and join the Discord community for support.