diff --git a/mcp-gateway/API_CREDENTIALS_SETUP.md b/mcp-gateway/API_CREDENTIALS_SETUP.md deleted file mode 100644 index 524b7cc..0000000 --- a/mcp-gateway/API_CREDENTIALS_SETUP.md +++ /dev/null @@ -1,325 +0,0 @@ -# API Credentials Setup Guide - -This guide explains how to obtain and configure API credentials for RFP Scraper and LinkedIn MCPs. - -## RFP Scraper Configuration - -### What You Need - -The RFP Scraper MCP requires: -- `RFP_API_KEY` - API key for authenticating requests -- `RFP_BASE_URL` - Base URL of the RFP scraping service - -### Getting RFP Scraper Credentials - -#### Option 1: Self-Hosted RFP Scraper - -If you're running your own RFP scraping service: - -1. **Get the API Key** from your RFP service admin panel or configuration -2. **Get the Base URL** - typically something like: - - `https://rfp.yourdomain.com` - - `https://rfp-service.example.com` - - `http://localhost:3000` (if local) - -#### Option 2: Third-Party RFP Service - -If using a commercial RFP discovery service: - -1. Sign up for an account -2. Navigate to API/Developer settings -3. Generate an API key -4. Note the service endpoint URL - -**Popular RFP Services:** -- **Bonfire** (https://www.bonfirehub.com) - RFP/Grant discovery platform -- **ProposalWorks** - RFP management -- **BidNet Direct** - Government RFP aggregation -- **Catch** - RFP aggregation service - -### Example RFP_API_KEY Format - -- Bonfire: `Bearer eyJhbGciOiJIUzI1NiIs...` -- Custom service: `mcpgw_rfp_abc123xyz789` -- Token-based: `token_1234567890abcdef` - ---- - -## LinkedIn Configuration - -### What You Need - -The LinkedIn MCP requires: -- `LINKEDIN_ACCESS_TOKEN` - OAuth2 access token for LinkedIn API -- `LINKEDIN_API_KEY` - LinkedIn API key (enterprise) - -### Getting LinkedIn Credentials - -#### Step 1: Create a LinkedIn App - -1. Go to **LinkedIn Developer Portal**: https://www.linkedin.com/developers/apps -2. Click **Create App** -3. Fill in the required fields: - - **App Name**: e.g., "MCP Gateway Job Search" - - **LinkedIn Page**: Select your company page - - **App Logo**: Upload a logo - - **Legal Agreement**: Accept terms - -#### Step 2: Get Your API Credentials - -After creating the app: - -1. Go to the **Auth** tab -2. Find your **Client ID** and **Client Secret** -3. In the **Authorized redirect URLs** section, add: - ``` - http://10.0.0.25:4444/callback - https://mcp.wilddragon.net/callback - ``` - -#### Step 3: Request API Access - -LinkedIn requires specific API access. Submit requests for: - -1. **Sign In with LinkedIn** - For authentication -2. **Share on LinkedIn** - If posting functionality needed -3. **LinkedIn Jobs Search** - For job search capabilities - -Request these under the **Request access** tab. - -#### Step 4: Generate Access Token - -Option A - Using OAuth2 Flow: - -```bash -# 1. Direct user to LinkedIn authorization -https://www.linkedin.com/oauth/v2/authorization? - response_type=code - &client_id=YOUR_CLIENT_ID - &redirect_uri=http://10.0.0.25:4444/callback - &scope=r_liteprofile%20r_emailaddress%20w_member_social - -# 2. LinkedIn redirects with authorization code -# 3. Exchange code for access token: -curl -X POST https://www.linkedin.com/oauth/v2/accessToken \ - -H "Content-Type: application/x-www-form-urlencoded" \ - -d "grant_type=authorization_code" \ - -d "code=YOUR_AUTHORIZATION_CODE" \ - -d "redirect_uri=http://10.0.0.25:4444/callback" \ - -d "client_id=YOUR_CLIENT_ID" \ - -d "client_secret=YOUR_CLIENT_SECRET" -``` - -Option B - Using Personal Access Token (Enterprise): - -If you have LinkedIn enterprise access: - -1. Go to **Settings** → **Personal tokens** -2. Create a new token with required scopes -3. Copy the token immediately (it won't be shown again) - -#### Step 5: Verify Your Token - -Test your token with: - -```bash -curl -X GET https://api.linkedin.com/v2/me \ - -H "Authorization: Bearer YOUR_ACCESS_TOKEN" -``` - -Should return your LinkedIn profile info. - ---- - -## Configuring the .env File - -Once you have your credentials: - -### Step 1: Edit .env - -```bash -nano /sessions/vigilant-elegant-ramanujan/mnt/MCP\ Servers/mcp-gateway/.env -``` - -### Step 2: Add RFP Scraper Credentials - -```env -# RFP Scraper MCP Server -RFP_API_KEY=your_actual_api_key_here -RFP_BASE_URL=https://rfp.yourdomain.com -``` - -### Step 3: Add LinkedIn Credentials - -```env -# LinkedIn MCP Server -LINKEDIN_ACCESS_TOKEN=your_actual_access_token_here -LINKEDIN_API_KEY=your_actual_api_key_here -``` - -### Step 4: Optional - Gateway Static API Key - -For testing without OAuth: - -```env -GATEWAY_STATIC_API_KEY=your_static_test_key_here -``` - -### Step 5: Save and Exit - -- Press `Ctrl+X` then `Y` then `Enter` - ---- - -## Example .env Configuration - -```env -# Gateway -GATEWAY_PORT=4444 -GATEWAY_STATIC_API_KEY=mcpgw_test_key_12345 - -# OAuth 2.1 Configuration -OAUTH_ISSUER_URL=https://mcp.wilddragon.net -OAUTH_PASSWORD=your-Nv0SEJtFC&kmXri -OAUTH_ACCESS_TOKEN_TTL=3600 -OAUTH_REFRESH_TOKEN_TTL=2592000 - -# ERPNext MCP Server -ERPNEXT_URL=https://erp.broadcastmgmt.cloud -ERPNEXT_API_KEY=74f38b21ba493c4 -ERPNEXT_API_SECRET=ba3b39cfff13d7f - -# TrueNAS MCP Server -TRUENAS_URL=https://true.wilddragon.net -TRUENAS_API_KEY=10-rKjEy58EHyfsKndMb4sFQkl0mrv2OX7eD2UUMde6is1fznPzliTjfUJWYGyjmLVv - -# Home Assistant MCP Server -HASS_URL=https://haos.wilddragoncore.online -HASS_TOKEN=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJmODFhOTczMDI2YTU0OGEyYjZkMGUyYTM2ZmYzNmI0NiIsImlhdCI6MTc3NDY2NDQ0NiwiZXhwIjoyMDkwMDI0NDQ2fQ.h5KKm6nnuPcc6t5karUqalQyzHYDc1ekwNFIAkkrkjs - -# Wave Finance MCP Server -WAVE_ACCESS_TOKEN=pNZZqeHicNLtsvEli6zDGCJ6uNnYUG - -# Wave Finance OAuth -WAVE_CLIENT_ID=jWVuzSgq98ILhX23Az6J_wqpNWsGb3-OJFSgikeE -WAVE_CLIENT_SECRET=tYz1m8NOUd7z2eLx2Lem7pGGebcu7D4A3amWyZgJaoSozLYdTrrQJPK2jwOq7RQtFUAKQrk8b4klTgDmmJnMQ8TeAHvHNGEXLkhVT70MaXUPFYx6kZIvXLzPBn9XIiFb - -# RFP Scraper MCP Server -RFP_API_KEY=your_rfp_api_key_here -RFP_BASE_URL=https://rfp.yourdomain.com - -# LinkedIn MCP Server -LINKEDIN_ACCESS_TOKEN=your_linkedin_access_token_here -LINKEDIN_API_KEY=your_linkedin_api_key_here -``` - ---- - -## Deploying with New Credentials - -### Step 1: Verify Credentials in .env - -```bash -grep -E "RFP_|LINKEDIN_" /path/to/.env -``` - -You should see your actual values (not blank). - -### Step 2: Rebuild Containers - -```bash -cd /path/to/mcp-gateway -docker-compose down -docker-compose build -``` - -### Step 3: Start Services - -```bash -docker-compose up -d -``` - -### Step 4: Check Logs - -```bash -# Check if services started successfully -docker-compose logs rfpscraper-mcp -docker-compose logs linkedin-mcp - -# Should NOT see "variable not set" warnings -``` - -### Step 5: Verify in Dashboard - -Visit: `http://10.0.0.25:4444/dashboard` - -Should show: -- ✅ RFP Scraper - Healthy (with tool count) -- ✅ LinkedIn - Healthy (with tool count) - ---- - -## Troubleshooting - -### "Connection refused" or "Failed to initialize" - -1. **Check environment variables were saved**: - ```bash - docker-compose config | grep -E "RFP_|LINKEDIN_" - ``` - -2. **Check containers are running**: - ```bash - docker-compose ps | grep -E "rfpscraper|linkedin" - ``` - -3. **Check service logs**: - ```bash - docker-compose logs rfpscraper-mcp --tail=50 - ``` - -### "Invalid API key" or "Authentication failed" - -1. **Verify the credential format** - Check the service documentation -2. **Ensure no extra spaces** - Credentials should not have leading/trailing whitespace -3. **Check token expiration** - Some tokens expire after a period -4. **Regenerate if needed** - Get a fresh token from the service - -### RFP Service not responding - -1. **Verify RFP_BASE_URL** - Should be accessible from the gateway container -2. **Check network connectivity**: - ```bash - docker-compose exec gateway-mcp ping rfp.yourdomain.com - ``` -3. **Check firewall rules** - Ensure port 443 (or service port) is not blocked - -### LinkedIn API not working - -1. **Verify Token Scope** - Ensure token has required scopes -2. **Check Token Expiration** - LinkedIn tokens may expire -3. **Verify App Permissions** - Check LinkedIn app has necessary API access approved - ---- - -## Security Best Practices - -1. **Never commit .env to version control** - Add to `.gitignore` -2. **Rotate credentials periodically** - Regenerate API keys every 90 days -3. **Use environment variables** - Never hardcode credentials -4. **Limit token scope** - Request only necessary permissions -5. **Monitor usage** - Check API usage logs for suspicious activity -6. **Use separate tokens** - Consider separate keys for development/production - ---- - -## Next Steps - -1. ✅ Obtain API credentials for RFP Scraper -2. ✅ Obtain API credentials for LinkedIn -3. ✅ Update .env file with actual values -4. ✅ Rebuild and restart Docker containers -5. ✅ Verify services are healthy in dashboard -6. ✅ Grant users access to new MCPs in user management - -Once configured, your gateway will have access to job search and professional networking capabilities!