zgaetano/mcp-servers
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add API_CREDENTIALS_SETUP.md

Browse source
This commit is contained in:
Zac Gaetano 2026-03-31 15:33:21 -04:00
parent 9a93c0d889
commit dbc2a7ebd5
1 changed files with 325 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

325
API_CREDENTIALS_SETUP.md Normal file
View file

@ -0,0 +1,325 @@
# API Credentials Setup Guide
This guide explains how to obtain and configure API credentials for RFP Scraper and LinkedIn MCPs.
## RFP Scraper Configuration
### What You Need
The RFP Scraper MCP requires:
- `RFP_API_KEY` - API key for authenticating requests
- `RFP_BASE_URL` - Base URL of the RFP scraping service
### Getting RFP Scraper Credentials
#### Option 1: Self-Hosted RFP Scraper
If you're running your own RFP scraping service:
1. **Get the API Key** from your RFP service admin panel or configuration
2. **Get the Base URL** - typically something like:
- `https://rfp.yourdomain.com`
- `https://rfp-service.example.com`
- `http://localhost:3000` (if local)
#### Option 2: Third-Party RFP Service
If using a commercial RFP discovery service:
1. Sign up for an account
2. Navigate to API/Developer settings
3. Generate an API key
4. Note the service endpoint URL
**Popular RFP Services:**
- **Bonfire** (https://www.bonfirehub.com) - RFP/Grant discovery platform
- **ProposalWorks** - RFP management
- **BidNet Direct** - Government RFP aggregation
- **Catch** - RFP aggregation service
### Example RFP_API_KEY Format
- Bonfire: `Bearer eyJhbGciOiJIUzI1NiIs...`
- Custom service: `mcpgw_rfp_abc123xyz789`
- Token-based: `token_1234567890abcdef`
---
## LinkedIn Configuration
### What You Need
The LinkedIn MCP requires:
- `LINKEDIN_ACCESS_TOKEN` - OAuth2 access token for LinkedIn API
- `LINKEDIN_API_KEY` - LinkedIn API key (enterprise)
### Getting LinkedIn Credentials
#### Step 1: Create a LinkedIn App
1. Go to **LinkedIn Developer Portal**: https://www.linkedin.com/developers/apps
2. Click **Create App**
3. Fill in the required fields:
- **App Name**: e.g., "MCP Gateway Job Search"
- **LinkedIn Page**: Select your company page
- **App Logo**: Upload a logo
- **Legal Agreement**: Accept terms
#### Step 2: Get Your API Credentials
After creating the app:
1. Go to the **Auth** tab
2. Find your **Client ID** and **Client Secret**
3. In the **Authorized redirect URLs** section, add:
```
http://10.0.0.25:4444/callback
https://mcp.wilddragon.net/callback
```
#### Step 3: Request API Access
LinkedIn requires specific API access. Submit requests for:
1. **Sign In with LinkedIn** - For authentication
2. **Share on LinkedIn** - If posting functionality needed
3. **LinkedIn Jobs Search** - For job search capabilities
Request these under the **Request access** tab.
#### Step 4: Generate Access Token
Option A - Using OAuth2 Flow:
```bash
# 1. Direct user to LinkedIn authorization
https://www.linkedin.com/oauth/v2/authorization?
response_type=code
&client_id=YOUR_CLIENT_ID
&redirect_uri=http://10.0.0.25:4444/callback
&scope=r_liteprofile%20r_emailaddress%20w_member_social
# 2. LinkedIn redirects with authorization code
# 3. Exchange code for access token:
curl -X POST https://www.linkedin.com/oauth/v2/accessToken \
-H "Content-Type: application/x-www-form-urlencoded" \
-d "grant_type=authorization_code" \
-d "code=YOUR_AUTHORIZATION_CODE" \
-d "redirect_uri=http://10.0.0.25:4444/callback" \
-d "client_id=YOUR_CLIENT_ID" \
-d "client_secret=YOUR_CLIENT_SECRET"
```
Option B - Using Personal Access Token (Enterprise):
If you have LinkedIn enterprise access:
1. Go to **Settings** → **Personal tokens**
2. Create a new token with required scopes
3. Copy the token immediately (it won't be shown again)
#### Step 5: Verify Your Token
Test your token with:
```bash
curl -X GET https://api.linkedin.com/v2/me \
-H "Authorization: Bearer YOUR_ACCESS_TOKEN"
```
Should return your LinkedIn profile info.
---
## Configuring the .env File
Once you have your credentials:
### Step 1: Edit .env
```bash
nano /sessions/vigilant-elegant-ramanujan/mnt/MCP\ Servers/mcp-gateway/.env
```
### Step 2: Add RFP Scraper Credentials
```env
# RFP Scraper MCP Server
RFP_API_KEY=your_actual_api_key_here
RFP_BASE_URL=https://rfp.yourdomain.com
```
### Step 3: Add LinkedIn Credentials
```env
# LinkedIn MCP Server
LINKEDIN_ACCESS_TOKEN=your_actual_access_token_here
LINKEDIN_API_KEY=your_actual_api_key_here
```
### Step 4: Optional - Gateway Static API Key
For testing without OAuth:
```env
GATEWAY_STATIC_API_KEY=your_static_test_key_here
```
### Step 5: Save and Exit
- Press `Ctrl+X` then `Y` then `Enter`
---
## Example .env Configuration
```env
# Gateway
GATEWAY_PORT=4444
GATEWAY_STATIC_API_KEY=mcpgw_test_key_12345
# OAuth 2.1 Configuration
OAUTH_ISSUER_URL=https://mcp.wilddragon.net
OAUTH_PASSWORD=your-Nv0SEJtFC&kmXri
OAUTH_ACCESS_TOKEN_TTL=3600
OAUTH_REFRESH_TOKEN_TTL=2592000
# ERPNext MCP Server
ERPNEXT_URL=https://erp.broadcastmgmt.cloud
ERPNEXT_API_KEY=74f38b21ba493c4
ERPNEXT_API_SECRET=ba3b39cfff13d7f
# TrueNAS MCP Server
TRUENAS_URL=https://true.wilddragon.net
TRUENAS_API_KEY=10-rKjEy58EHyfsKndMb4sFQkl0mrv2OX7eD2UUMde6is1fznPzliTjfUJWYGyjmLVv
# Home Assistant MCP Server
HASS_URL=https://haos.wilddragoncore.online
HASS_TOKEN=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJmODFhOTczMDI2YTU0OGEyYjZkMGUyYTM2ZmYzNmI0NiIsImlhdCI6MTc3NDY2NDQ0NiwiZXhwIjoyMDkwMDI0NDQ2fQ.h5KKm6nnuPcc6t5karUqalQyzHYDc1ekwNFIAkkrkjs
# Wave Finance MCP Server
WAVE_ACCESS_TOKEN=pNZZqeHicNLtsvEli6zDGCJ6uNnYUG
# Wave Finance OAuth
WAVE_CLIENT_ID=jWVuzSgq98ILhX23Az6J_wqpNWsGb3-OJFSgikeE
WAVE_CLIENT_SECRET=tYz1m8NOUd7z2eLx2Lem7pGGebcu7D4A3amWyZgJaoSozLYdTrrQJPK2jwOq7RQtFUAKQrk8b4klTgDmmJnMQ8TeAHvHNGEXLkhVT70MaXUPFYx6kZIvXLzPBn9XIiFb
# RFP Scraper MCP Server
RFP_API_KEY=your_rfp_api_key_here
RFP_BASE_URL=https://rfp.yourdomain.com
# LinkedIn MCP Server
LINKEDIN_ACCESS_TOKEN=your_linkedin_access_token_here
LINKEDIN_API_KEY=your_linkedin_api_key_here
```
---
## Deploying with New Credentials
### Step 1: Verify Credentials in .env
```bash
grep -E "RFP_|LINKEDIN_" /path/to/.env
```
You should see your actual values (not blank).
### Step 2: Rebuild Containers
```bash
cd /path/to/mcp-gateway
docker-compose down
docker-compose build
```
### Step 3: Start Services
```bash
docker-compose up -d
```
### Step 4: Check Logs
```bash
# Check if services started successfully
docker-compose logs rfpscraper-mcp
docker-compose logs linkedin-mcp
# Should NOT see "variable not set" warnings
```
### Step 5: Verify in Dashboard
Visit: `http://10.0.0.25:4444/dashboard`
Should show:
- ✅ RFP Scraper - Healthy (with tool count)
- ✅ LinkedIn - Healthy (with tool count)
---
## Troubleshooting
### "Connection refused" or "Failed to initialize"
1. **Check environment variables were saved**:
```bash
docker-compose config | grep -E "RFP_|LINKEDIN_"
```
2. **Check containers are running**:
```bash
docker-compose ps | grep -E "rfpscraper|linkedin"
```
3. **Check service logs**:
```bash
docker-compose logs rfpscraper-mcp --tail=50
```
### "Invalid API key" or "Authentication failed"
1. **Verify the credential format** - Check the service documentation
2. **Ensure no extra spaces** - Credentials should not have leading/trailing whitespace
3. **Check token expiration** - Some tokens expire after a period
4. **Regenerate if needed** - Get a fresh token from the service
### RFP Service not responding
1. **Verify RFP_BASE_URL** - Should be accessible from the gateway container
2. **Check network connectivity**:
```bash
docker-compose exec gateway-mcp ping rfp.yourdomain.com
```
3. **Check firewall rules** - Ensure port 443 (or service port) is not blocked
### LinkedIn API not working
1. **Verify Token Scope** - Ensure token has required scopes
2. **Check Token Expiration** - LinkedIn tokens may expire
3. **Verify App Permissions** - Check LinkedIn app has necessary API access approved
---
## Security Best Practices
1. **Never commit .env to version control** - Add to `.gitignore`
2. **Rotate credentials periodically** - Regenerate API keys every 90 days
3. **Use environment variables** - Never hardcode credentials
4. **Limit token scope** - Request only necessary permissions
5. **Monitor usage** - Check API usage logs for suspicious activity
6. **Use separate tokens** - Consider separate keys for development/production
---
## Next Steps
1. ✅ Obtain API credentials for RFP Scraper
2. ✅ Obtain API credentials for LinkedIn
3. ✅ Update .env file with actual values
4. ✅ Rebuild and restart Docker containers
5. ✅ Verify services are healthy in dashboard
6. ✅ Grant users access to new MCPs in user management
Once configured, your gateway will have access to job search and professional networking capabilities!