325 lines
8.3 KiB
Markdown
325 lines
8.3 KiB
Markdown
# API Credentials Setup Guide
|
|
|
|
This guide explains how to obtain and configure API credentials for RFP Scraper and LinkedIn MCPs.
|
|
|
|
## RFP Scraper Configuration
|
|
|
|
### What You Need
|
|
|
|
The RFP Scraper MCP requires:
|
|
- `RFP_API_KEY` - API key for authenticating requests
|
|
- `RFP_BASE_URL` - Base URL of the RFP scraping service
|
|
|
|
### Getting RFP Scraper Credentials
|
|
|
|
#### Option 1: Self-Hosted RFP Scraper
|
|
|
|
If you're running your own RFP scraping service:
|
|
|
|
1. **Get the API Key** from your RFP service admin panel or configuration
|
|
2. **Get the Base URL** - typically something like:
|
|
- `https://rfp.yourdomain.com`
|
|
- `https://rfp-service.example.com`
|
|
- `http://localhost:3000` (if local)
|
|
|
|
#### Option 2: Third-Party RFP Service
|
|
|
|
If using a commercial RFP discovery service:
|
|
|
|
1. Sign up for an account
|
|
2. Navigate to API/Developer settings
|
|
3. Generate an API key
|
|
4. Note the service endpoint URL
|
|
|
|
**Popular RFP Services:**
|
|
- **Bonfire** (https://www.bonfirehub.com) - RFP/Grant discovery platform
|
|
- **ProposalWorks** - RFP management
|
|
- **BidNet Direct** - Government RFP aggregation
|
|
- **Catch** - RFP aggregation service
|
|
|
|
### Example RFP_API_KEY Format
|
|
|
|
- Bonfire: `Bearer eyJhbGciOiJIUzI1NiIs...`
|
|
- Custom service: `mcpgw_rfp_abc123xyz789`
|
|
- Token-based: `token_1234567890abcdef`
|
|
|
|
---
|
|
|
|
## LinkedIn Configuration
|
|
|
|
### What You Need
|
|
|
|
The LinkedIn MCP requires:
|
|
- `LINKEDIN_ACCESS_TOKEN` - OAuth2 access token for LinkedIn API
|
|
- `LINKEDIN_API_KEY` - LinkedIn API key (enterprise)
|
|
|
|
### Getting LinkedIn Credentials
|
|
|
|
#### Step 1: Create a LinkedIn App
|
|
|
|
1. Go to **LinkedIn Developer Portal**: https://www.linkedin.com/developers/apps
|
|
2. Click **Create App**
|
|
3. Fill in the required fields:
|
|
- **App Name**: e.g., "MCP Gateway Job Search"
|
|
- **LinkedIn Page**: Select your company page
|
|
- **App Logo**: Upload a logo
|
|
- **Legal Agreement**: Accept terms
|
|
|
|
#### Step 2: Get Your API Credentials
|
|
|
|
After creating the app:
|
|
|
|
1. Go to the **Auth** tab
|
|
2. Find your **Client ID** and **Client Secret**
|
|
3. In the **Authorized redirect URLs** section, add:
|
|
```
|
|
http://10.0.0.25:4444/callback
|
|
https://mcp.wilddragon.net/callback
|
|
```
|
|
|
|
#### Step 3: Request API Access
|
|
|
|
LinkedIn requires specific API access. Submit requests for:
|
|
|
|
1. **Sign In with LinkedIn** - For authentication
|
|
2. **Share on LinkedIn** - If posting functionality needed
|
|
3. **LinkedIn Jobs Search** - For job search capabilities
|
|
|
|
Request these under the **Request access** tab.
|
|
|
|
#### Step 4: Generate Access Token
|
|
|
|
Option A - Using OAuth2 Flow:
|
|
|
|
```bash
|
|
# 1. Direct user to LinkedIn authorization
|
|
https://www.linkedin.com/oauth/v2/authorization?
|
|
response_type=code
|
|
&client_id=YOUR_CLIENT_ID
|
|
&redirect_uri=http://10.0.0.25:4444/callback
|
|
&scope=r_liteprofile%20r_emailaddress%20w_member_social
|
|
|
|
# 2. LinkedIn redirects with authorization code
|
|
# 3. Exchange code for access token:
|
|
curl -X POST https://www.linkedin.com/oauth/v2/accessToken \
|
|
-H "Content-Type: application/x-www-form-urlencoded" \
|
|
-d "grant_type=authorization_code" \
|
|
-d "code=YOUR_AUTHORIZATION_CODE" \
|
|
-d "redirect_uri=http://10.0.0.25:4444/callback" \
|
|
-d "client_id=YOUR_CLIENT_ID" \
|
|
-d "client_secret=YOUR_CLIENT_SECRET"
|
|
```
|
|
|
|
Option B - Using Personal Access Token (Enterprise):
|
|
|
|
If you have LinkedIn enterprise access:
|
|
|
|
1. Go to **Settings** → **Personal tokens**
|
|
2. Create a new token with required scopes
|
|
3. Copy the token immediately (it won't be shown again)
|
|
|
|
#### Step 5: Verify Your Token
|
|
|
|
Test your token with:
|
|
|
|
```bash
|
|
curl -X GET https://api.linkedin.com/v2/me \
|
|
-H "Authorization: Bearer YOUR_ACCESS_TOKEN"
|
|
```
|
|
|
|
Should return your LinkedIn profile info.
|
|
|
|
---
|
|
|
|
## Configuring the .env File
|
|
|
|
Once you have your credentials:
|
|
|
|
### Step 1: Edit .env
|
|
|
|
```bash
|
|
nano /sessions/vigilant-elegant-ramanujan/mnt/MCP\ Servers/mcp-gateway/.env
|
|
```
|
|
|
|
### Step 2: Add RFP Scraper Credentials
|
|
|
|
```env
|
|
# RFP Scraper MCP Server
|
|
RFP_API_KEY=your_actual_api_key_here
|
|
RFP_BASE_URL=https://rfp.yourdomain.com
|
|
```
|
|
|
|
### Step 3: Add LinkedIn Credentials
|
|
|
|
```env
|
|
# LinkedIn MCP Server
|
|
LINKEDIN_ACCESS_TOKEN=your_actual_access_token_here
|
|
LINKEDIN_API_KEY=your_actual_api_key_here
|
|
```
|
|
|
|
### Step 4: Optional - Gateway Static API Key
|
|
|
|
For testing without OAuth:
|
|
|
|
```env
|
|
GATEWAY_STATIC_API_KEY=your_static_test_key_here
|
|
```
|
|
|
|
### Step 5: Save and Exit
|
|
|
|
- Press `Ctrl+X` then `Y` then `Enter`
|
|
|
|
---
|
|
|
|
## Example .env Configuration
|
|
|
|
```env
|
|
# Gateway
|
|
GATEWAY_PORT=4444
|
|
GATEWAY_STATIC_API_KEY=mcpgw_test_key_12345
|
|
|
|
# OAuth 2.1 Configuration
|
|
OAUTH_ISSUER_URL=https://mcp.wilddragon.net
|
|
OAUTH_PASSWORD=your-Nv0SEJtFC&kmXri
|
|
OAUTH_ACCESS_TOKEN_TTL=3600
|
|
OAUTH_REFRESH_TOKEN_TTL=2592000
|
|
|
|
# ERPNext MCP Server
|
|
ERPNEXT_URL=https://erp.broadcastmgmt.cloud
|
|
ERPNEXT_API_KEY=74f38b21ba493c4
|
|
ERPNEXT_API_SECRET=ba3b39cfff13d7f
|
|
|
|
# TrueNAS MCP Server
|
|
TRUENAS_URL=https://true.wilddragon.net
|
|
TRUENAS_API_KEY=10-rKjEy58EHyfsKndMb4sFQkl0mrv2OX7eD2UUMde6is1fznPzliTjfUJWYGyjmLVv
|
|
|
|
# Home Assistant MCP Server
|
|
HASS_URL=https://haos.wilddragoncore.online
|
|
HASS_TOKEN=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJmODFhOTczMDI2YTU0OGEyYjZkMGUyYTM2ZmYzNmI0NiIsImlhdCI6MTc3NDY2NDQ0NiwiZXhwIjoyMDkwMDI0NDQ2fQ.h5KKm6nnuPcc6t5karUqalQyzHYDc1ekwNFIAkkrkjs
|
|
|
|
# Wave Finance MCP Server
|
|
WAVE_ACCESS_TOKEN=pNZZqeHicNLtsvEli6zDGCJ6uNnYUG
|
|
|
|
# Wave Finance OAuth
|
|
WAVE_CLIENT_ID=jWVuzSgq98ILhX23Az6J_wqpNWsGb3-OJFSgikeE
|
|
WAVE_CLIENT_SECRET=tYz1m8NOUd7z2eLx2Lem7pGGebcu7D4A3amWyZgJaoSozLYdTrrQJPK2jwOq7RQtFUAKQrk8b4klTgDmmJnMQ8TeAHvHNGEXLkhVT70MaXUPFYx6kZIvXLzPBn9XIiFb
|
|
|
|
# RFP Scraper MCP Server
|
|
RFP_API_KEY=your_rfp_api_key_here
|
|
RFP_BASE_URL=https://rfp.yourdomain.com
|
|
|
|
# LinkedIn MCP Server
|
|
LINKEDIN_ACCESS_TOKEN=your_linkedin_access_token_here
|
|
LINKEDIN_API_KEY=your_linkedin_api_key_here
|
|
```
|
|
|
|
---
|
|
|
|
## Deploying with New Credentials
|
|
|
|
### Step 1: Verify Credentials in .env
|
|
|
|
```bash
|
|
grep -E "RFP_|LINKEDIN_" /path/to/.env
|
|
```
|
|
|
|
You should see your actual values (not blank).
|
|
|
|
### Step 2: Rebuild Containers
|
|
|
|
```bash
|
|
cd /path/to/mcp-gateway
|
|
docker-compose down
|
|
docker-compose build
|
|
```
|
|
|
|
### Step 3: Start Services
|
|
|
|
```bash
|
|
docker-compose up -d
|
|
```
|
|
|
|
### Step 4: Check Logs
|
|
|
|
```bash
|
|
# Check if services started successfully
|
|
docker-compose logs rfpscraper-mcp
|
|
docker-compose logs linkedin-mcp
|
|
|
|
# Should NOT see "variable not set" warnings
|
|
```
|
|
|
|
### Step 5: Verify in Dashboard
|
|
|
|
Visit: `http://10.0.0.25:4444/dashboard`
|
|
|
|
Should show:
|
|
- ✅ RFP Scraper - Healthy (with tool count)
|
|
- ✅ LinkedIn - Healthy (with tool count)
|
|
|
|
---
|
|
|
|
## Troubleshooting
|
|
|
|
### "Connection refused" or "Failed to initialize"
|
|
|
|
1. **Check environment variables were saved**:
|
|
```bash
|
|
docker-compose config | grep -E "RFP_|LINKEDIN_"
|
|
```
|
|
|
|
2. **Check containers are running**:
|
|
```bash
|
|
docker-compose ps | grep -E "rfpscraper|linkedin"
|
|
```
|
|
|
|
3. **Check service logs**:
|
|
```bash
|
|
docker-compose logs rfpscraper-mcp --tail=50
|
|
```
|
|
|
|
### "Invalid API key" or "Authentication failed"
|
|
|
|
1. **Verify the credential format** - Check the service documentation
|
|
2. **Ensure no extra spaces** - Credentials should not have leading/trailing whitespace
|
|
3. **Check token expiration** - Some tokens expire after a period
|
|
4. **Regenerate if needed** - Get a fresh token from the service
|
|
|
|
### RFP Service not responding
|
|
|
|
1. **Verify RFP_BASE_URL** - Should be accessible from the gateway container
|
|
2. **Check network connectivity**:
|
|
```bash
|
|
docker-compose exec gateway-mcp ping rfp.yourdomain.com
|
|
```
|
|
3. **Check firewall rules** - Ensure port 443 (or service port) is not blocked
|
|
|
|
### LinkedIn API not working
|
|
|
|
1. **Verify Token Scope** - Ensure token has required scopes
|
|
2. **Check Token Expiration** - LinkedIn tokens may expire
|
|
3. **Verify App Permissions** - Check LinkedIn app has necessary API access approved
|
|
|
|
---
|
|
|
|
## Security Best Practices
|
|
|
|
1. **Never commit .env to version control** - Add to `.gitignore`
|
|
2. **Rotate credentials periodically** - Regenerate API keys every 90 days
|
|
3. **Use environment variables** - Never hardcode credentials
|
|
4. **Limit token scope** - Request only necessary permissions
|
|
5. **Monitor usage** - Check API usage logs for suspicious activity
|
|
6. **Use separate tokens** - Consider separate keys for development/production
|
|
|
|
---
|
|
|
|
## Next Steps
|
|
|
|
1. ✅ Obtain API credentials for RFP Scraper
|
|
2. ✅ Obtain API credentials for LinkedIn
|
|
3. ✅ Update .env file with actual values
|
|
4. ✅ Rebuild and restart Docker containers
|
|
5. ✅ Verify services are healthy in dashboard
|
|
6. ✅ Grant users access to new MCPs in user management
|
|
|
|
Once configured, your gateway will have access to job search and professional networking capabilities!
|