mcp-servers/mcp-gateway/API_CREDENTIALS_SETUP.md

API Credentials Setup Guide

This guide explains how to obtain and configure API credentials for RFP Scraper and LinkedIn MCPs.

RFP Scraper Configuration

What You Need

The RFP Scraper MCP requires:

• RFP_API_KEY - API key for authenticating requests
• RFP_BASE_URL - Base URL of the RFP scraping service

Getting RFP Scraper Credentials

Option 1: Self-Hosted RFP Scraper

If you're running your own RFP scraping service:

1. Get the API Key from your RFP service admin panel or configuration
2. Get the Base URL - typically something like:
   • https://rfp.yourdomain.com
   • https://rfp-service.example.com
   • http://localhost:3000 (if local)

Option 2: Third-Party RFP Service

If using a commercial RFP discovery service:

1. Sign up for an account
2. Navigate to API/Developer settings
3. Generate an API key
4. Note the service endpoint URL

Popular RFP Services:

• Bonfire (https://www.bonfirehub.com) - RFP/Grant discovery platform
• ProposalWorks - RFP management
• BidNet Direct - Government RFP aggregation
• Catch - RFP aggregation service

Example RFP_API_KEY Format

• Bonfire: Bearer eyJhbGciOiJIUzI1NiIs...
• Custom service: mcpgw_rfp_abc123xyz789
• Token-based: token_1234567890abcdef

---

LinkedIn Configuration

What You Need

The LinkedIn MCP requires:

• LINKEDIN_ACCESS_TOKEN - OAuth2 access token for LinkedIn API
• LINKEDIN_API_KEY - LinkedIn API key (enterprise)

Getting LinkedIn Credentials

Step 1: Create a LinkedIn App

1. Go to LinkedIn Developer Portal: https://www.linkedin.com/developers/apps
2. Click Create App
3. Fill in the required fields:
   • App Name: e.g., "MCP Gateway Job Search"
   • LinkedIn Page: Select your company page
   • App Logo: Upload a logo
   • Legal Agreement: Accept terms

Step 2: Get Your API Credentials

After creating the app:

1. Go to the Auth tab
2. Find your Client ID and Client Secret
3. In the Authorized redirect URLs section, add:

   http://10.0.0.25:4444/callback
   https://mcp.wilddragon.net/callback
   

Step 3: Request API Access

LinkedIn requires specific API access. Submit requests for:

1. Sign In with LinkedIn - For authentication
2. Share on LinkedIn - If posting functionality needed
3. LinkedIn Jobs Search - For job search capabilities

Request these under the Request access tab.

Step 4: Generate Access Token

Option A - Using OAuth2 Flow:

# 1. Direct user to LinkedIn authorization
https://www.linkedin.com/oauth/v2/authorization?
  response_type=code
  &client_id=YOUR_CLIENT_ID
  &redirect_uri=http://10.0.0.25:4444/callback
  &scope=r_liteprofile%20r_emailaddress%20w_member_social

# 2. LinkedIn redirects with authorization code
# 3. Exchange code for access token:
curl -X POST https://www.linkedin.com/oauth/v2/accessToken \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -d "grant_type=authorization_code" \
  -d "code=YOUR_AUTHORIZATION_CODE" \
  -d "redirect_uri=http://10.0.0.25:4444/callback" \
  -d "client_id=YOUR_CLIENT_ID" \
  -d "client_secret=YOUR_CLIENT_SECRET"

Option B - Using Personal Access Token (Enterprise):

If you have LinkedIn enterprise access:

1. Go to Settings → Personal tokens
2. Create a new token with required scopes
3. Copy the token immediately (it won't be shown again)

Step 5: Verify Your Token

Test your token with:

curl -X GET https://api.linkedin.com/v2/me \
  -H "Authorization: Bearer YOUR_ACCESS_TOKEN"

Should return your LinkedIn profile info.

---

Configuring the .env File

Once you have your credentials:

Step 1: Edit .env

nano /sessions/vigilant-elegant-ramanujan/mnt/MCP\ Servers/mcp-gateway/.env

Step 2: Add RFP Scraper Credentials

# RFP Scraper MCP Server
RFP_API_KEY=your_actual_api_key_here
RFP_BASE_URL=https://rfp.yourdomain.com

Step 3: Add LinkedIn Credentials

# LinkedIn MCP Server
LINKEDIN_ACCESS_TOKEN=your_actual_access_token_here
LINKEDIN_API_KEY=your_actual_api_key_here

Step 4: Optional - Gateway Static API Key

For testing without OAuth:

GATEWAY_STATIC_API_KEY=your_static_test_key_here

Step 5: Save and Exit

• Press Ctrl+X then Y then Enter

---

Example .env Configuration

# Gateway
GATEWAY_PORT=4444
GATEWAY_STATIC_API_KEY=mcpgw_test_key_12345

# OAuth 2.1 Configuration
OAUTH_ISSUER_URL=https://mcp.wilddragon.net
OAUTH_PASSWORD=your-Nv0SEJtFC&kmXri
OAUTH_ACCESS_TOKEN_TTL=3600
OAUTH_REFRESH_TOKEN_TTL=2592000

# ERPNext MCP Server
ERPNEXT_URL=https://erp.broadcastmgmt.cloud
ERPNEXT_API_KEY=74f38b21ba493c4
ERPNEXT_API_SECRET=ba3b39cfff13d7f

# TrueNAS MCP Server
TRUENAS_URL=https://true.wilddragon.net
TRUENAS_API_KEY=10-rKjEy58EHyfsKndMb4sFQkl0mrv2OX7eD2UUMde6is1fznPzliTjfUJWYGyjmLVv

# Home Assistant MCP Server
HASS_URL=https://haos.wilddragoncore.online
HASS_TOKEN=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJmODFhOTczMDI2YTU0OGEyYjZkMGUyYTM2ZmYzNmI0NiIsImlhdCI6MTc3NDY2NDQ0NiwiZXhwIjoyMDkwMDI0NDQ2fQ.h5KKm6nnuPcc6t5karUqalQyzHYDc1ekwNFIAkkrkjs

# Wave Finance MCP Server
WAVE_ACCESS_TOKEN=pNZZqeHicNLtsvEli6zDGCJ6uNnYUG

# Wave Finance OAuth
WAVE_CLIENT_ID=jWVuzSgq98ILhX23Az6J_wqpNWsGb3-OJFSgikeE
WAVE_CLIENT_SECRET=tYz1m8NOUd7z2eLx2Lem7pGGebcu7D4A3amWyZgJaoSozLYdTrrQJPK2jwOq7RQtFUAKQrk8b4klTgDmmJnMQ8TeAHvHNGEXLkhVT70MaXUPFYx6kZIvXLzPBn9XIiFb

# RFP Scraper MCP Server
RFP_API_KEY=your_rfp_api_key_here
RFP_BASE_URL=https://rfp.yourdomain.com

# LinkedIn MCP Server
LINKEDIN_ACCESS_TOKEN=your_linkedin_access_token_here
LINKEDIN_API_KEY=your_linkedin_api_key_here

---

Deploying with New Credentials

Step 1: Verify Credentials in .env

grep -E "RFP_|LINKEDIN_" /path/to/.env

You should see your actual values (not blank).

Step 2: Rebuild Containers

cd /path/to/mcp-gateway
docker-compose down
docker-compose build

Step 3: Start Services

docker-compose up -d

Step 4: Check Logs

# Check if services started successfully
docker-compose logs rfpscraper-mcp
docker-compose logs linkedin-mcp

# Should NOT see "variable not set" warnings

Step 5: Verify in Dashboard

Visit: http://10.0.0.25:4444/dashboard

Should show:

• ✅ RFP Scraper - Healthy (with tool count)
• ✅ LinkedIn - Healthy (with tool count)

---

Troubleshooting

"Connection refused" or "Failed to initialize"

1. Check environment variables were saved:

   docker-compose config | grep -E "RFP_|LINKEDIN_"
   

2. Check containers are running:

   docker-compose ps | grep -E "rfpscraper|linkedin"
   

3. Check service logs:

   docker-compose logs rfpscraper-mcp --tail=50
   

"Invalid API key" or "Authentication failed"

1. Verify the credential format - Check the service documentation
2. Ensure no extra spaces - Credentials should not have leading/trailing whitespace
3. Check token expiration - Some tokens expire after a period
4. Regenerate if needed - Get a fresh token from the service

RFP Service not responding

1. Verify RFP_BASE_URL - Should be accessible from the gateway container
2. Check network connectivity:

   docker-compose exec gateway-mcp ping rfp.yourdomain.com
   

3. Check firewall rules - Ensure port 443 (or service port) is not blocked

LinkedIn API not working

1. Verify Token Scope - Ensure token has required scopes
2. Check Token Expiration - LinkedIn tokens may expire
3. Verify App Permissions - Check LinkedIn app has necessary API access approved

---

Security Best Practices

1. Never commit .env to version control - Add to .gitignore
2. Rotate credentials periodically - Regenerate API keys every 90 days
3. Use environment variables - Never hardcode credentials
4. Limit token scope - Request only necessary permissions
5. Monitor usage - Check API usage logs for suspicious activity
6. Use separate tokens - Consider separate keys for development/production

---

Next Steps

1. ✅ Obtain API credentials for RFP Scraper
2. ✅ Obtain API credentials for LinkedIn
3. ✅ Update .env file with actual values
4. ✅ Rebuild and restart Docker containers
5. ✅ Verify services are healthy in dashboard
6. ✅ Grant users access to new MCPs in user management

Once configured, your gateway will have access to job search and professional networking capabilities!