Skip to main content

The #1 agentic semantic tool search: 91.6% first-try accuracy on S1 Search Bench Explore Tool Discovery

MCP Gateway

MCP Gateway
for Goose

One MCP gateway to connect Goose to 310+ enterprise SaaS apps. No auth hassle. Token-efficient by design. Security and governance built-in.

Start Free Setup guide →
DrataGPLocalyzeFlipMindtoolsScreenloop

What is an MCP gateway?

An MCP gateway (also called an MCP aggregator) is a single endpoint that connects an AI agent to multiple MCP servers via the open Model Context Protocol (opens in new tab). Some gateways act as proxies, routing traffic to MCP servers customers operate themselves. Others provide the underlying MCP servers as a managed service.

StackOne is the managed kind. We provide pre-built MCP servers for 310+ enterprise SaaS apps, including ones with no official MCP server today. For each app you connect, StackOne provides the MCP protocol layer, the SaaS API integration, action coverage, and the auth orchestration framework. Authentication is configured per app per organization — your team registers OAuth credentials with the SaaS provider, links them in StackOne, and end users then authorize access through that flow. Once set up, the agent reaches every connected app through one URL, with token storage, refresh, and per-user scoping handled by StackOne.

StackOne's MCP gateway — SOC2, HIPAA, CCPA, and GDPR compliant — bundles 310+ pre-built SaaS integrations exposing 20,000+ actions, all reachable from Goose, Claude Desktop, Claude Code, or Cursor through one URL.

Connect Goose
To All Your Apps via One MCP

Simplify your Goose MCP server setup
with the StackOne MCP gateway.

Coverage

310+ connectors.
20,000+ tested actions.

Every action is built and maintained by StackOne, tested against the live API, and updated when vendors change their endpoints.

Browse all connectors

Trust

Auth & governance,
simplified.

StackOne handles OAuth, API keys, refresh, and scopes for every connector, giving enterprise IT full control through auth configs in a multi-tenant setup.

Agent Auth

Performance

Agent context window,
managed.

Tool Discovery and Code Mode keep Goose's context lean — only relevant actions, no raw response noise. Sharper agents, lower token costs.

Tools Discovery

Security

Agent security,
built in.

Defender scans every MCP tool response for prompt injection in real time. Up to 97.44%¹ detection, 0.2% false positives. SOC2, HIPAA, CCPA, GDPR compliant.

Prompt Injection Defense

¹ Jayavibhav test, 65,000 samples.

Connect Goose
In 4 Steps

From auth config to first agent tool call in 5 minutes.

1

Run goose configure to add StackOne.

One CLI wizard. Available in your next Goose session.

Terminal 
$ goose configure

? What would you like to configure?
   Add Extension
? Extension type: Remote (HTTP)
? Endpoint: https://api.stackone.com/mcp/{...}

 Added "stackone" extension
 310+ tools available next session
View setup guide (opens in new tab)
2

Connect each SaaS integration in StackOne.

OAuth or API key per app, done once in your dashboard. Tokens stay server-side.

salesforce
workday
hubspot
slack
zendesk
Browse all connectors
3

Scope agent actions.

Read-only, specific objects, or per-role exposure. Toggle from the StackOne dashboard.

List orders (enabled)
Get order (enabled)
Read inventory (enabled)
Refund order (disabled)
Cancel order (disabled)
Agent Auth
4

Ask Goose in plain English.

StackOne maps your prompt to the right action in the right system. Done.

"Find yesterday's Shopify VIP orders awaiting fulfillment and notify #fulfillment in Slack."

Goose
shopify_list_orders
Completed
slack_send_message
Completed
channel: #fulfillment
message: 3 VIP orders awaiting fulfillment. Top: order #4892 ($1,240, ordered 14h ago).

Found 3 unshipped Shopify VIP orders from yesterday and posted to #fulfillment in Slack.

Anthropic Haiku 4.5

Unlock More Use Cases
with Goose

Supercharge Goose with your enterprise stack.

HR & People Ops

> Pull Personio new hires this week and check their onboarding completion in Notion.

UKG ReadyWorkday (Rest and Soap)FactorialHiBobOracle Fusion HCMHumaansSAP SuccessFactorsClockify
Recruiting

> Surface SmartRecruiters candidates in final stages and draft offer-prep summaries for each.

JobAdderVincereSmartRecruitersAshbyFactorialHiBobSAP SuccessFactorsTeamtailor
Sales & CRM

> Forecast SugarCRM pipeline and flag deals slipping past their close date.

SalesforceZoho CRMPipedriveFreshsalesHubSpotPardotCloseJustCall
Support

> Triage Front support inboxes by SLA and route VIPs to the right team.

IntercomSurveyMonkeyFreshserviceServiceNowFreshdeskGorgiasDiscourseDixa
Explore more AI agent use cases

Connect any Desktop AI Agent
to the StackOne MCP Gateway

Same 310+ MCP servers. Pick your client.

Claude Desktop
Claude Code
Cursor

Frequently Asked Questions

Connecting Goose to the StackOne MCP gateway is one CLI command: run goose configure and follow the wizard to add the StackOne extension with your Base64 API key and account ID. Start your next session and 310+ pre-built SaaS connectors are reachable through one connection. Full walkthrough in the Goose setup guide.
An MCP gateway (also called an MCP aggregator) is a single endpoint that connects an AI agent to multiple MCP servers via the Model Context Protocol. Some gateways route traffic to MCP servers customers operate themselves; others provide the MCP servers as a managed service. StackOne is the managed kind — we provide pre-built MCP servers for 310+ enterprise SaaS apps, including ones with no official MCP server today. Authentication is configured per app per organization: your team registers OAuth credentials with the SaaS provider, links them in StackOne, and end users authorize access through that flow. Once set up, the agent reaches every connected app through one URL.
Goose can access enterprise SaaS like Salesforce, Workday, HubSpot, Greenhouse, Zendesk, NetSuite, ServiceNow, Stripe, and Notion through the StackOne MCP gateway — 310+ pre-built connectors in total. New connectors ship continuously, and you can build custom ones with AI Integration Builder. See all connectors.
You'd connect Goose to one MCP server per app — each with its own setup, its own auth flow, and its own tool definitions sitting in your context. StackOne replaces those N connections with one gateway URL: 310+ apps reachable through a single connection, auth managed once in the dashboard, and tool definitions loaded only when relevant to the prompt.
Credentials sit at three layers: your StackOne API key (Base64-encoded in ~/.config/goose/config.yaml on your machine, written by goose configure), SaaS connector credentials (server-side in your StackOne dashboard), and per-user OAuth or session tokens (server-side, scoped per user). StackOne stores OAuth tokens and API keys, refreshes them automatically, and only exposes the actions you've authorized to the agent.
Skip the StackOne MCP gateway when any of these is true:
  • An existing first-party or third-party MCP server covers your apps, no tool extension needed
  • You only use a handful of actions across a few apps
  • You don't need multi-tenancy, per-user permissions, or per-action scoping
  • Indirect prompt injection isn't a concern
  • Your MCP provider already does tool discovery and server-side execution to keep the agent context lean

Connect All Your Apps to Goose.

One MCP gateway, 310+ pre-built SaaS connectors. Set up in 5 minutes.

Start Free Book Demo