> ## Documentation Index
> Fetch the complete documentation index at: https://docs.golf.dev/llms.txt
> Use this file to discover all available pages before exploring further.

# Quick Start

> Deploy Golf Gateway and start protecting MCP traffic in 20 minutes

This guide walks you through deploying and verifying Golf Gateway connected to your Control Plane. By the end, you'll have a working gateway that securely routes MCP traffic between your client and server.

## What you'll learn

* How Golf Gateway sits between MCP clients and servers
* How to create a gateway in the Golf Control Plane
* How to deploy the gateway with Docker
* How to verify traffic is flowing through the gateway

## Before You Begin

Before starting, make sure you have:

* Docker and Docker Compose (optional) installed
* An MCP client (Claude Desktop, Cursor, or similar)
* Access to your organization's Golf Control Plane
* 20 minutes

<Steps>
  <Step title="Log In to the Control Plane">
    Navigate to your organization's Golf Control Plane and log in with your credentials.

    Enterprise customers receive their Control Plane URL and credentials during onboarding. If you don't have access yet, contact your organization's administrator.

    **Checkpoint**: You can see your organization's Control Plane after logging in.
  </Step>

  <Step title="Create Your First Gateway">
    From the Control Plane, create a new gateway:

    1. Click **Add Gateway** in the top navigation
    2. Enter a name for your gateway (e.g., `my-first-gateway`)
    3. Select your deployment region
    4. Click **Create Gateway**

    After creation, the Control Plane displays your gateway's credentials:

    * **Gateway ID**: A unique identifier for your gateway
    * **API Key**: The secret key used to authenticate the gateway

    <Warning>
      Copy and save your API key now. It is only shown once and cannot be retrieved later.
    </Warning>

    **Checkpoint**: Your gateway appears in the Control Plane with a **Pending** status.
  </Step>

  <Step title="Deploy the Gateway with Docker">
    Create a `docker-compose.yml` file with the following content:

    ```yaml title="docker-compose.yml" theme={null}
    version: "3.8"
    services:
      redis:
        image: redis:7-alpine
        ports:
          - "6379:6379"
        healthcheck:
          test: ["CMD", "redis-cli", "ping"]
          interval: 10s
          timeout: 5s
          retries: 3

      golf-gateway:
        image: ghcr.io/golf-mcp/golf-gateway-backend:latest
        ports:
          - "8080:8080"
        environment:
          GOLF_GATEWAY_ID: <your-gateway-id>
          GOLF_GATEWAY_API_KEY: <your-api-key>
          GOLF_GATEWAY_CONTROL_PLANE_URL: https://api.golf.dev
          GOLF_CACHE_REDIS_URL: redis://redis:6379/0
        depends_on:
          redis:
            condition: service_healthy
    ```

    Replace `<your-gateway-id>` and `<your-api-key>` with the values from the previous step.

    Start the gateway:

    ```bash title="Terminal" theme={null}
    docker compose up -d
    ```

    Verify the gateway is healthy:

    ```bash title="Terminal" theme={null}
    curl http://localhost:8080/health
    ```

    Expected response:

    ```json theme={null}
    {"status": "healthy", "redis": "ok", "redis_circuit_breaker": "closed", "database": "ok", "upstreams": "1 configured", "http_client": "ok"}
    ```

    **Checkpoint**: The health check returns `healthy` and your gateway shows **Active** in the Golf Control Plane.
  </Step>

  <Step title="Add an MCP Server">
    Now configure an MCP server to route traffic through your gateway:

    1. In the Control Plane, click **MCP Servers** in the sidebar
    2. Click **Add Server**
    3. Fill in the server details:
       * **Name**: A descriptive name (e.g., "Demo Server")
       * **URL**: The MCP server endpoint (e.g., `https://demo.mcp.run/sse` for testing)
       * **Description**: Optional description of what the server provides
    4. Select which gateway should route to this server
    5. Select the **Server Type**:
       * **In-House**: Your organization's MCP servers
       * **Third Party**: External vendor MCP servers
    6. Click **Save**

    **Checkpoint**: The server appears in your servers list.
  </Step>

  <Step title="Connect Your MCP Client">
    The Control Plane generates client-specific connection instructions for you:

    1. Navigate to the server you just added
    2. Click **Connection Instructions**
    3. Select your MCP client (Claude Desktop, Cursor, Windsurf, etc.)
    4. Copy the generated configuration
    5. Add it to your client's configuration file
    6. Restart your MCP client

    **Checkpoint**: After restarting your client, tools from the MCP server appear in your client's available tools.
  </Step>

  <Step title="See Security in Action">
    Now test that traffic flows through your gateway with security analysis:

    1. In your MCP client, use one of the tools from the connected server
    2. Return to the Control Plane
    3. Navigate to **Audit Logs** in the sidebar
    4. Find your recent session

    You'll see:

    * The request and response details
    * Security analysis results (threat score)
    * User and session information
    * Timing and performance data

    **Checkpoint**: You can see your request in the logs with security analysis attached.
  </Step>
</Steps>

## Next Steps

Now that you have a working gateway, learn how to enhance its security:

<CardGroup cols={2}>
  <Card title="Configure PII Scrubbing" icon="shield-halved" href="/gateway/guides/security/configure-pii-scrubbing">
    Mask sensitive data in logs automatically
  </Card>

  <Card title="Set Up Access Control" icon="users" href="/gateway/guides/security/setup-server-rbac">
    Control who can access which servers
  </Card>

  <Card title="Export Audit Logs" icon="file-export" href="/gateway/guides/audit-trail/export-to-elasticsearch">
    Send logs to your SIEM for compliance
  </Card>

  <Card title="Configure SSO" icon="key" href="/gateway/guides/identity-providers/sso-connections">
    Add OAuth/OIDC authentication
  </Card>
</CardGroup>

For a deeper understanding of the concepts:

* **[Control Plane](/gateway/overview/control-plane)** - Centralized management and configuration
* **[Golf Gateway](/gateway/overview/golf-gateway)** - How the gateway processes traffic