Skip to main content
FrontMCP can dynamically load npm packages at runtime and register their tools, resources, and prompts alongside your local apps. Packages are fetched from a CDN, cached locally (memory + disk), and executed in-process — with optional background polling for automatic updates.

Three App Types

FrontMCP supports three ways to compose apps:
TypeDeclarationExecutionUse Case
Local@App classIn-processFirst-party code you own
ESM PackageApp.esm()In-processCommunity or internal npm packages
RemoteApp.remote()HTTP proxyExternal MCP servers
import { FrontMcp, App } from '@frontmcp/sdk';

@FrontMcp({
  info: { name: 'Platform', version: '1.0.0' },
  apps: [
    CrmApp,                                        // Local app
    App.esm('@acme/analytics@^2.0.0'),             // ESM package
    App.remote('https://ext.example.com/mcp'),     // Remote app
  ],
})
export default class Server {}

Key Capabilities

  1. Dynamic Loading — Import npm packages at server startup via App.esm() without bundling them into your build
  2. Two-Tier Caching — In-memory + disk cache with configurable TTL for fast startup and offline resilience
  3. Version Polling — Background semver-aware polling with automatic hot-reload when new versions are published
  4. Private Registries — Token-based authentication for private npm registries and custom CDN endpoints
  5. Browser Support — Same App.esm() API works in browser environments with in-memory-only caching

Minimal Example

import { FrontMcp, App } from '@frontmcp/sdk';

@FrontMcp({
  info: { name: 'My Server', version: '1.0.0' },
  apps: [
    App.esm('@acme/mcp-tools@^1.0.0', {
      namespace: 'acme',
      autoUpdate: { enabled: true },
    }),
  ],
})
export default class Server {}

Next Steps

ESM Packages Reference

Full API reference for App.esm(), caching, auth, and configuration

Publishing ESM Packages

Create and publish npm packages loadable by FrontMCP servers

CLI Reference

Manage ESM packages with frontmcp package esm-update

ESM Errors

Error classes for loading, caching, and authentication failures