Troubleshooting
Common issues and how to resolve them.
"No matching route"
The routing engine couldn't find a rule matching the tool call in the resolved workspace.
Check the workspace CWD. MCPlexer resolves the workspace by matching the client's working directory against workspace root_path values. If the wrong workspace is selected, the expected routes won't be available.
Check route priority. Routes are evaluated in priority order (highest first). A deny rule with higher priority may be blocking your tool call before a lower-priority allow rule is reached.
Use dry-run. Simulate the exact tool call to see the routing decision:
The dry-run output shows which rules were evaluated and why each did or didn't match.
Check the workspace default policy. If no route matches and the workspace has default_policy: "deny", the call is blocked. Set it to "allow" for development or add an explicit allow rule.
"Connection refused"
The client can't connect to the MCPlexer daemon or HTTP server.
Check if the daemon is running:
If stopped, start it:
Check the socket path. The daemon communicates over a Unix socket at /tmp/mcplexer.sock. Verify it exists and has the correct permissions:
If the socket file is stale (left over from a crashed process), remove it and restart:
Check the port. If using HTTP mode, verify the port isn't already in use:
"OAuth token expired"
OAuth tokens have a limited lifetime. When a token expires, tool calls using that auth scope will fail.
Check token status:
Automatic refresh. MCPlexer automatically refreshes tokens using the refresh token if one was provided during authorization. If refresh fails, you need to re-authorize manually.
Re-authorize:
This opens the OAuth flow again. Once complete, the new token is stored and tool calls resume.
Token monitoring
The Dashboard shows OAuth token status for each auth scope. Expired tokens are highlighted so you can spot them quickly.
"Tool not found"
The requested tool doesn't exist in MCPlexer's tool registry.
Check the namespace prefix. All tools are namespaced as {namespace}__{toolname}. Make sure the client is using the full namespaced name:
Run tool discovery. If the downstream server was recently added or updated, its tools may not be registered yet:
Check if the server is disabled. Disabled downstream servers don't expose their tools. Verify the server is enabled in the web UI under Config > Downstream Servers or via the API.
Check the downstream server is reachable. If the downstream process crashes during discovery, no tools are registered. Check logs for startup errors.
Debug Logging
Enable verbose logging to see the full request lifecycle — workspace resolution, route matching, auth injection, and downstream dispatch.
For the daemon:
Debug output includes:
- Workspace resolution details (CWD matching, selected workspace)
- Route evaluation steps (which rules matched/skipped and why)
- Auth scope injection (which env vars were set)
- Downstream process lifecycle (start, stop, crash, restart)
- Cache hit/miss decisions
Common CLI Issues
Config file not found. MCPlexer looks for ~/.mcplexer/mcplexer.yaml by default. Override with MCPLEXER_CONFIG:
Database locked. Only one MCPlexer process can write to the SQLite database at a time. If you see "database is locked" errors, check for other running instances:
Permission denied. Ensure the MCPlexer binary has execute permissions and the ~/.mcplexer/ directory is writable by the current user.