MCP API
Complete API reference for the MCP Gateway — servers, tools, policies, approvals, proxy.
All MCP endpoints require API-key authentication (Authorization: Bearer {project_api_key}).
Servers
List servers
GET /api/v1/mcp/serversReturns all registered MCP servers for the project with tool count.
Register a server
POST /api/v1/mcp/servers{
"name": "GitHub MCP Server",
"server_url": "https://mcp.github.com/sse",
"connector_type": "custom",
"description": "Optional description",
"is_proxied": true
}Update a server
PATCH /api/v1/mcp/servers/{id}Fields: name, description, status, auth_method, auth_config.
Delete a server
DELETE /api/v1/mcp/servers/{id}Cascades to this server's tools and policies.
Scan tools
POST /api/v1/mcp/servers/{id}/scanConnects to the MCP server, discovers tools, computes description hashes, classifies risk levels.
List server tools
GET /api/v1/mcp/servers/{id}/toolsReturns all discovered tools with risk levels, poisoning flags, and categories.
Proxy
Forward a tool call
POST /api/v1/mcp/proxy/{server_id}Accepts any JSON-RPC 2.0 request. For the tools/call method, the following checks run:
- Server status check (BLOCKED → reject)
- Tool poisoning check (flagged → reject)
- Policy evaluation (DENY/REQUIRE_APPROVAL → reject)
- Budget check (exceeded → reject)
- Forward to MCP server
- Create a trace with
traceType: MCP_TOOL_CALL
Non-tool-call methods (initialize, tools/list) pass through without policy evaluation.
Error codes:
| Code | Meaning |
|---|---|
-32001 | Server blocked by policy |
-32002 | Tool flagged as poisoning suspect |
-32003 | Tool denied by policy |
-32004 | Tool requires approval |
-32005 | Budget exceeded |
-32006 | MCP server error |
-32007 | MCP server unreachable |
Policies
List policies
GET /api/v1/mcp/policiesCreate a policy
POST /api/v1/mcp/policies{
"action": "DENY",
"mcp_tool_id": "clxyz...",
"agent_id": "agent_123",
"reason": "Shell execution not allowed"
}All fields except action are optional. Valid actions: ALLOW, DENY, REQUIRE_APPROVAL, LOG_ONLY.
Delete a policy
DELETE /api/v1/mcp/policies/{id}Approvals
List pending
GET /api/v1/mcp/approvalsReturns only PENDING approvals that have not yet expired.
Decide
POST /api/v1/mcp/approvals/{id}/decide{ "approved": true, "comment": "Reviewed — one-time access granted" }Templates
List templates
GET /api/v1/mcp/templatesReturns available connector templates (Salesforce, Copilot, ServiceNow).
Create from template
POST /api/v1/mcp/servers/from-template{ "template": "salesforce", "name": "Our Salesforce", "server_url": "https://..." }Creates server + auto-generated policies in a single call.
Emergency Stop
POST /api/v1/mcp/emergency-stop{ "scope": "all", "reason": "Security incident" }Scopes: all (block all servers), server (block a specific server, target_id required), agent (lock all tools for an agent, target_id required). Expires all pending approvals. Creates a Flare-attested audit trace.