Kong · Schema
AiMcpProxyPluginConfig
API GatewayAI GatewayAI ConnectivityAgent GatewayEvent GatewayMCP RegistryService MeshLLMKafkaKonnectOpen Source
Properties
| Name | Type | Description |
|---|---|---|
| config | object | |
| name | object | |
| protocols | array | A set of strings representing HTTP protocols. |
| route | object | If set, the plugin will only activate when receiving requests via the specified route. Leave unset for the plugin to activate regardless of the route being used. |
| service | object | If set, the plugin will only activate when receiving requests via one of the routes belonging to the specified Service. Leave unset for the plugin to activate regardless of the Service being matched. |
JSON Schema
{
"$schema": "https://json-schema.org/draft/2020-12/schema",
"$id": "#/components/schemas/AiMcpProxyPluginConfig",
"title": "AiMcpProxyPluginConfig",
"x-speakeasy-entity": "PluginAiMcpProxy",
"properties": {
"config": {
"type": "object",
"properties": {
"access_token_claim_field": {
"description": "The claim in the OAuth2 access token to use as the subject for ACL evaluation when 'acl_attribute_type' is set to 'oauth_access_token'. Nested claim can be fetched by using a jq filter starts with dot, e.g., \".user.email\": https://jqlang.org/manual/#object-identifier-index.",
"type": "string",
"minLength": 1
},
"acl_attribute_type": {
"description": "The type of attributes that ACL is evaluated with. Should only be configured on listener modes, not conversion-only.",
"type": "string",
"default": "consumer",
"enum": [
"consumer",
"oauth_access_token"
]
},
"consumer_identifier": {
"description": "Which subject type entries in ACL lists refer to for per-consumer matching. Should only be configured on listener modes, not conversion-only.",
"type": "string",
"default": "username",
"enum": [
"consumer_id",
"custom_id",
"username"
]
},
"default_acl": {
"description": "Optional list of default ACL rules keyed by scope (for example: tools).",
"type": "array",
"items": {
"description": "Default ACL entry for the given scope. `deny` has higher precedence than `allow`.",
"properties": {
"allow": {
"description": "Subjects (e.g. Consumer name, Consumer Groups, or Claim values depending on configuration) explicitly allowed to access this scope.",
"type": "array",
"items": {
"type": "string"
}
},
"deny": {
"description": "Subjects (e.g. Consumer name, Consumer Groups, or Claim values depending on configuration) explicitly denied from this scope. `deny` takes precedence over `allow`.",
"type": "array",
"items": {
"type": "string"
}
},
"scope": {
"description": "Scope for this default ACL entry (for example: 'tools'). Defaults to 'tools'.",
"type": "string",
"default": "tools"
}
},
"type": "object"
}
},
"include_consumer_groups": {
"description": "If enabled (true), allows Consumer Group names to be used in default and per-primitive ACL. Should only be configured on listener modes, not conversion-only.",
"type": "boolean",
"default": false
},
"logging": {
"type": "object",
"properties": {
"log_audits": {
"description": "If true, emit audit logs for ACL evaluations.",
"type": "boolean",
"default": false
},
"log_payloads": {
"description": "If enabled, will log the request and response body into the Kong log plugin(s) output.",
"type": "boolean",
"default": false
},
"log_statistics": {
"description": "If enabled, will add mcp metrics into the Kong log plugin(s) output.",
"type": "boolean",
"default": false
}
}
},
"max_request_body_size": {
"description": "max allowed body size allowed to be handled as MCP request. 0 means unlimited, but the size of this body will still be limited by Nginx's client_max_body_size.",
"type": "integer",
"default": 1048576
},
"mode": {
"description": "The mode of the MCP proxy. Possible values are: 'passthrough-listener', 'conversion-listener', 'conversion-only', 'listener'.",
"type": "string",
"enum": [
"conversion-listener",
"conversion-only",
"listener",
"passthrough-listener"
]
},
"server": {
"type": "object",
"properties": {
"forward_client_headers": {
"description": "Whether to forward the client request headers to the upstream server when calling the tools.",
"type": "boolean",
"default": true
},
"session": {
"description": "Enable managed session when Kong responds as MCP server in listener or conversion-listener modes. This doesn't affect the passthrough-listener mode as the state in that mode is maintained by the upstream MCP servers.",
"type": "object",
"properties": {
"client": {
"description": "The configuration for client-side session storage.",
"type": "object",
"properties": {
"secrets": {
"description": "The secrets that are used in session encryption. Required when the strategy is 'client'. The first secret is used for encryption, while all secrets are used for decryption to support key rotation.",
"type": "array",
"items": {
"minLength": 8,
"type": "string",
"x-encrypted": true,
"x-referenceable": true
},
"minLength": 1
}
}
},
"managed": {
"description": "If enabled, Kong will maintain managed sessions with the MCP server.",
"type": "boolean",
"default": true
},
"redis": {
"type": "object",
"properties": {
"cloud_authentication": {
"description": "Cloud auth related configs for connecting to a Cloud Provider's Redis instance.",
"type": "object",
"properties": {
"auth_provider": {
"description": "Auth providers to be used to authenticate to a Cloud Provider's Redis instance.",
"type": "string",
"enum": [
"aws",
"azure",
"gcp"
],
"x-referenceable": true
},
"aws_access_key_id": {
"description": "AWS Access Key ID to be used for authentication when `auth_provider` is set to `aws`.",
"type": "string",
"x-encrypted": true,
"x-referenceable": true
},
"aws_assume_role_arn": {
"description": "The ARN of the IAM role to assume for generating ElastiCache IAM authentication tokens.",
"type": "string",
"x-encrypted": true,
"x-referenceable": true
},
"aws_cache_name": {
"description": "The name of the AWS Elasticache cluster when `auth_provider` is set to `aws`.",
"type": "string",
"x-referenceable": true
},
"aws_is_serverless": {
"description": "This flag specifies whether the cluster is serverless when auth_provider is set to `aws`.",
"type": "boolean",
"default": true
},
"aws_region": {
"description": "The region of the AWS ElastiCache cluster when `auth_provider` is set to `aws`.",
"type": "string",
"x-referenceable": true
},
"aws_role_session_name": {
"description": "The session name for the temporary credentials when assuming the IAM role.",
"type": "string",
"x-encrypted": true,
"x-referenceable": true
},
"aws_secret_access_key": {
"description": "AWS Secret Access Key to be used for authentication when `auth_provider` is set to `aws`.",
"type": "string",
"x-encrypted": true,
"x-referenceable": true
},
"azure_client_id": {
"description": "Azure Client ID to be used for authentication when `auth_provider` is set to `azure`.",
"type": "string",
"x-encrypted": true,
"x-referenceable": true
},
"azure_client_secret": {
"description": "Azure Client Secret to be used for authentication when `auth_provider` is set to `azure`.",
"type": "string",
"x-encrypted": true,
"x-referenceable": true
},
"azure_tenant_id": {
"description": "Azure Tenant ID to be used for authentication when `auth_provider` is set to `azure`.",
"type": "string",
"x-encrypted": true,
"x-referenceable": true
},
"gcp_service_account_json": {
"description": "GCP Service Account JSON to be used for authentication when `auth_provider` is set to `gcp`.",
"type": "string",
"x-encrypted": true,
"x-referenceable": true
}
}
},
"cluster_max_redirections": {
"description": "Maximum retry attempts for redirection.",
"type": "integer",
"default": 5
},
"cluster_nodes": {
"description": "Cluster addresses to use for Redis connections when the `redis` strategy is defined. Defining this field implies using a Redis Cluster. The minimum length of the array is 1 element.",
"type": "array",
"items": {
"properties": {
"ip": {
"description": "A string representing a host name, such as example.com.",
"type": "string",
"default": "127.0.0.1"
},
"port": {
"description": "An integer representing a port number between 0 and 65535, inclusive.",
"type": "integer",
"default": 6379,
"maximum": 65535,
"minimum": 0
}
},
"type": "object"
},
"minLength": 1
},
"connect_timeout": {
"description": "An integer representing a timeout in milliseconds. Must be between 0 and 2^31-2.",
"type": "integer",
"default": 2000,
"maximum": 2147483646,
"minimum": 0
},
"connection_is_proxied": {
"description": "If the connection to Redis is proxied (e.g. Envoy), set it `true`. Set the `host` and `port` to point to the proxy address.",
"type": "boolean",
"default": false
},
"database": {
"description": "Database to use for the Redis connection when using the `redis` strategy",
"type": "integer",
"default": 0
},
"host": {
"description": "A string representing a host name, such as example.com.",
"type": "string",
"default": "127.0.0.1",
"x-referenceable": true
},
"keepalive_backlog": {
"description": "Limits the total number of opened connections for a pool. If the connection pool is full, connection queues above the limit go into the backlog queue. If the backlog queue is full, subsequent connect operations fail and return `nil`. Queued operations (subject to set timeouts) resume once the number of connections in the pool is less than `keepalive_pool_size`. If latency is high or throughput is low, try increasing this value. Empirically, this value is larger than `keepalive_pool_size`.",
"type": "integer",
"maximum": 2147483646,
"minimum": 0
},
"keepalive_pool_size": {
"description": "The size limit for every cosocket connection pool associated with every remote server, per worker process. If neither `keepalive_pool_size` nor `keepalive_backlog` is specified, no pool is created. If `keepalive_pool_size` isn't specified but `keepalive_backlog` is specified, then the pool uses the default value. Try to increase (e.g. 512) this value if latency is high or throughput is low.",
"type": "integer",
"default": 256,
"maximum": 2147483646,
"minimum": 1
},
"password": {
"description": "Password to use for Redis connections. If undefined, no AUTH commands are sent to Redis.",
"type": "string",
"x-encrypted": true,
"x-referenceable": true
},
"port": {
"description": "An integer representing a port number between 0 and 65535, inclusive.",
"type": "integer",
"default": 6379,
"maximum": 65535,
"minimum": 0,
"x-referenceable": true
},
"read_timeout": {
"description": "An integer representing a timeout in milliseconds. Must be between 0 and 2^31-2.",
"type": "integer",
"default": 2000,
"maximum": 2147483646,
"minimum": 0
},
"send_timeout": {
"description": "An integer representing a timeout in milliseconds. Must be between 0 and 2^31-2.",
"type": "integer",
"default": 2000,
"maximum": 2147483646,
"minimum": 0
},
"sentinel_master": {
"description": "Sentinel master to use for Redis connections. Defining this value implies using Redis Sentinel.",
"type": "string"
},
"sentinel_nodes": {
"description": "Sentinel node addresses to use for Redis connections when the `redis` strategy is defined. Defining this field implies using a Redis Sentinel. The minimum length of the array is 1 element.",
"type": "array",
"items": {
"properties": {
"host": {
"description": "A string representing a host name, such as example.com.",
"type": "string",
"default": "127.0.0.1"
},
"port": {
"description": "An integer representing a port number between 0 and 65535, inclusive.",
"type": "integer",
"default": 6379,
"maximum": 65535,
"minimum": 0
}
},
"type": "object"
},
"minLength": 1
},
"sentinel_password": {
"description": "Sentinel password to authenticate with a Redis Sentinel instance. If undefined, no AUTH commands are sent to Redis Sentinels.",
"type": "string",
"x-encrypted": true,
"x-referenceable": true
},
"sentinel_role": {
"description": "Sentinel role to use for Redis connections when the `redis` strategy is defined. Defining this value implies using Redis Sentinel.",
"type": "string",
"enum": [
"any",
"master",
"slave"
]
},
"sentinel_username": {
"description": "Sentinel username to authenticate with a Redis Sentinel instance. If undefined, ACL authentication won't be performed. This requires Redis v6.2.0+.",
"type": "string",
"x-referenceable": true
},
"server_name": {
"description": "A string representing an SNI (server name indication) value for TLS.",
"type": "string",
"x-referenceable": true
},
"ssl": {
"description": "If set to true, uses SSL to connect to Redis.",
"type": "boolean",
"default": false
},
"ssl_verify": {
"description": "If set to true, verifies the validity of the server SSL certificate. If setting this parameter, also configure `lua_ssl_trusted_certificate` in `kong.conf` to specify the CA (or server) certificate used by your Redis server. You may also need to configure `lua_ssl_verify_depth` accordingly.",
"type": "boolean",
"default": true
},
"username": {
"description": "Username to use for Redis connections. If undefined, ACL authentication won't be performed. This requires Redis v6.0.0+. To be compatible with Redis v5.x.y, you can set it to `default`.",
"type": "string",
"x-referenceable": true
}
}
},
"session_ttl": {
"description": "The time-to-live (TTL) for each session in seconds.",
"type": "number",
"default": 86400
},
"strategy": {
"description": "The strategy for the session. If the value is 'client', the session is encrypted into MCP session id assigned to the client. If the value is not 'client', the session is stored in the configured database.",
"type": "string",
"enum": [
"client",
"redis"
]
}
}
},
"tag": {
"description": "The tag of the MCP server. This is used to filter the exported MCP tools. The field should contain exactly one tag. ",
"type": "string"
},
"timeout": {
"description": "The timeout for calling the tools in milliseconds.",
"type": "number",
"default": 10000
}
}
},
"tools": {
"type": "array",
"items": {
"properties": {
"acl": {
"description": "Optional per-primitive ACL. `deny` has higher precedence than `allow`.",
"type": "object",
"properties": {
"allow": {
"description": "Subjects (e.g. Consumer name, Consumer Groups, or Claim values depending on configuration) explicitly allowed to use this primitive.",
"type": "array",
"items": {
"type": "string"
}
},
"deny": {
"description": "Subjects (e.g. Consumer name, Consumer Groups, or Claim values depending on configuration) explicitly denied from using this primitive. `deny` takes precedence over `allow`.",
"type": "array",
"items": {
"type": "string"
}
}
}
},
"annotations": {
"type": "object",
"properties": {
"destructive_hint": {
"description": "If true, the tool may perform destructive updates",
"type": "boolean"
},
"idempotent_hint": {
"description": "If true, repeated calls with same args have no additional effect",
"type": "boolean"
},
"open_world_hint": {
"description": "If true, tool interacts with external entities",
"type": "boolean"
},
"read_only_hint": {
"description": "If true, the tool does not modify its environment",
"type": "boolean"
},
"title": {
"description": "Human-readable title for the tool",
"type": "string"
}
}
},
"description": {
"description": "The description of the MCP tool. This is used to provide information about the tool's functionality and usage.",
"type": "string"
},
"headers": {
"description": "The headers of the exported API. By default, Kong will extract the headers from API configuration. If the configured headers are not exactly matched, this field is required.",
"type": "object",
"additionalProperties": {
"items": {
"type": "string"
},
"type": "array"
}
},
"host": {
"description": "The host of the exported API, which must match the route's hosts. It should be the route's host. By default, Kong will extract the host from API configuration. If the configured host is wildcard, this field is required.",
"type": "string"
},
"method": {
"description": "The method of the exported API, which must be one of the route's method. By default, Kong will extract the method from API configuration. If the configured method is not exactly matched, this field is required.",
"type": "string",
"enum": [
"DELETE",
"GET",
"PATCH",
"POST",
"PUT"
]
},
"name": {
"description": "Tool identifier. In passthrough-listener mode, used to match remote MCP Server tools for ACL enforcement. In other modes, it is also used as the tool name (overrides tools.annotations.title if present).",
"type": "string"
},
"parameters": {
"description": "The API parameters specification defined in OpenAPI JSON format. For example, '[{\"name\": \"city\", \"in\": \"query\", \"description\": \"Name of the city to get the weather for\", \"required\": true, \"schema\": {\"type\": \"string\"}}]'.See https://swagger.io/docs/specification/v3_0/describing-parameters/ for more details.",
"items": {
"additionalProperties": true,
"type": "object",
"x-speakeasy-type-override": "any"
},
"nullable": true,
"type": "array"
},
"path": {
"description": "The path of the exported API, which must match the route's paths. Path not starting with '/' are treated as relative path and the route path will be added as the prefix. If the upstream path is different from the route one, to match the route's path, use relative path and strip_path to strip the added prefix. Relative path is unsupported when the route path is regex. By default, Kong will extract the path from API configuration.",
"type": "string"
},
"query": {
"description": "The query arguments of the exported API. If the generated query arguments are not exactly matched, this field is required.",
"type": "object",
"additionalProperties": {
"items": {
"type": "string"
},
"type": "array"
}
},
"request_body": {
"description": "The API requestBody specification defined in OpenAPI JSON format. For example, '{\"content\":{\"application/x-www-form-urlencoded\":{\"schema\":{\"type\":\"object\",\"properties\":{\"color\":{\"type\":\"array\",\"items\":{\"type\":\"string\"}}}}}}'.See https://swagger.io/docs/specification/v3_0/describing-request-body/describing-request-body/ for more details. Note that `$ref` is not supported so we need to inline the schema.",
"type": "object",
"additionalProperties": true,
"nullable": true,
"x-speakeasy-type-override": "any"
},
"responses": {
"description": "The API responses specification defined in OpenAPI JSON format. This specification will be used to validate the upstream response and map it back to the structuredOutput. For example, '{\"200\":{\"content\":{\"application/json\":{\"schema\":{\"type\":\"object\",\"properties\":{\"result\":{\"type\":\"string\"}}}}}}}'.See https://swagger.io/docs/specification/v3_0/describing-responses/ for more details.Only one non-error (status code < 400) response is supported. Note that `$ref` is not supported.",
"additionalProperties": true,
"nullable": true,
"type": "object",
"x-speakeasy-type-override": "any"
},
"scheme": {
"description": "The scheme of the exported API, which must be one of the route's scheme. By default, Kong will extract the scheme from API configuration. If the configured scheme is not expected, this field can be used to override it.",
"type": "string",
"enum": [
"http",
"https"
]
}
},
"required": [
"description"
],
"type": "object"
}
}
},
"required": [
"mode"
]
},
"name": {
"const": "ai-mcp-proxy"
},
"protocols": {
"description": "A set of strings representing HTTP protocols.",
"type": "array",
"items": {
"enum": [
"grpc",
"grpcs",
"http",
"https"
],
"type": "string"
},
"format": "set",
"default": [
"grpc",
"grpcs",
"http",
"https"
]
},
"route": {
"description": "If set, the plugin will only activate when receiving requests via the specified route. Leave unset for the plugin to activate regardless of the route being used.",
"type": "object",
"additionalProperties": false,
"properties": {
"id": {
"type": "string"
}
}
},
"service": {
"description": "If set, the plugin will only activate when receiving requests via one of the routes belonging to the specified Service. Leave unset for the plugin to activate regardless of the Service being matched.",
"type": "object",
"additionalProperties": false,
"properties": {
"id": {
"type": "string"
}
}
}
},
"required": [
"config"
]
}