librechat-data-provider 0.8.503 → 0.8.504
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/data-service-BFGYAHRx.mjs +6519 -0
- package/dist/data-service-BFGYAHRx.mjs.map +1 -0
- package/dist/data-service-Dk-uLruo.js +8518 -0
- package/dist/data-service-Dk-uLruo.js.map +1 -0
- package/dist/index.js +6592 -2
- package/dist/index.js.map +1 -1
- package/dist/index.mjs +6161 -0
- package/dist/index.mjs.map +1 -0
- package/dist/react-query/index.js +361 -0
- package/dist/react-query/index.js.map +1 -0
- package/dist/react-query/index.mjs +326 -0
- package/dist/react-query/index.mjs.map +1 -0
- package/dist/types/accessPermissions.d.ts +13 -10
- package/dist/types/actions.d.ts +2 -2
- package/dist/types/api-endpoints.d.ts +17 -9
- package/dist/types/bedrock.d.ts +252 -212
- package/dist/types/config.d.ts +4208 -2629
- package/dist/types/data-service.d.ts +23 -6
- package/dist/types/file-config.d.ts +12 -12
- package/dist/types/generate.d.ts +64 -53
- package/dist/types/keys.d.ts +7 -0
- package/dist/types/limits.d.ts +2 -0
- package/dist/types/mcp.d.ts +489 -210
- package/dist/types/models.d.ts +325 -206
- package/dist/types/parsers.d.ts +8 -8
- package/dist/types/permissions.d.ts +65 -9
- package/dist/types/react-query/react-query-service.d.ts +1 -31
- package/dist/types/request.d.ts +1 -1
- package/dist/types/roles.d.ts +52 -0
- package/dist/types/schemas.d.ts +386 -161
- package/dist/types/types/agents.d.ts +15 -1
- package/dist/types/types/files.d.ts +1 -1
- package/dist/types/types/queries.d.ts +16 -3
- package/dist/types/types/skills.d.ts +72 -9
- package/dist/types/types.d.ts +40 -3
- package/package.json +11 -13
- package/dist/index.es.js +0 -2
- package/dist/index.es.js.map +0 -1
- package/dist/react-query/index.es.js +0 -2
- package/dist/react-query/index.es.js.map +0 -1
- package/dist/types/balance.spec.d.ts +0 -1
- package/dist/types/cloudfront-config.spec.d.ts +0 -1
- package/dist/types/codeEnvRef.spec.d.ts +0 -1
- package/dist/types/config.spec.d.ts +0 -1
- package/dist/types/file-config.spec.d.ts +0 -1
- package/dist/types/parameterSettings.spec.d.ts +0 -1
- package/dist/types/roles.spec.d.ts +0 -1
- package/dist/types/schemas.spec.d.ts +0 -1
package/dist/types/mcp.d.ts
CHANGED
|
@@ -38,9 +38,9 @@ export declare const StdioOptionsSchema: z.ZodObject<{
|
|
|
38
38
|
*/
|
|
39
39
|
oauth: z.ZodOptional<z.ZodEffects<z.ZodObject<{
|
|
40
40
|
/** OAuth authorization endpoint (optional - can be auto-discovered) */
|
|
41
|
-
authorization_url: z.ZodOptional<z.ZodString
|
|
41
|
+
authorization_url: z.ZodOptional<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>>;
|
|
42
42
|
/** OAuth token endpoint (optional - can be auto-discovered) */
|
|
43
|
-
token_url: z.ZodOptional<z.ZodString
|
|
43
|
+
token_url: z.ZodOptional<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>>;
|
|
44
44
|
/** OAuth client ID (optional - can use dynamic registration) */
|
|
45
45
|
client_id: z.ZodOptional<z.ZodString>;
|
|
46
46
|
/** OAuth client secret (requires explicit authorization and token endpoints) */
|
|
@@ -48,7 +48,7 @@ export declare const StdioOptionsSchema: z.ZodObject<{
|
|
|
48
48
|
/** OAuth scopes to request */
|
|
49
49
|
scope: z.ZodOptional<z.ZodString>;
|
|
50
50
|
/** OAuth redirect URI (defaults to /api/mcp/{serverName}/oauth/callback) */
|
|
51
|
-
redirect_uri: z.ZodOptional<z.ZodString
|
|
51
|
+
redirect_uri: z.ZodOptional<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>>;
|
|
52
52
|
/** Token exchange method */
|
|
53
53
|
token_exchange_method: z.ZodOptional<z.ZodNativeEnum<typeof TokenExchangeMethodEnum>>;
|
|
54
54
|
/** Supported grant types (defaults to ['authorization_code', 'refresh_token']) */
|
|
@@ -99,7 +99,7 @@ export declare const StdioOptionsSchema: z.ZodObject<{
|
|
|
99
99
|
*/
|
|
100
100
|
forward_audience_on_refresh: z.ZodOptional<z.ZodBoolean>;
|
|
101
101
|
/** OAuth revocation endpoint (optional - can be auto-discovered) */
|
|
102
|
-
revocation_endpoint: z.ZodOptional<z.ZodString
|
|
102
|
+
revocation_endpoint: z.ZodOptional<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>>;
|
|
103
103
|
/** OAuth revocation endpoint authentication methods supported (optional - can be auto-discovered) */
|
|
104
104
|
revocation_endpoint_auth_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
105
105
|
}, "strip", z.ZodTypeAny, {
|
|
@@ -188,12 +188,12 @@ export declare const StdioOptionsSchema: z.ZodObject<{
|
|
|
188
188
|
/** Custom header name when authorization_type is 'custom' */
|
|
189
189
|
custom_header: z.ZodOptional<z.ZodString>;
|
|
190
190
|
}, "strip", z.ZodTypeAny, {
|
|
191
|
-
source: "
|
|
191
|
+
source: "user" | "admin";
|
|
192
192
|
authorization_type: "custom" | "basic" | "bearer";
|
|
193
193
|
key?: string | undefined;
|
|
194
194
|
custom_header?: string | undefined;
|
|
195
195
|
}, {
|
|
196
|
-
source: "
|
|
196
|
+
source: "user" | "admin";
|
|
197
197
|
authorization_type: "custom" | "basic" | "bearer";
|
|
198
198
|
key?: string | undefined;
|
|
199
199
|
custom_header?: string | undefined;
|
|
@@ -201,15 +201,24 @@ export declare const StdioOptionsSchema: z.ZodObject<{
|
|
|
201
201
|
customUserVars: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodObject<{
|
|
202
202
|
title: z.ZodString;
|
|
203
203
|
description: z.ZodString;
|
|
204
|
+
/**
|
|
205
|
+
* Whether the field holds a secret and should be masked in the UI.
|
|
206
|
+
* Defaults to masked when omitted; set to `false` for non-secret setup
|
|
207
|
+
* values (e.g. username, project key, base URL) to render as plain text.
|
|
208
|
+
*/
|
|
209
|
+
sensitive: z.ZodOptional<z.ZodBoolean>;
|
|
204
210
|
}, "strip", z.ZodTypeAny, {
|
|
205
|
-
title: string;
|
|
206
211
|
description: string;
|
|
207
|
-
}, {
|
|
208
212
|
title: string;
|
|
213
|
+
sensitive?: boolean | undefined;
|
|
214
|
+
}, {
|
|
209
215
|
description: string;
|
|
216
|
+
title: string;
|
|
217
|
+
sensitive?: boolean | undefined;
|
|
210
218
|
}>>>;
|
|
211
219
|
} & {
|
|
212
220
|
type: z.ZodDefault<z.ZodLiteral<"stdio">>;
|
|
221
|
+
obo: z.ZodOptional<z.ZodUndefined>;
|
|
213
222
|
/**
|
|
214
223
|
* The executable to run to start the server.
|
|
215
224
|
*/
|
|
@@ -235,14 +244,15 @@ export declare const StdioOptionsSchema: z.ZodObject<{
|
|
|
235
244
|
type: "stdio";
|
|
236
245
|
command: string;
|
|
237
246
|
args: string[];
|
|
238
|
-
title?: string | undefined;
|
|
239
247
|
description?: string | undefined;
|
|
248
|
+
title?: string | undefined;
|
|
249
|
+
chatMenu?: boolean | undefined;
|
|
250
|
+
env?: Record<string, string> | undefined;
|
|
240
251
|
startup?: boolean | undefined;
|
|
241
252
|
iconPath?: string | undefined;
|
|
242
253
|
timeout?: number | undefined;
|
|
243
254
|
sseReadTimeout?: number | undefined;
|
|
244
255
|
initTimeout?: number | undefined;
|
|
245
|
-
chatMenu?: boolean | undefined;
|
|
246
256
|
serverInstructions?: string | boolean | undefined;
|
|
247
257
|
requiresOAuth?: boolean | undefined;
|
|
248
258
|
oauth?: {
|
|
@@ -265,29 +275,31 @@ export declare const StdioOptionsSchema: z.ZodObject<{
|
|
|
265
275
|
} | undefined;
|
|
266
276
|
oauth_headers?: Record<string, string> | undefined;
|
|
267
277
|
apiKey?: {
|
|
268
|
-
source: "
|
|
278
|
+
source: "user" | "admin";
|
|
269
279
|
authorization_type: "custom" | "basic" | "bearer";
|
|
270
280
|
key?: string | undefined;
|
|
271
281
|
custom_header?: string | undefined;
|
|
272
282
|
} | undefined;
|
|
273
283
|
customUserVars?: Record<string, {
|
|
274
|
-
title: string;
|
|
275
284
|
description: string;
|
|
285
|
+
title: string;
|
|
286
|
+
sensitive?: boolean | undefined;
|
|
276
287
|
}> | undefined;
|
|
277
|
-
|
|
288
|
+
obo?: undefined;
|
|
278
289
|
stderr?: number | "pipe" | "ignore" | "inherit" | undefined;
|
|
279
290
|
}, {
|
|
280
291
|
command: string;
|
|
281
292
|
args: string[];
|
|
282
293
|
type?: "stdio" | undefined;
|
|
283
|
-
title?: string | undefined;
|
|
284
294
|
description?: string | undefined;
|
|
295
|
+
title?: string | undefined;
|
|
296
|
+
chatMenu?: boolean | undefined;
|
|
297
|
+
env?: Record<string, string> | undefined;
|
|
285
298
|
startup?: boolean | undefined;
|
|
286
299
|
iconPath?: string | undefined;
|
|
287
300
|
timeout?: number | undefined;
|
|
288
301
|
sseReadTimeout?: number | undefined;
|
|
289
302
|
initTimeout?: number | undefined;
|
|
290
|
-
chatMenu?: boolean | undefined;
|
|
291
303
|
serverInstructions?: string | boolean | undefined;
|
|
292
304
|
requiresOAuth?: boolean | undefined;
|
|
293
305
|
oauth?: {
|
|
@@ -310,16 +322,17 @@ export declare const StdioOptionsSchema: z.ZodObject<{
|
|
|
310
322
|
} | undefined;
|
|
311
323
|
oauth_headers?: Record<string, string> | undefined;
|
|
312
324
|
apiKey?: {
|
|
313
|
-
source: "
|
|
325
|
+
source: "user" | "admin";
|
|
314
326
|
authorization_type: "custom" | "basic" | "bearer";
|
|
315
327
|
key?: string | undefined;
|
|
316
328
|
custom_header?: string | undefined;
|
|
317
329
|
} | undefined;
|
|
318
330
|
customUserVars?: Record<string, {
|
|
319
|
-
title: string;
|
|
320
331
|
description: string;
|
|
332
|
+
title: string;
|
|
333
|
+
sensitive?: boolean | undefined;
|
|
321
334
|
}> | undefined;
|
|
322
|
-
|
|
335
|
+
obo?: undefined;
|
|
323
336
|
stderr?: number | "pipe" | "ignore" | "inherit" | undefined;
|
|
324
337
|
}>;
|
|
325
338
|
export declare const WebSocketOptionsSchema: z.ZodObject<{
|
|
@@ -360,9 +373,9 @@ export declare const WebSocketOptionsSchema: z.ZodObject<{
|
|
|
360
373
|
*/
|
|
361
374
|
oauth: z.ZodOptional<z.ZodEffects<z.ZodObject<{
|
|
362
375
|
/** OAuth authorization endpoint (optional - can be auto-discovered) */
|
|
363
|
-
authorization_url: z.ZodOptional<z.ZodString
|
|
376
|
+
authorization_url: z.ZodOptional<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>>;
|
|
364
377
|
/** OAuth token endpoint (optional - can be auto-discovered) */
|
|
365
|
-
token_url: z.ZodOptional<z.ZodString
|
|
378
|
+
token_url: z.ZodOptional<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>>;
|
|
366
379
|
/** OAuth client ID (optional - can use dynamic registration) */
|
|
367
380
|
client_id: z.ZodOptional<z.ZodString>;
|
|
368
381
|
/** OAuth client secret (requires explicit authorization and token endpoints) */
|
|
@@ -370,7 +383,7 @@ export declare const WebSocketOptionsSchema: z.ZodObject<{
|
|
|
370
383
|
/** OAuth scopes to request */
|
|
371
384
|
scope: z.ZodOptional<z.ZodString>;
|
|
372
385
|
/** OAuth redirect URI (defaults to /api/mcp/{serverName}/oauth/callback) */
|
|
373
|
-
redirect_uri: z.ZodOptional<z.ZodString
|
|
386
|
+
redirect_uri: z.ZodOptional<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>>;
|
|
374
387
|
/** Token exchange method */
|
|
375
388
|
token_exchange_method: z.ZodOptional<z.ZodNativeEnum<typeof TokenExchangeMethodEnum>>;
|
|
376
389
|
/** Supported grant types (defaults to ['authorization_code', 'refresh_token']) */
|
|
@@ -421,7 +434,7 @@ export declare const WebSocketOptionsSchema: z.ZodObject<{
|
|
|
421
434
|
*/
|
|
422
435
|
forward_audience_on_refresh: z.ZodOptional<z.ZodBoolean>;
|
|
423
436
|
/** OAuth revocation endpoint (optional - can be auto-discovered) */
|
|
424
|
-
revocation_endpoint: z.ZodOptional<z.ZodString
|
|
437
|
+
revocation_endpoint: z.ZodOptional<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>>;
|
|
425
438
|
/** OAuth revocation endpoint authentication methods supported (optional - can be auto-discovered) */
|
|
426
439
|
revocation_endpoint_auth_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
427
440
|
}, "strip", z.ZodTypeAny, {
|
|
@@ -510,12 +523,12 @@ export declare const WebSocketOptionsSchema: z.ZodObject<{
|
|
|
510
523
|
/** Custom header name when authorization_type is 'custom' */
|
|
511
524
|
custom_header: z.ZodOptional<z.ZodString>;
|
|
512
525
|
}, "strip", z.ZodTypeAny, {
|
|
513
|
-
source: "
|
|
526
|
+
source: "user" | "admin";
|
|
514
527
|
authorization_type: "custom" | "basic" | "bearer";
|
|
515
528
|
key?: string | undefined;
|
|
516
529
|
custom_header?: string | undefined;
|
|
517
530
|
}, {
|
|
518
|
-
source: "
|
|
531
|
+
source: "user" | "admin";
|
|
519
532
|
authorization_type: "custom" | "basic" | "bearer";
|
|
520
533
|
key?: string | undefined;
|
|
521
534
|
custom_header?: string | undefined;
|
|
@@ -523,27 +536,36 @@ export declare const WebSocketOptionsSchema: z.ZodObject<{
|
|
|
523
536
|
customUserVars: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodObject<{
|
|
524
537
|
title: z.ZodString;
|
|
525
538
|
description: z.ZodString;
|
|
539
|
+
/**
|
|
540
|
+
* Whether the field holds a secret and should be masked in the UI.
|
|
541
|
+
* Defaults to masked when omitted; set to `false` for non-secret setup
|
|
542
|
+
* values (e.g. username, project key, base URL) to render as plain text.
|
|
543
|
+
*/
|
|
544
|
+
sensitive: z.ZodOptional<z.ZodBoolean>;
|
|
526
545
|
}, "strip", z.ZodTypeAny, {
|
|
527
|
-
title: string;
|
|
528
546
|
description: string;
|
|
529
|
-
}, {
|
|
530
547
|
title: string;
|
|
548
|
+
sensitive?: boolean | undefined;
|
|
549
|
+
}, {
|
|
531
550
|
description: string;
|
|
551
|
+
title: string;
|
|
552
|
+
sensitive?: boolean | undefined;
|
|
532
553
|
}>>>;
|
|
533
554
|
} & {
|
|
534
555
|
type: z.ZodDefault<z.ZodLiteral<"websocket">>;
|
|
556
|
+
obo: z.ZodOptional<z.ZodUndefined>;
|
|
535
557
|
url: z.ZodEffects<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>, string, string>;
|
|
536
558
|
}, "strip", z.ZodTypeAny, {
|
|
537
559
|
type: "websocket";
|
|
538
560
|
url: string;
|
|
539
|
-
title?: string | undefined;
|
|
540
561
|
description?: string | undefined;
|
|
562
|
+
title?: string | undefined;
|
|
563
|
+
chatMenu?: boolean | undefined;
|
|
541
564
|
startup?: boolean | undefined;
|
|
542
565
|
iconPath?: string | undefined;
|
|
543
566
|
timeout?: number | undefined;
|
|
544
567
|
sseReadTimeout?: number | undefined;
|
|
545
568
|
initTimeout?: number | undefined;
|
|
546
|
-
chatMenu?: boolean | undefined;
|
|
547
569
|
serverInstructions?: string | boolean | undefined;
|
|
548
570
|
requiresOAuth?: boolean | undefined;
|
|
549
571
|
oauth?: {
|
|
@@ -566,26 +588,28 @@ export declare const WebSocketOptionsSchema: z.ZodObject<{
|
|
|
566
588
|
} | undefined;
|
|
567
589
|
oauth_headers?: Record<string, string> | undefined;
|
|
568
590
|
apiKey?: {
|
|
569
|
-
source: "
|
|
591
|
+
source: "user" | "admin";
|
|
570
592
|
authorization_type: "custom" | "basic" | "bearer";
|
|
571
593
|
key?: string | undefined;
|
|
572
594
|
custom_header?: string | undefined;
|
|
573
595
|
} | undefined;
|
|
574
596
|
customUserVars?: Record<string, {
|
|
575
|
-
title: string;
|
|
576
597
|
description: string;
|
|
598
|
+
title: string;
|
|
599
|
+
sensitive?: boolean | undefined;
|
|
577
600
|
}> | undefined;
|
|
601
|
+
obo?: undefined;
|
|
578
602
|
}, {
|
|
579
603
|
url: string;
|
|
580
604
|
type?: "websocket" | undefined;
|
|
581
|
-
title?: string | undefined;
|
|
582
605
|
description?: string | undefined;
|
|
606
|
+
title?: string | undefined;
|
|
607
|
+
chatMenu?: boolean | undefined;
|
|
583
608
|
startup?: boolean | undefined;
|
|
584
609
|
iconPath?: string | undefined;
|
|
585
610
|
timeout?: number | undefined;
|
|
586
611
|
sseReadTimeout?: number | undefined;
|
|
587
612
|
initTimeout?: number | undefined;
|
|
588
|
-
chatMenu?: boolean | undefined;
|
|
589
613
|
serverInstructions?: string | boolean | undefined;
|
|
590
614
|
requiresOAuth?: boolean | undefined;
|
|
591
615
|
oauth?: {
|
|
@@ -608,15 +632,17 @@ export declare const WebSocketOptionsSchema: z.ZodObject<{
|
|
|
608
632
|
} | undefined;
|
|
609
633
|
oauth_headers?: Record<string, string> | undefined;
|
|
610
634
|
apiKey?: {
|
|
611
|
-
source: "
|
|
635
|
+
source: "user" | "admin";
|
|
612
636
|
authorization_type: "custom" | "basic" | "bearer";
|
|
613
637
|
key?: string | undefined;
|
|
614
638
|
custom_header?: string | undefined;
|
|
615
639
|
} | undefined;
|
|
616
640
|
customUserVars?: Record<string, {
|
|
617
|
-
title: string;
|
|
618
641
|
description: string;
|
|
642
|
+
title: string;
|
|
643
|
+
sensitive?: boolean | undefined;
|
|
619
644
|
}> | undefined;
|
|
645
|
+
obo?: undefined;
|
|
620
646
|
}>;
|
|
621
647
|
export declare const SSEOptionsSchema: z.ZodObject<{
|
|
622
648
|
/** Display name for the MCP server - only letters, numbers, and spaces allowed */
|
|
@@ -656,9 +682,9 @@ export declare const SSEOptionsSchema: z.ZodObject<{
|
|
|
656
682
|
*/
|
|
657
683
|
oauth: z.ZodOptional<z.ZodEffects<z.ZodObject<{
|
|
658
684
|
/** OAuth authorization endpoint (optional - can be auto-discovered) */
|
|
659
|
-
authorization_url: z.ZodOptional<z.ZodString
|
|
685
|
+
authorization_url: z.ZodOptional<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>>;
|
|
660
686
|
/** OAuth token endpoint (optional - can be auto-discovered) */
|
|
661
|
-
token_url: z.ZodOptional<z.ZodString
|
|
687
|
+
token_url: z.ZodOptional<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>>;
|
|
662
688
|
/** OAuth client ID (optional - can use dynamic registration) */
|
|
663
689
|
client_id: z.ZodOptional<z.ZodString>;
|
|
664
690
|
/** OAuth client secret (requires explicit authorization and token endpoints) */
|
|
@@ -666,7 +692,7 @@ export declare const SSEOptionsSchema: z.ZodObject<{
|
|
|
666
692
|
/** OAuth scopes to request */
|
|
667
693
|
scope: z.ZodOptional<z.ZodString>;
|
|
668
694
|
/** OAuth redirect URI (defaults to /api/mcp/{serverName}/oauth/callback) */
|
|
669
|
-
redirect_uri: z.ZodOptional<z.ZodString
|
|
695
|
+
redirect_uri: z.ZodOptional<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>>;
|
|
670
696
|
/** Token exchange method */
|
|
671
697
|
token_exchange_method: z.ZodOptional<z.ZodNativeEnum<typeof TokenExchangeMethodEnum>>;
|
|
672
698
|
/** Supported grant types (defaults to ['authorization_code', 'refresh_token']) */
|
|
@@ -717,7 +743,7 @@ export declare const SSEOptionsSchema: z.ZodObject<{
|
|
|
717
743
|
*/
|
|
718
744
|
forward_audience_on_refresh: z.ZodOptional<z.ZodBoolean>;
|
|
719
745
|
/** OAuth revocation endpoint (optional - can be auto-discovered) */
|
|
720
|
-
revocation_endpoint: z.ZodOptional<z.ZodString
|
|
746
|
+
revocation_endpoint: z.ZodOptional<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>>;
|
|
721
747
|
/** OAuth revocation endpoint authentication methods supported (optional - can be auto-discovered) */
|
|
722
748
|
revocation_endpoint_auth_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
723
749
|
}, "strip", z.ZodTypeAny, {
|
|
@@ -806,12 +832,12 @@ export declare const SSEOptionsSchema: z.ZodObject<{
|
|
|
806
832
|
/** Custom header name when authorization_type is 'custom' */
|
|
807
833
|
custom_header: z.ZodOptional<z.ZodString>;
|
|
808
834
|
}, "strip", z.ZodTypeAny, {
|
|
809
|
-
source: "
|
|
835
|
+
source: "user" | "admin";
|
|
810
836
|
authorization_type: "custom" | "basic" | "bearer";
|
|
811
837
|
key?: string | undefined;
|
|
812
838
|
custom_header?: string | undefined;
|
|
813
839
|
}, {
|
|
814
|
-
source: "
|
|
840
|
+
source: "user" | "admin";
|
|
815
841
|
authorization_type: "custom" | "basic" | "bearer";
|
|
816
842
|
key?: string | undefined;
|
|
817
843
|
custom_header?: string | undefined;
|
|
@@ -819,30 +845,53 @@ export declare const SSEOptionsSchema: z.ZodObject<{
|
|
|
819
845
|
customUserVars: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodObject<{
|
|
820
846
|
title: z.ZodString;
|
|
821
847
|
description: z.ZodString;
|
|
848
|
+
/**
|
|
849
|
+
* Whether the field holds a secret and should be masked in the UI.
|
|
850
|
+
* Defaults to masked when omitted; set to `false` for non-secret setup
|
|
851
|
+
* values (e.g. username, project key, base URL) to render as plain text.
|
|
852
|
+
*/
|
|
853
|
+
sensitive: z.ZodOptional<z.ZodBoolean>;
|
|
822
854
|
}, "strip", z.ZodTypeAny, {
|
|
823
|
-
title: string;
|
|
824
855
|
description: string;
|
|
825
|
-
}, {
|
|
826
856
|
title: string;
|
|
857
|
+
sensitive?: boolean | undefined;
|
|
858
|
+
}, {
|
|
827
859
|
description: string;
|
|
860
|
+
title: string;
|
|
861
|
+
sensitive?: boolean | undefined;
|
|
828
862
|
}>>>;
|
|
829
863
|
} & {
|
|
830
864
|
type: z.ZodDefault<z.ZodLiteral<"sse">>;
|
|
831
865
|
headers: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodString>>;
|
|
866
|
+
/**
|
|
867
|
+
* On-Behalf-Of (OBO) token exchange configuration.
|
|
868
|
+
* When configured, LibreChat exchanges the logged-in user's federated access token
|
|
869
|
+
* for a token scoped to this MCP server via the OAuth 2.0 OBO flow (jwt-bearer grant).
|
|
870
|
+
* The exchanged token is injected as a Bearer Authorization header automatically.
|
|
871
|
+
* Requires the user to be authenticated via OpenID Connect (e.g., Entra ID).
|
|
872
|
+
*/
|
|
873
|
+
obo: z.ZodOptional<z.ZodObject<{
|
|
874
|
+
/** Scopes to request for the downstream MCP server (e.g., "api://<client-id>/Mcp.Tools.ReadWrite") */
|
|
875
|
+
scopes: z.ZodString;
|
|
876
|
+
}, "strip", z.ZodTypeAny, {
|
|
877
|
+
scopes: string;
|
|
878
|
+
}, {
|
|
879
|
+
scopes: string;
|
|
880
|
+
}>>;
|
|
832
881
|
/** Optional outbound proxy URL for this remote MCP transport */
|
|
833
882
|
proxy: z.ZodOptional<z.ZodEffects<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>, string, string>>;
|
|
834
883
|
url: z.ZodEffects<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>, string, string>;
|
|
835
884
|
}, "strip", z.ZodTypeAny, {
|
|
836
885
|
type: "sse";
|
|
837
886
|
url: string;
|
|
838
|
-
title?: string | undefined;
|
|
839
887
|
description?: string | undefined;
|
|
888
|
+
title?: string | undefined;
|
|
889
|
+
chatMenu?: boolean | undefined;
|
|
840
890
|
startup?: boolean | undefined;
|
|
841
891
|
iconPath?: string | undefined;
|
|
842
892
|
timeout?: number | undefined;
|
|
843
893
|
sseReadTimeout?: number | undefined;
|
|
844
894
|
initTimeout?: number | undefined;
|
|
845
|
-
chatMenu?: boolean | undefined;
|
|
846
895
|
serverInstructions?: string | boolean | undefined;
|
|
847
896
|
requiresOAuth?: boolean | undefined;
|
|
848
897
|
oauth?: {
|
|
@@ -865,28 +914,32 @@ export declare const SSEOptionsSchema: z.ZodObject<{
|
|
|
865
914
|
} | undefined;
|
|
866
915
|
oauth_headers?: Record<string, string> | undefined;
|
|
867
916
|
apiKey?: {
|
|
868
|
-
source: "
|
|
917
|
+
source: "user" | "admin";
|
|
869
918
|
authorization_type: "custom" | "basic" | "bearer";
|
|
870
919
|
key?: string | undefined;
|
|
871
920
|
custom_header?: string | undefined;
|
|
872
921
|
} | undefined;
|
|
873
922
|
customUserVars?: Record<string, {
|
|
874
|
-
title: string;
|
|
875
923
|
description: string;
|
|
924
|
+
title: string;
|
|
925
|
+
sensitive?: boolean | undefined;
|
|
876
926
|
}> | undefined;
|
|
927
|
+
obo?: {
|
|
928
|
+
scopes: string;
|
|
929
|
+
} | undefined;
|
|
877
930
|
headers?: Record<string, string> | undefined;
|
|
878
931
|
proxy?: string | undefined;
|
|
879
932
|
}, {
|
|
880
933
|
url: string;
|
|
881
934
|
type?: "sse" | undefined;
|
|
882
|
-
title?: string | undefined;
|
|
883
935
|
description?: string | undefined;
|
|
936
|
+
title?: string | undefined;
|
|
937
|
+
chatMenu?: boolean | undefined;
|
|
884
938
|
startup?: boolean | undefined;
|
|
885
939
|
iconPath?: string | undefined;
|
|
886
940
|
timeout?: number | undefined;
|
|
887
941
|
sseReadTimeout?: number | undefined;
|
|
888
942
|
initTimeout?: number | undefined;
|
|
889
|
-
chatMenu?: boolean | undefined;
|
|
890
943
|
serverInstructions?: string | boolean | undefined;
|
|
891
944
|
requiresOAuth?: boolean | undefined;
|
|
892
945
|
oauth?: {
|
|
@@ -909,15 +962,19 @@ export declare const SSEOptionsSchema: z.ZodObject<{
|
|
|
909
962
|
} | undefined;
|
|
910
963
|
oauth_headers?: Record<string, string> | undefined;
|
|
911
964
|
apiKey?: {
|
|
912
|
-
source: "
|
|
965
|
+
source: "user" | "admin";
|
|
913
966
|
authorization_type: "custom" | "basic" | "bearer";
|
|
914
967
|
key?: string | undefined;
|
|
915
968
|
custom_header?: string | undefined;
|
|
916
969
|
} | undefined;
|
|
917
970
|
customUserVars?: Record<string, {
|
|
918
|
-
title: string;
|
|
919
971
|
description: string;
|
|
972
|
+
title: string;
|
|
973
|
+
sensitive?: boolean | undefined;
|
|
920
974
|
}> | undefined;
|
|
975
|
+
obo?: {
|
|
976
|
+
scopes: string;
|
|
977
|
+
} | undefined;
|
|
921
978
|
headers?: Record<string, string> | undefined;
|
|
922
979
|
proxy?: string | undefined;
|
|
923
980
|
}>;
|
|
@@ -959,9 +1016,9 @@ export declare const StreamableHTTPOptionsSchema: z.ZodObject<{
|
|
|
959
1016
|
*/
|
|
960
1017
|
oauth: z.ZodOptional<z.ZodEffects<z.ZodObject<{
|
|
961
1018
|
/** OAuth authorization endpoint (optional - can be auto-discovered) */
|
|
962
|
-
authorization_url: z.ZodOptional<z.ZodString
|
|
1019
|
+
authorization_url: z.ZodOptional<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>>;
|
|
963
1020
|
/** OAuth token endpoint (optional - can be auto-discovered) */
|
|
964
|
-
token_url: z.ZodOptional<z.ZodString
|
|
1021
|
+
token_url: z.ZodOptional<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>>;
|
|
965
1022
|
/** OAuth client ID (optional - can use dynamic registration) */
|
|
966
1023
|
client_id: z.ZodOptional<z.ZodString>;
|
|
967
1024
|
/** OAuth client secret (requires explicit authorization and token endpoints) */
|
|
@@ -969,7 +1026,7 @@ export declare const StreamableHTTPOptionsSchema: z.ZodObject<{
|
|
|
969
1026
|
/** OAuth scopes to request */
|
|
970
1027
|
scope: z.ZodOptional<z.ZodString>;
|
|
971
1028
|
/** OAuth redirect URI (defaults to /api/mcp/{serverName}/oauth/callback) */
|
|
972
|
-
redirect_uri: z.ZodOptional<z.ZodString
|
|
1029
|
+
redirect_uri: z.ZodOptional<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>>;
|
|
973
1030
|
/** Token exchange method */
|
|
974
1031
|
token_exchange_method: z.ZodOptional<z.ZodNativeEnum<typeof TokenExchangeMethodEnum>>;
|
|
975
1032
|
/** Supported grant types (defaults to ['authorization_code', 'refresh_token']) */
|
|
@@ -1020,7 +1077,7 @@ export declare const StreamableHTTPOptionsSchema: z.ZodObject<{
|
|
|
1020
1077
|
*/
|
|
1021
1078
|
forward_audience_on_refresh: z.ZodOptional<z.ZodBoolean>;
|
|
1022
1079
|
/** OAuth revocation endpoint (optional - can be auto-discovered) */
|
|
1023
|
-
revocation_endpoint: z.ZodOptional<z.ZodString
|
|
1080
|
+
revocation_endpoint: z.ZodOptional<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>>;
|
|
1024
1081
|
/** OAuth revocation endpoint authentication methods supported (optional - can be auto-discovered) */
|
|
1025
1082
|
revocation_endpoint_auth_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
1026
1083
|
}, "strip", z.ZodTypeAny, {
|
|
@@ -1109,12 +1166,12 @@ export declare const StreamableHTTPOptionsSchema: z.ZodObject<{
|
|
|
1109
1166
|
/** Custom header name when authorization_type is 'custom' */
|
|
1110
1167
|
custom_header: z.ZodOptional<z.ZodString>;
|
|
1111
1168
|
}, "strip", z.ZodTypeAny, {
|
|
1112
|
-
source: "
|
|
1169
|
+
source: "user" | "admin";
|
|
1113
1170
|
authorization_type: "custom" | "basic" | "bearer";
|
|
1114
1171
|
key?: string | undefined;
|
|
1115
1172
|
custom_header?: string | undefined;
|
|
1116
1173
|
}, {
|
|
1117
|
-
source: "
|
|
1174
|
+
source: "user" | "admin";
|
|
1118
1175
|
authorization_type: "custom" | "basic" | "bearer";
|
|
1119
1176
|
key?: string | undefined;
|
|
1120
1177
|
custom_header?: string | undefined;
|
|
@@ -1122,30 +1179,53 @@ export declare const StreamableHTTPOptionsSchema: z.ZodObject<{
|
|
|
1122
1179
|
customUserVars: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodObject<{
|
|
1123
1180
|
title: z.ZodString;
|
|
1124
1181
|
description: z.ZodString;
|
|
1182
|
+
/**
|
|
1183
|
+
* Whether the field holds a secret and should be masked in the UI.
|
|
1184
|
+
* Defaults to masked when omitted; set to `false` for non-secret setup
|
|
1185
|
+
* values (e.g. username, project key, base URL) to render as plain text.
|
|
1186
|
+
*/
|
|
1187
|
+
sensitive: z.ZodOptional<z.ZodBoolean>;
|
|
1125
1188
|
}, "strip", z.ZodTypeAny, {
|
|
1126
|
-
title: string;
|
|
1127
1189
|
description: string;
|
|
1128
|
-
}, {
|
|
1129
1190
|
title: string;
|
|
1191
|
+
sensitive?: boolean | undefined;
|
|
1192
|
+
}, {
|
|
1130
1193
|
description: string;
|
|
1194
|
+
title: string;
|
|
1195
|
+
sensitive?: boolean | undefined;
|
|
1131
1196
|
}>>>;
|
|
1132
1197
|
} & {
|
|
1133
1198
|
type: z.ZodUnion<[z.ZodLiteral<"streamable-http">, z.ZodLiteral<"http">]>;
|
|
1134
1199
|
headers: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodString>>;
|
|
1200
|
+
/**
|
|
1201
|
+
* On-Behalf-Of (OBO) token exchange configuration.
|
|
1202
|
+
* When configured, LibreChat exchanges the logged-in user's federated access token
|
|
1203
|
+
* for a token scoped to this MCP server via the OAuth 2.0 OBO flow (jwt-bearer grant).
|
|
1204
|
+
* The exchanged token is injected as a Bearer Authorization header automatically.
|
|
1205
|
+
* Requires the user to be authenticated via OpenID Connect (e.g., Entra ID).
|
|
1206
|
+
*/
|
|
1207
|
+
obo: z.ZodOptional<z.ZodObject<{
|
|
1208
|
+
/** Scopes to request for the downstream MCP server (e.g., "api://<client-id>/Mcp.Tools.ReadWrite") */
|
|
1209
|
+
scopes: z.ZodString;
|
|
1210
|
+
}, "strip", z.ZodTypeAny, {
|
|
1211
|
+
scopes: string;
|
|
1212
|
+
}, {
|
|
1213
|
+
scopes: string;
|
|
1214
|
+
}>>;
|
|
1135
1215
|
/** Optional outbound proxy URL for this remote MCP transport */
|
|
1136
1216
|
proxy: z.ZodOptional<z.ZodEffects<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>, string, string>>;
|
|
1137
1217
|
url: z.ZodEffects<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>, string, string>;
|
|
1138
1218
|
}, "strip", z.ZodTypeAny, {
|
|
1139
1219
|
type: "streamable-http" | "http";
|
|
1140
1220
|
url: string;
|
|
1141
|
-
title?: string | undefined;
|
|
1142
1221
|
description?: string | undefined;
|
|
1222
|
+
title?: string | undefined;
|
|
1223
|
+
chatMenu?: boolean | undefined;
|
|
1143
1224
|
startup?: boolean | undefined;
|
|
1144
1225
|
iconPath?: string | undefined;
|
|
1145
1226
|
timeout?: number | undefined;
|
|
1146
1227
|
sseReadTimeout?: number | undefined;
|
|
1147
1228
|
initTimeout?: number | undefined;
|
|
1148
|
-
chatMenu?: boolean | undefined;
|
|
1149
1229
|
serverInstructions?: string | boolean | undefined;
|
|
1150
1230
|
requiresOAuth?: boolean | undefined;
|
|
1151
1231
|
oauth?: {
|
|
@@ -1168,28 +1248,32 @@ export declare const StreamableHTTPOptionsSchema: z.ZodObject<{
|
|
|
1168
1248
|
} | undefined;
|
|
1169
1249
|
oauth_headers?: Record<string, string> | undefined;
|
|
1170
1250
|
apiKey?: {
|
|
1171
|
-
source: "
|
|
1251
|
+
source: "user" | "admin";
|
|
1172
1252
|
authorization_type: "custom" | "basic" | "bearer";
|
|
1173
1253
|
key?: string | undefined;
|
|
1174
1254
|
custom_header?: string | undefined;
|
|
1175
1255
|
} | undefined;
|
|
1176
1256
|
customUserVars?: Record<string, {
|
|
1177
|
-
title: string;
|
|
1178
1257
|
description: string;
|
|
1258
|
+
title: string;
|
|
1259
|
+
sensitive?: boolean | undefined;
|
|
1179
1260
|
}> | undefined;
|
|
1261
|
+
obo?: {
|
|
1262
|
+
scopes: string;
|
|
1263
|
+
} | undefined;
|
|
1180
1264
|
headers?: Record<string, string> | undefined;
|
|
1181
1265
|
proxy?: string | undefined;
|
|
1182
1266
|
}, {
|
|
1183
1267
|
type: "streamable-http" | "http";
|
|
1184
1268
|
url: string;
|
|
1185
|
-
title?: string | undefined;
|
|
1186
1269
|
description?: string | undefined;
|
|
1270
|
+
title?: string | undefined;
|
|
1271
|
+
chatMenu?: boolean | undefined;
|
|
1187
1272
|
startup?: boolean | undefined;
|
|
1188
1273
|
iconPath?: string | undefined;
|
|
1189
1274
|
timeout?: number | undefined;
|
|
1190
1275
|
sseReadTimeout?: number | undefined;
|
|
1191
1276
|
initTimeout?: number | undefined;
|
|
1192
|
-
chatMenu?: boolean | undefined;
|
|
1193
1277
|
serverInstructions?: string | boolean | undefined;
|
|
1194
1278
|
requiresOAuth?: boolean | undefined;
|
|
1195
1279
|
oauth?: {
|
|
@@ -1212,15 +1296,19 @@ export declare const StreamableHTTPOptionsSchema: z.ZodObject<{
|
|
|
1212
1296
|
} | undefined;
|
|
1213
1297
|
oauth_headers?: Record<string, string> | undefined;
|
|
1214
1298
|
apiKey?: {
|
|
1215
|
-
source: "
|
|
1299
|
+
source: "user" | "admin";
|
|
1216
1300
|
authorization_type: "custom" | "basic" | "bearer";
|
|
1217
1301
|
key?: string | undefined;
|
|
1218
1302
|
custom_header?: string | undefined;
|
|
1219
1303
|
} | undefined;
|
|
1220
1304
|
customUserVars?: Record<string, {
|
|
1221
|
-
title: string;
|
|
1222
1305
|
description: string;
|
|
1306
|
+
title: string;
|
|
1307
|
+
sensitive?: boolean | undefined;
|
|
1223
1308
|
}> | undefined;
|
|
1309
|
+
obo?: {
|
|
1310
|
+
scopes: string;
|
|
1311
|
+
} | undefined;
|
|
1224
1312
|
headers?: Record<string, string> | undefined;
|
|
1225
1313
|
proxy?: string | undefined;
|
|
1226
1314
|
}>;
|
|
@@ -1262,9 +1350,9 @@ export declare const MCPOptionsSchema: z.ZodUnion<[z.ZodObject<{
|
|
|
1262
1350
|
*/
|
|
1263
1351
|
oauth: z.ZodOptional<z.ZodEffects<z.ZodObject<{
|
|
1264
1352
|
/** OAuth authorization endpoint (optional - can be auto-discovered) */
|
|
1265
|
-
authorization_url: z.ZodOptional<z.ZodString
|
|
1353
|
+
authorization_url: z.ZodOptional<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>>;
|
|
1266
1354
|
/** OAuth token endpoint (optional - can be auto-discovered) */
|
|
1267
|
-
token_url: z.ZodOptional<z.ZodString
|
|
1355
|
+
token_url: z.ZodOptional<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>>;
|
|
1268
1356
|
/** OAuth client ID (optional - can use dynamic registration) */
|
|
1269
1357
|
client_id: z.ZodOptional<z.ZodString>;
|
|
1270
1358
|
/** OAuth client secret (requires explicit authorization and token endpoints) */
|
|
@@ -1272,7 +1360,7 @@ export declare const MCPOptionsSchema: z.ZodUnion<[z.ZodObject<{
|
|
|
1272
1360
|
/** OAuth scopes to request */
|
|
1273
1361
|
scope: z.ZodOptional<z.ZodString>;
|
|
1274
1362
|
/** OAuth redirect URI (defaults to /api/mcp/{serverName}/oauth/callback) */
|
|
1275
|
-
redirect_uri: z.ZodOptional<z.ZodString
|
|
1363
|
+
redirect_uri: z.ZodOptional<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>>;
|
|
1276
1364
|
/** Token exchange method */
|
|
1277
1365
|
token_exchange_method: z.ZodOptional<z.ZodNativeEnum<typeof TokenExchangeMethodEnum>>;
|
|
1278
1366
|
/** Supported grant types (defaults to ['authorization_code', 'refresh_token']) */
|
|
@@ -1323,7 +1411,7 @@ export declare const MCPOptionsSchema: z.ZodUnion<[z.ZodObject<{
|
|
|
1323
1411
|
*/
|
|
1324
1412
|
forward_audience_on_refresh: z.ZodOptional<z.ZodBoolean>;
|
|
1325
1413
|
/** OAuth revocation endpoint (optional - can be auto-discovered) */
|
|
1326
|
-
revocation_endpoint: z.ZodOptional<z.ZodString
|
|
1414
|
+
revocation_endpoint: z.ZodOptional<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>>;
|
|
1327
1415
|
/** OAuth revocation endpoint authentication methods supported (optional - can be auto-discovered) */
|
|
1328
1416
|
revocation_endpoint_auth_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
1329
1417
|
}, "strip", z.ZodTypeAny, {
|
|
@@ -1412,12 +1500,12 @@ export declare const MCPOptionsSchema: z.ZodUnion<[z.ZodObject<{
|
|
|
1412
1500
|
/** Custom header name when authorization_type is 'custom' */
|
|
1413
1501
|
custom_header: z.ZodOptional<z.ZodString>;
|
|
1414
1502
|
}, "strip", z.ZodTypeAny, {
|
|
1415
|
-
source: "
|
|
1503
|
+
source: "user" | "admin";
|
|
1416
1504
|
authorization_type: "custom" | "basic" | "bearer";
|
|
1417
1505
|
key?: string | undefined;
|
|
1418
1506
|
custom_header?: string | undefined;
|
|
1419
1507
|
}, {
|
|
1420
|
-
source: "
|
|
1508
|
+
source: "user" | "admin";
|
|
1421
1509
|
authorization_type: "custom" | "basic" | "bearer";
|
|
1422
1510
|
key?: string | undefined;
|
|
1423
1511
|
custom_header?: string | undefined;
|
|
@@ -1425,15 +1513,24 @@ export declare const MCPOptionsSchema: z.ZodUnion<[z.ZodObject<{
|
|
|
1425
1513
|
customUserVars: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodObject<{
|
|
1426
1514
|
title: z.ZodString;
|
|
1427
1515
|
description: z.ZodString;
|
|
1516
|
+
/**
|
|
1517
|
+
* Whether the field holds a secret and should be masked in the UI.
|
|
1518
|
+
* Defaults to masked when omitted; set to `false` for non-secret setup
|
|
1519
|
+
* values (e.g. username, project key, base URL) to render as plain text.
|
|
1520
|
+
*/
|
|
1521
|
+
sensitive: z.ZodOptional<z.ZodBoolean>;
|
|
1428
1522
|
}, "strip", z.ZodTypeAny, {
|
|
1429
|
-
title: string;
|
|
1430
1523
|
description: string;
|
|
1431
|
-
}, {
|
|
1432
1524
|
title: string;
|
|
1525
|
+
sensitive?: boolean | undefined;
|
|
1526
|
+
}, {
|
|
1433
1527
|
description: string;
|
|
1528
|
+
title: string;
|
|
1529
|
+
sensitive?: boolean | undefined;
|
|
1434
1530
|
}>>>;
|
|
1435
1531
|
} & {
|
|
1436
1532
|
type: z.ZodDefault<z.ZodLiteral<"stdio">>;
|
|
1533
|
+
obo: z.ZodOptional<z.ZodUndefined>;
|
|
1437
1534
|
/**
|
|
1438
1535
|
* The executable to run to start the server.
|
|
1439
1536
|
*/
|
|
@@ -1459,14 +1556,15 @@ export declare const MCPOptionsSchema: z.ZodUnion<[z.ZodObject<{
|
|
|
1459
1556
|
type: "stdio";
|
|
1460
1557
|
command: string;
|
|
1461
1558
|
args: string[];
|
|
1462
|
-
title?: string | undefined;
|
|
1463
1559
|
description?: string | undefined;
|
|
1560
|
+
title?: string | undefined;
|
|
1561
|
+
chatMenu?: boolean | undefined;
|
|
1562
|
+
env?: Record<string, string> | undefined;
|
|
1464
1563
|
startup?: boolean | undefined;
|
|
1465
1564
|
iconPath?: string | undefined;
|
|
1466
1565
|
timeout?: number | undefined;
|
|
1467
1566
|
sseReadTimeout?: number | undefined;
|
|
1468
1567
|
initTimeout?: number | undefined;
|
|
1469
|
-
chatMenu?: boolean | undefined;
|
|
1470
1568
|
serverInstructions?: string | boolean | undefined;
|
|
1471
1569
|
requiresOAuth?: boolean | undefined;
|
|
1472
1570
|
oauth?: {
|
|
@@ -1489,29 +1587,31 @@ export declare const MCPOptionsSchema: z.ZodUnion<[z.ZodObject<{
|
|
|
1489
1587
|
} | undefined;
|
|
1490
1588
|
oauth_headers?: Record<string, string> | undefined;
|
|
1491
1589
|
apiKey?: {
|
|
1492
|
-
source: "
|
|
1590
|
+
source: "user" | "admin";
|
|
1493
1591
|
authorization_type: "custom" | "basic" | "bearer";
|
|
1494
1592
|
key?: string | undefined;
|
|
1495
1593
|
custom_header?: string | undefined;
|
|
1496
1594
|
} | undefined;
|
|
1497
1595
|
customUserVars?: Record<string, {
|
|
1498
|
-
title: string;
|
|
1499
1596
|
description: string;
|
|
1597
|
+
title: string;
|
|
1598
|
+
sensitive?: boolean | undefined;
|
|
1500
1599
|
}> | undefined;
|
|
1501
|
-
|
|
1600
|
+
obo?: undefined;
|
|
1502
1601
|
stderr?: number | "pipe" | "ignore" | "inherit" | undefined;
|
|
1503
1602
|
}, {
|
|
1504
1603
|
command: string;
|
|
1505
1604
|
args: string[];
|
|
1506
1605
|
type?: "stdio" | undefined;
|
|
1507
|
-
title?: string | undefined;
|
|
1508
1606
|
description?: string | undefined;
|
|
1607
|
+
title?: string | undefined;
|
|
1608
|
+
chatMenu?: boolean | undefined;
|
|
1609
|
+
env?: Record<string, string> | undefined;
|
|
1509
1610
|
startup?: boolean | undefined;
|
|
1510
1611
|
iconPath?: string | undefined;
|
|
1511
1612
|
timeout?: number | undefined;
|
|
1512
1613
|
sseReadTimeout?: number | undefined;
|
|
1513
1614
|
initTimeout?: number | undefined;
|
|
1514
|
-
chatMenu?: boolean | undefined;
|
|
1515
1615
|
serverInstructions?: string | boolean | undefined;
|
|
1516
1616
|
requiresOAuth?: boolean | undefined;
|
|
1517
1617
|
oauth?: {
|
|
@@ -1534,16 +1634,17 @@ export declare const MCPOptionsSchema: z.ZodUnion<[z.ZodObject<{
|
|
|
1534
1634
|
} | undefined;
|
|
1535
1635
|
oauth_headers?: Record<string, string> | undefined;
|
|
1536
1636
|
apiKey?: {
|
|
1537
|
-
source: "
|
|
1637
|
+
source: "user" | "admin";
|
|
1538
1638
|
authorization_type: "custom" | "basic" | "bearer";
|
|
1539
1639
|
key?: string | undefined;
|
|
1540
1640
|
custom_header?: string | undefined;
|
|
1541
1641
|
} | undefined;
|
|
1542
1642
|
customUserVars?: Record<string, {
|
|
1543
|
-
title: string;
|
|
1544
1643
|
description: string;
|
|
1644
|
+
title: string;
|
|
1645
|
+
sensitive?: boolean | undefined;
|
|
1545
1646
|
}> | undefined;
|
|
1546
|
-
|
|
1647
|
+
obo?: undefined;
|
|
1547
1648
|
stderr?: number | "pipe" | "ignore" | "inherit" | undefined;
|
|
1548
1649
|
}>, z.ZodObject<{
|
|
1549
1650
|
/** Display name for the MCP server - only letters, numbers, and spaces allowed */
|
|
@@ -1583,9 +1684,9 @@ export declare const MCPOptionsSchema: z.ZodUnion<[z.ZodObject<{
|
|
|
1583
1684
|
*/
|
|
1584
1685
|
oauth: z.ZodOptional<z.ZodEffects<z.ZodObject<{
|
|
1585
1686
|
/** OAuth authorization endpoint (optional - can be auto-discovered) */
|
|
1586
|
-
authorization_url: z.ZodOptional<z.ZodString
|
|
1687
|
+
authorization_url: z.ZodOptional<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>>;
|
|
1587
1688
|
/** OAuth token endpoint (optional - can be auto-discovered) */
|
|
1588
|
-
token_url: z.ZodOptional<z.ZodString
|
|
1689
|
+
token_url: z.ZodOptional<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>>;
|
|
1589
1690
|
/** OAuth client ID (optional - can use dynamic registration) */
|
|
1590
1691
|
client_id: z.ZodOptional<z.ZodString>;
|
|
1591
1692
|
/** OAuth client secret (requires explicit authorization and token endpoints) */
|
|
@@ -1593,7 +1694,7 @@ export declare const MCPOptionsSchema: z.ZodUnion<[z.ZodObject<{
|
|
|
1593
1694
|
/** OAuth scopes to request */
|
|
1594
1695
|
scope: z.ZodOptional<z.ZodString>;
|
|
1595
1696
|
/** OAuth redirect URI (defaults to /api/mcp/{serverName}/oauth/callback) */
|
|
1596
|
-
redirect_uri: z.ZodOptional<z.ZodString
|
|
1697
|
+
redirect_uri: z.ZodOptional<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>>;
|
|
1597
1698
|
/** Token exchange method */
|
|
1598
1699
|
token_exchange_method: z.ZodOptional<z.ZodNativeEnum<typeof TokenExchangeMethodEnum>>;
|
|
1599
1700
|
/** Supported grant types (defaults to ['authorization_code', 'refresh_token']) */
|
|
@@ -1644,7 +1745,7 @@ export declare const MCPOptionsSchema: z.ZodUnion<[z.ZodObject<{
|
|
|
1644
1745
|
*/
|
|
1645
1746
|
forward_audience_on_refresh: z.ZodOptional<z.ZodBoolean>;
|
|
1646
1747
|
/** OAuth revocation endpoint (optional - can be auto-discovered) */
|
|
1647
|
-
revocation_endpoint: z.ZodOptional<z.ZodString
|
|
1748
|
+
revocation_endpoint: z.ZodOptional<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>>;
|
|
1648
1749
|
/** OAuth revocation endpoint authentication methods supported (optional - can be auto-discovered) */
|
|
1649
1750
|
revocation_endpoint_auth_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
1650
1751
|
}, "strip", z.ZodTypeAny, {
|
|
@@ -1733,12 +1834,12 @@ export declare const MCPOptionsSchema: z.ZodUnion<[z.ZodObject<{
|
|
|
1733
1834
|
/** Custom header name when authorization_type is 'custom' */
|
|
1734
1835
|
custom_header: z.ZodOptional<z.ZodString>;
|
|
1735
1836
|
}, "strip", z.ZodTypeAny, {
|
|
1736
|
-
source: "
|
|
1837
|
+
source: "user" | "admin";
|
|
1737
1838
|
authorization_type: "custom" | "basic" | "bearer";
|
|
1738
1839
|
key?: string | undefined;
|
|
1739
1840
|
custom_header?: string | undefined;
|
|
1740
1841
|
}, {
|
|
1741
|
-
source: "
|
|
1842
|
+
source: "user" | "admin";
|
|
1742
1843
|
authorization_type: "custom" | "basic" | "bearer";
|
|
1743
1844
|
key?: string | undefined;
|
|
1744
1845
|
custom_header?: string | undefined;
|
|
@@ -1746,27 +1847,36 @@ export declare const MCPOptionsSchema: z.ZodUnion<[z.ZodObject<{
|
|
|
1746
1847
|
customUserVars: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodObject<{
|
|
1747
1848
|
title: z.ZodString;
|
|
1748
1849
|
description: z.ZodString;
|
|
1850
|
+
/**
|
|
1851
|
+
* Whether the field holds a secret and should be masked in the UI.
|
|
1852
|
+
* Defaults to masked when omitted; set to `false` for non-secret setup
|
|
1853
|
+
* values (e.g. username, project key, base URL) to render as plain text.
|
|
1854
|
+
*/
|
|
1855
|
+
sensitive: z.ZodOptional<z.ZodBoolean>;
|
|
1749
1856
|
}, "strip", z.ZodTypeAny, {
|
|
1750
|
-
title: string;
|
|
1751
1857
|
description: string;
|
|
1752
|
-
}, {
|
|
1753
1858
|
title: string;
|
|
1859
|
+
sensitive?: boolean | undefined;
|
|
1860
|
+
}, {
|
|
1754
1861
|
description: string;
|
|
1862
|
+
title: string;
|
|
1863
|
+
sensitive?: boolean | undefined;
|
|
1755
1864
|
}>>>;
|
|
1756
1865
|
} & {
|
|
1757
1866
|
type: z.ZodDefault<z.ZodLiteral<"websocket">>;
|
|
1867
|
+
obo: z.ZodOptional<z.ZodUndefined>;
|
|
1758
1868
|
url: z.ZodEffects<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>, string, string>;
|
|
1759
1869
|
}, "strip", z.ZodTypeAny, {
|
|
1760
1870
|
type: "websocket";
|
|
1761
1871
|
url: string;
|
|
1762
|
-
title?: string | undefined;
|
|
1763
1872
|
description?: string | undefined;
|
|
1873
|
+
title?: string | undefined;
|
|
1874
|
+
chatMenu?: boolean | undefined;
|
|
1764
1875
|
startup?: boolean | undefined;
|
|
1765
1876
|
iconPath?: string | undefined;
|
|
1766
1877
|
timeout?: number | undefined;
|
|
1767
1878
|
sseReadTimeout?: number | undefined;
|
|
1768
1879
|
initTimeout?: number | undefined;
|
|
1769
|
-
chatMenu?: boolean | undefined;
|
|
1770
1880
|
serverInstructions?: string | boolean | undefined;
|
|
1771
1881
|
requiresOAuth?: boolean | undefined;
|
|
1772
1882
|
oauth?: {
|
|
@@ -1789,26 +1899,28 @@ export declare const MCPOptionsSchema: z.ZodUnion<[z.ZodObject<{
|
|
|
1789
1899
|
} | undefined;
|
|
1790
1900
|
oauth_headers?: Record<string, string> | undefined;
|
|
1791
1901
|
apiKey?: {
|
|
1792
|
-
source: "
|
|
1902
|
+
source: "user" | "admin";
|
|
1793
1903
|
authorization_type: "custom" | "basic" | "bearer";
|
|
1794
1904
|
key?: string | undefined;
|
|
1795
1905
|
custom_header?: string | undefined;
|
|
1796
1906
|
} | undefined;
|
|
1797
1907
|
customUserVars?: Record<string, {
|
|
1798
|
-
title: string;
|
|
1799
1908
|
description: string;
|
|
1909
|
+
title: string;
|
|
1910
|
+
sensitive?: boolean | undefined;
|
|
1800
1911
|
}> | undefined;
|
|
1912
|
+
obo?: undefined;
|
|
1801
1913
|
}, {
|
|
1802
1914
|
url: string;
|
|
1803
1915
|
type?: "websocket" | undefined;
|
|
1804
|
-
title?: string | undefined;
|
|
1805
1916
|
description?: string | undefined;
|
|
1917
|
+
title?: string | undefined;
|
|
1918
|
+
chatMenu?: boolean | undefined;
|
|
1806
1919
|
startup?: boolean | undefined;
|
|
1807
1920
|
iconPath?: string | undefined;
|
|
1808
1921
|
timeout?: number | undefined;
|
|
1809
1922
|
sseReadTimeout?: number | undefined;
|
|
1810
1923
|
initTimeout?: number | undefined;
|
|
1811
|
-
chatMenu?: boolean | undefined;
|
|
1812
1924
|
serverInstructions?: string | boolean | undefined;
|
|
1813
1925
|
requiresOAuth?: boolean | undefined;
|
|
1814
1926
|
oauth?: {
|
|
@@ -1831,15 +1943,17 @@ export declare const MCPOptionsSchema: z.ZodUnion<[z.ZodObject<{
|
|
|
1831
1943
|
} | undefined;
|
|
1832
1944
|
oauth_headers?: Record<string, string> | undefined;
|
|
1833
1945
|
apiKey?: {
|
|
1834
|
-
source: "
|
|
1946
|
+
source: "user" | "admin";
|
|
1835
1947
|
authorization_type: "custom" | "basic" | "bearer";
|
|
1836
1948
|
key?: string | undefined;
|
|
1837
1949
|
custom_header?: string | undefined;
|
|
1838
1950
|
} | undefined;
|
|
1839
1951
|
customUserVars?: Record<string, {
|
|
1840
|
-
title: string;
|
|
1841
1952
|
description: string;
|
|
1953
|
+
title: string;
|
|
1954
|
+
sensitive?: boolean | undefined;
|
|
1842
1955
|
}> | undefined;
|
|
1956
|
+
obo?: undefined;
|
|
1843
1957
|
}>, z.ZodObject<{
|
|
1844
1958
|
/** Display name for the MCP server - only letters, numbers, and spaces allowed */
|
|
1845
1959
|
title: z.ZodOptional<z.ZodString>;
|
|
@@ -1878,9 +1992,9 @@ export declare const MCPOptionsSchema: z.ZodUnion<[z.ZodObject<{
|
|
|
1878
1992
|
*/
|
|
1879
1993
|
oauth: z.ZodOptional<z.ZodEffects<z.ZodObject<{
|
|
1880
1994
|
/** OAuth authorization endpoint (optional - can be auto-discovered) */
|
|
1881
|
-
authorization_url: z.ZodOptional<z.ZodString
|
|
1995
|
+
authorization_url: z.ZodOptional<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>>;
|
|
1882
1996
|
/** OAuth token endpoint (optional - can be auto-discovered) */
|
|
1883
|
-
token_url: z.ZodOptional<z.ZodString
|
|
1997
|
+
token_url: z.ZodOptional<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>>;
|
|
1884
1998
|
/** OAuth client ID (optional - can use dynamic registration) */
|
|
1885
1999
|
client_id: z.ZodOptional<z.ZodString>;
|
|
1886
2000
|
/** OAuth client secret (requires explicit authorization and token endpoints) */
|
|
@@ -1888,7 +2002,7 @@ export declare const MCPOptionsSchema: z.ZodUnion<[z.ZodObject<{
|
|
|
1888
2002
|
/** OAuth scopes to request */
|
|
1889
2003
|
scope: z.ZodOptional<z.ZodString>;
|
|
1890
2004
|
/** OAuth redirect URI (defaults to /api/mcp/{serverName}/oauth/callback) */
|
|
1891
|
-
redirect_uri: z.ZodOptional<z.ZodString
|
|
2005
|
+
redirect_uri: z.ZodOptional<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>>;
|
|
1892
2006
|
/** Token exchange method */
|
|
1893
2007
|
token_exchange_method: z.ZodOptional<z.ZodNativeEnum<typeof TokenExchangeMethodEnum>>;
|
|
1894
2008
|
/** Supported grant types (defaults to ['authorization_code', 'refresh_token']) */
|
|
@@ -1939,7 +2053,7 @@ export declare const MCPOptionsSchema: z.ZodUnion<[z.ZodObject<{
|
|
|
1939
2053
|
*/
|
|
1940
2054
|
forward_audience_on_refresh: z.ZodOptional<z.ZodBoolean>;
|
|
1941
2055
|
/** OAuth revocation endpoint (optional - can be auto-discovered) */
|
|
1942
|
-
revocation_endpoint: z.ZodOptional<z.ZodString
|
|
2056
|
+
revocation_endpoint: z.ZodOptional<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>>;
|
|
1943
2057
|
/** OAuth revocation endpoint authentication methods supported (optional - can be auto-discovered) */
|
|
1944
2058
|
revocation_endpoint_auth_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
1945
2059
|
}, "strip", z.ZodTypeAny, {
|
|
@@ -2028,12 +2142,12 @@ export declare const MCPOptionsSchema: z.ZodUnion<[z.ZodObject<{
|
|
|
2028
2142
|
/** Custom header name when authorization_type is 'custom' */
|
|
2029
2143
|
custom_header: z.ZodOptional<z.ZodString>;
|
|
2030
2144
|
}, "strip", z.ZodTypeAny, {
|
|
2031
|
-
source: "
|
|
2145
|
+
source: "user" | "admin";
|
|
2032
2146
|
authorization_type: "custom" | "basic" | "bearer";
|
|
2033
2147
|
key?: string | undefined;
|
|
2034
2148
|
custom_header?: string | undefined;
|
|
2035
2149
|
}, {
|
|
2036
|
-
source: "
|
|
2150
|
+
source: "user" | "admin";
|
|
2037
2151
|
authorization_type: "custom" | "basic" | "bearer";
|
|
2038
2152
|
key?: string | undefined;
|
|
2039
2153
|
custom_header?: string | undefined;
|
|
@@ -2041,30 +2155,53 @@ export declare const MCPOptionsSchema: z.ZodUnion<[z.ZodObject<{
|
|
|
2041
2155
|
customUserVars: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodObject<{
|
|
2042
2156
|
title: z.ZodString;
|
|
2043
2157
|
description: z.ZodString;
|
|
2158
|
+
/**
|
|
2159
|
+
* Whether the field holds a secret and should be masked in the UI.
|
|
2160
|
+
* Defaults to masked when omitted; set to `false` for non-secret setup
|
|
2161
|
+
* values (e.g. username, project key, base URL) to render as plain text.
|
|
2162
|
+
*/
|
|
2163
|
+
sensitive: z.ZodOptional<z.ZodBoolean>;
|
|
2044
2164
|
}, "strip", z.ZodTypeAny, {
|
|
2045
|
-
title: string;
|
|
2046
2165
|
description: string;
|
|
2047
|
-
}, {
|
|
2048
2166
|
title: string;
|
|
2167
|
+
sensitive?: boolean | undefined;
|
|
2168
|
+
}, {
|
|
2049
2169
|
description: string;
|
|
2170
|
+
title: string;
|
|
2171
|
+
sensitive?: boolean | undefined;
|
|
2050
2172
|
}>>>;
|
|
2051
2173
|
} & {
|
|
2052
2174
|
type: z.ZodDefault<z.ZodLiteral<"sse">>;
|
|
2053
2175
|
headers: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodString>>;
|
|
2176
|
+
/**
|
|
2177
|
+
* On-Behalf-Of (OBO) token exchange configuration.
|
|
2178
|
+
* When configured, LibreChat exchanges the logged-in user's federated access token
|
|
2179
|
+
* for a token scoped to this MCP server via the OAuth 2.0 OBO flow (jwt-bearer grant).
|
|
2180
|
+
* The exchanged token is injected as a Bearer Authorization header automatically.
|
|
2181
|
+
* Requires the user to be authenticated via OpenID Connect (e.g., Entra ID).
|
|
2182
|
+
*/
|
|
2183
|
+
obo: z.ZodOptional<z.ZodObject<{
|
|
2184
|
+
/** Scopes to request for the downstream MCP server (e.g., "api://<client-id>/Mcp.Tools.ReadWrite") */
|
|
2185
|
+
scopes: z.ZodString;
|
|
2186
|
+
}, "strip", z.ZodTypeAny, {
|
|
2187
|
+
scopes: string;
|
|
2188
|
+
}, {
|
|
2189
|
+
scopes: string;
|
|
2190
|
+
}>>;
|
|
2054
2191
|
/** Optional outbound proxy URL for this remote MCP transport */
|
|
2055
2192
|
proxy: z.ZodOptional<z.ZodEffects<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>, string, string>>;
|
|
2056
2193
|
url: z.ZodEffects<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>, string, string>;
|
|
2057
2194
|
}, "strip", z.ZodTypeAny, {
|
|
2058
2195
|
type: "sse";
|
|
2059
2196
|
url: string;
|
|
2060
|
-
title?: string | undefined;
|
|
2061
2197
|
description?: string | undefined;
|
|
2198
|
+
title?: string | undefined;
|
|
2199
|
+
chatMenu?: boolean | undefined;
|
|
2062
2200
|
startup?: boolean | undefined;
|
|
2063
2201
|
iconPath?: string | undefined;
|
|
2064
2202
|
timeout?: number | undefined;
|
|
2065
2203
|
sseReadTimeout?: number | undefined;
|
|
2066
2204
|
initTimeout?: number | undefined;
|
|
2067
|
-
chatMenu?: boolean | undefined;
|
|
2068
2205
|
serverInstructions?: string | boolean | undefined;
|
|
2069
2206
|
requiresOAuth?: boolean | undefined;
|
|
2070
2207
|
oauth?: {
|
|
@@ -2087,28 +2224,32 @@ export declare const MCPOptionsSchema: z.ZodUnion<[z.ZodObject<{
|
|
|
2087
2224
|
} | undefined;
|
|
2088
2225
|
oauth_headers?: Record<string, string> | undefined;
|
|
2089
2226
|
apiKey?: {
|
|
2090
|
-
source: "
|
|
2227
|
+
source: "user" | "admin";
|
|
2091
2228
|
authorization_type: "custom" | "basic" | "bearer";
|
|
2092
2229
|
key?: string | undefined;
|
|
2093
2230
|
custom_header?: string | undefined;
|
|
2094
2231
|
} | undefined;
|
|
2095
2232
|
customUserVars?: Record<string, {
|
|
2096
|
-
title: string;
|
|
2097
2233
|
description: string;
|
|
2234
|
+
title: string;
|
|
2235
|
+
sensitive?: boolean | undefined;
|
|
2098
2236
|
}> | undefined;
|
|
2237
|
+
obo?: {
|
|
2238
|
+
scopes: string;
|
|
2239
|
+
} | undefined;
|
|
2099
2240
|
headers?: Record<string, string> | undefined;
|
|
2100
2241
|
proxy?: string | undefined;
|
|
2101
2242
|
}, {
|
|
2102
2243
|
url: string;
|
|
2103
2244
|
type?: "sse" | undefined;
|
|
2104
|
-
title?: string | undefined;
|
|
2105
2245
|
description?: string | undefined;
|
|
2246
|
+
title?: string | undefined;
|
|
2247
|
+
chatMenu?: boolean | undefined;
|
|
2106
2248
|
startup?: boolean | undefined;
|
|
2107
2249
|
iconPath?: string | undefined;
|
|
2108
2250
|
timeout?: number | undefined;
|
|
2109
2251
|
sseReadTimeout?: number | undefined;
|
|
2110
2252
|
initTimeout?: number | undefined;
|
|
2111
|
-
chatMenu?: boolean | undefined;
|
|
2112
2253
|
serverInstructions?: string | boolean | undefined;
|
|
2113
2254
|
requiresOAuth?: boolean | undefined;
|
|
2114
2255
|
oauth?: {
|
|
@@ -2131,15 +2272,19 @@ export declare const MCPOptionsSchema: z.ZodUnion<[z.ZodObject<{
|
|
|
2131
2272
|
} | undefined;
|
|
2132
2273
|
oauth_headers?: Record<string, string> | undefined;
|
|
2133
2274
|
apiKey?: {
|
|
2134
|
-
source: "
|
|
2275
|
+
source: "user" | "admin";
|
|
2135
2276
|
authorization_type: "custom" | "basic" | "bearer";
|
|
2136
2277
|
key?: string | undefined;
|
|
2137
2278
|
custom_header?: string | undefined;
|
|
2138
2279
|
} | undefined;
|
|
2139
2280
|
customUserVars?: Record<string, {
|
|
2140
|
-
title: string;
|
|
2141
2281
|
description: string;
|
|
2282
|
+
title: string;
|
|
2283
|
+
sensitive?: boolean | undefined;
|
|
2142
2284
|
}> | undefined;
|
|
2285
|
+
obo?: {
|
|
2286
|
+
scopes: string;
|
|
2287
|
+
} | undefined;
|
|
2143
2288
|
headers?: Record<string, string> | undefined;
|
|
2144
2289
|
proxy?: string | undefined;
|
|
2145
2290
|
}>, z.ZodObject<{
|
|
@@ -2180,9 +2325,9 @@ export declare const MCPOptionsSchema: z.ZodUnion<[z.ZodObject<{
|
|
|
2180
2325
|
*/
|
|
2181
2326
|
oauth: z.ZodOptional<z.ZodEffects<z.ZodObject<{
|
|
2182
2327
|
/** OAuth authorization endpoint (optional - can be auto-discovered) */
|
|
2183
|
-
authorization_url: z.ZodOptional<z.ZodString
|
|
2328
|
+
authorization_url: z.ZodOptional<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>>;
|
|
2184
2329
|
/** OAuth token endpoint (optional - can be auto-discovered) */
|
|
2185
|
-
token_url: z.ZodOptional<z.ZodString
|
|
2330
|
+
token_url: z.ZodOptional<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>>;
|
|
2186
2331
|
/** OAuth client ID (optional - can use dynamic registration) */
|
|
2187
2332
|
client_id: z.ZodOptional<z.ZodString>;
|
|
2188
2333
|
/** OAuth client secret (requires explicit authorization and token endpoints) */
|
|
@@ -2190,7 +2335,7 @@ export declare const MCPOptionsSchema: z.ZodUnion<[z.ZodObject<{
|
|
|
2190
2335
|
/** OAuth scopes to request */
|
|
2191
2336
|
scope: z.ZodOptional<z.ZodString>;
|
|
2192
2337
|
/** OAuth redirect URI (defaults to /api/mcp/{serverName}/oauth/callback) */
|
|
2193
|
-
redirect_uri: z.ZodOptional<z.ZodString
|
|
2338
|
+
redirect_uri: z.ZodOptional<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>>;
|
|
2194
2339
|
/** Token exchange method */
|
|
2195
2340
|
token_exchange_method: z.ZodOptional<z.ZodNativeEnum<typeof TokenExchangeMethodEnum>>;
|
|
2196
2341
|
/** Supported grant types (defaults to ['authorization_code', 'refresh_token']) */
|
|
@@ -2241,7 +2386,7 @@ export declare const MCPOptionsSchema: z.ZodUnion<[z.ZodObject<{
|
|
|
2241
2386
|
*/
|
|
2242
2387
|
forward_audience_on_refresh: z.ZodOptional<z.ZodBoolean>;
|
|
2243
2388
|
/** OAuth revocation endpoint (optional - can be auto-discovered) */
|
|
2244
|
-
revocation_endpoint: z.ZodOptional<z.ZodString
|
|
2389
|
+
revocation_endpoint: z.ZodOptional<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>>;
|
|
2245
2390
|
/** OAuth revocation endpoint authentication methods supported (optional - can be auto-discovered) */
|
|
2246
2391
|
revocation_endpoint_auth_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
2247
2392
|
}, "strip", z.ZodTypeAny, {
|
|
@@ -2330,12 +2475,12 @@ export declare const MCPOptionsSchema: z.ZodUnion<[z.ZodObject<{
|
|
|
2330
2475
|
/** Custom header name when authorization_type is 'custom' */
|
|
2331
2476
|
custom_header: z.ZodOptional<z.ZodString>;
|
|
2332
2477
|
}, "strip", z.ZodTypeAny, {
|
|
2333
|
-
source: "
|
|
2478
|
+
source: "user" | "admin";
|
|
2334
2479
|
authorization_type: "custom" | "basic" | "bearer";
|
|
2335
2480
|
key?: string | undefined;
|
|
2336
2481
|
custom_header?: string | undefined;
|
|
2337
2482
|
}, {
|
|
2338
|
-
source: "
|
|
2483
|
+
source: "user" | "admin";
|
|
2339
2484
|
authorization_type: "custom" | "basic" | "bearer";
|
|
2340
2485
|
key?: string | undefined;
|
|
2341
2486
|
custom_header?: string | undefined;
|
|
@@ -2343,30 +2488,53 @@ export declare const MCPOptionsSchema: z.ZodUnion<[z.ZodObject<{
|
|
|
2343
2488
|
customUserVars: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodObject<{
|
|
2344
2489
|
title: z.ZodString;
|
|
2345
2490
|
description: z.ZodString;
|
|
2491
|
+
/**
|
|
2492
|
+
* Whether the field holds a secret and should be masked in the UI.
|
|
2493
|
+
* Defaults to masked when omitted; set to `false` for non-secret setup
|
|
2494
|
+
* values (e.g. username, project key, base URL) to render as plain text.
|
|
2495
|
+
*/
|
|
2496
|
+
sensitive: z.ZodOptional<z.ZodBoolean>;
|
|
2346
2497
|
}, "strip", z.ZodTypeAny, {
|
|
2347
|
-
title: string;
|
|
2348
2498
|
description: string;
|
|
2349
|
-
}, {
|
|
2350
2499
|
title: string;
|
|
2500
|
+
sensitive?: boolean | undefined;
|
|
2501
|
+
}, {
|
|
2351
2502
|
description: string;
|
|
2503
|
+
title: string;
|
|
2504
|
+
sensitive?: boolean | undefined;
|
|
2352
2505
|
}>>>;
|
|
2353
2506
|
} & {
|
|
2354
2507
|
type: z.ZodUnion<[z.ZodLiteral<"streamable-http">, z.ZodLiteral<"http">]>;
|
|
2355
2508
|
headers: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodString>>;
|
|
2509
|
+
/**
|
|
2510
|
+
* On-Behalf-Of (OBO) token exchange configuration.
|
|
2511
|
+
* When configured, LibreChat exchanges the logged-in user's federated access token
|
|
2512
|
+
* for a token scoped to this MCP server via the OAuth 2.0 OBO flow (jwt-bearer grant).
|
|
2513
|
+
* The exchanged token is injected as a Bearer Authorization header automatically.
|
|
2514
|
+
* Requires the user to be authenticated via OpenID Connect (e.g., Entra ID).
|
|
2515
|
+
*/
|
|
2516
|
+
obo: z.ZodOptional<z.ZodObject<{
|
|
2517
|
+
/** Scopes to request for the downstream MCP server (e.g., "api://<client-id>/Mcp.Tools.ReadWrite") */
|
|
2518
|
+
scopes: z.ZodString;
|
|
2519
|
+
}, "strip", z.ZodTypeAny, {
|
|
2520
|
+
scopes: string;
|
|
2521
|
+
}, {
|
|
2522
|
+
scopes: string;
|
|
2523
|
+
}>>;
|
|
2356
2524
|
/** Optional outbound proxy URL for this remote MCP transport */
|
|
2357
2525
|
proxy: z.ZodOptional<z.ZodEffects<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>, string, string>>;
|
|
2358
2526
|
url: z.ZodEffects<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>, string, string>;
|
|
2359
2527
|
}, "strip", z.ZodTypeAny, {
|
|
2360
2528
|
type: "streamable-http" | "http";
|
|
2361
2529
|
url: string;
|
|
2362
|
-
title?: string | undefined;
|
|
2363
2530
|
description?: string | undefined;
|
|
2531
|
+
title?: string | undefined;
|
|
2532
|
+
chatMenu?: boolean | undefined;
|
|
2364
2533
|
startup?: boolean | undefined;
|
|
2365
2534
|
iconPath?: string | undefined;
|
|
2366
2535
|
timeout?: number | undefined;
|
|
2367
2536
|
sseReadTimeout?: number | undefined;
|
|
2368
2537
|
initTimeout?: number | undefined;
|
|
2369
|
-
chatMenu?: boolean | undefined;
|
|
2370
2538
|
serverInstructions?: string | boolean | undefined;
|
|
2371
2539
|
requiresOAuth?: boolean | undefined;
|
|
2372
2540
|
oauth?: {
|
|
@@ -2389,28 +2557,32 @@ export declare const MCPOptionsSchema: z.ZodUnion<[z.ZodObject<{
|
|
|
2389
2557
|
} | undefined;
|
|
2390
2558
|
oauth_headers?: Record<string, string> | undefined;
|
|
2391
2559
|
apiKey?: {
|
|
2392
|
-
source: "
|
|
2560
|
+
source: "user" | "admin";
|
|
2393
2561
|
authorization_type: "custom" | "basic" | "bearer";
|
|
2394
2562
|
key?: string | undefined;
|
|
2395
2563
|
custom_header?: string | undefined;
|
|
2396
2564
|
} | undefined;
|
|
2397
2565
|
customUserVars?: Record<string, {
|
|
2398
|
-
title: string;
|
|
2399
2566
|
description: string;
|
|
2567
|
+
title: string;
|
|
2568
|
+
sensitive?: boolean | undefined;
|
|
2400
2569
|
}> | undefined;
|
|
2570
|
+
obo?: {
|
|
2571
|
+
scopes: string;
|
|
2572
|
+
} | undefined;
|
|
2401
2573
|
headers?: Record<string, string> | undefined;
|
|
2402
2574
|
proxy?: string | undefined;
|
|
2403
2575
|
}, {
|
|
2404
2576
|
type: "streamable-http" | "http";
|
|
2405
2577
|
url: string;
|
|
2406
|
-
title?: string | undefined;
|
|
2407
2578
|
description?: string | undefined;
|
|
2579
|
+
title?: string | undefined;
|
|
2580
|
+
chatMenu?: boolean | undefined;
|
|
2408
2581
|
startup?: boolean | undefined;
|
|
2409
2582
|
iconPath?: string | undefined;
|
|
2410
2583
|
timeout?: number | undefined;
|
|
2411
2584
|
sseReadTimeout?: number | undefined;
|
|
2412
2585
|
initTimeout?: number | undefined;
|
|
2413
|
-
chatMenu?: boolean | undefined;
|
|
2414
2586
|
serverInstructions?: string | boolean | undefined;
|
|
2415
2587
|
requiresOAuth?: boolean | undefined;
|
|
2416
2588
|
oauth?: {
|
|
@@ -2433,15 +2605,19 @@ export declare const MCPOptionsSchema: z.ZodUnion<[z.ZodObject<{
|
|
|
2433
2605
|
} | undefined;
|
|
2434
2606
|
oauth_headers?: Record<string, string> | undefined;
|
|
2435
2607
|
apiKey?: {
|
|
2436
|
-
source: "
|
|
2608
|
+
source: "user" | "admin";
|
|
2437
2609
|
authorization_type: "custom" | "basic" | "bearer";
|
|
2438
2610
|
key?: string | undefined;
|
|
2439
2611
|
custom_header?: string | undefined;
|
|
2440
2612
|
} | undefined;
|
|
2441
2613
|
customUserVars?: Record<string, {
|
|
2442
|
-
title: string;
|
|
2443
2614
|
description: string;
|
|
2615
|
+
title: string;
|
|
2616
|
+
sensitive?: boolean | undefined;
|
|
2444
2617
|
}> | undefined;
|
|
2618
|
+
obo?: {
|
|
2619
|
+
scopes: string;
|
|
2620
|
+
} | undefined;
|
|
2445
2621
|
headers?: Record<string, string> | undefined;
|
|
2446
2622
|
proxy?: string | undefined;
|
|
2447
2623
|
}>]>;
|
|
@@ -2483,9 +2659,9 @@ export declare const MCPServersSchema: z.ZodRecord<z.ZodString, z.ZodUnion<[z.Zo
|
|
|
2483
2659
|
*/
|
|
2484
2660
|
oauth: z.ZodOptional<z.ZodEffects<z.ZodObject<{
|
|
2485
2661
|
/** OAuth authorization endpoint (optional - can be auto-discovered) */
|
|
2486
|
-
authorization_url: z.ZodOptional<z.ZodString
|
|
2662
|
+
authorization_url: z.ZodOptional<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>>;
|
|
2487
2663
|
/** OAuth token endpoint (optional - can be auto-discovered) */
|
|
2488
|
-
token_url: z.ZodOptional<z.ZodString
|
|
2664
|
+
token_url: z.ZodOptional<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>>;
|
|
2489
2665
|
/** OAuth client ID (optional - can use dynamic registration) */
|
|
2490
2666
|
client_id: z.ZodOptional<z.ZodString>;
|
|
2491
2667
|
/** OAuth client secret (requires explicit authorization and token endpoints) */
|
|
@@ -2493,7 +2669,7 @@ export declare const MCPServersSchema: z.ZodRecord<z.ZodString, z.ZodUnion<[z.Zo
|
|
|
2493
2669
|
/** OAuth scopes to request */
|
|
2494
2670
|
scope: z.ZodOptional<z.ZodString>;
|
|
2495
2671
|
/** OAuth redirect URI (defaults to /api/mcp/{serverName}/oauth/callback) */
|
|
2496
|
-
redirect_uri: z.ZodOptional<z.ZodString
|
|
2672
|
+
redirect_uri: z.ZodOptional<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>>;
|
|
2497
2673
|
/** Token exchange method */
|
|
2498
2674
|
token_exchange_method: z.ZodOptional<z.ZodNativeEnum<typeof TokenExchangeMethodEnum>>;
|
|
2499
2675
|
/** Supported grant types (defaults to ['authorization_code', 'refresh_token']) */
|
|
@@ -2544,7 +2720,7 @@ export declare const MCPServersSchema: z.ZodRecord<z.ZodString, z.ZodUnion<[z.Zo
|
|
|
2544
2720
|
*/
|
|
2545
2721
|
forward_audience_on_refresh: z.ZodOptional<z.ZodBoolean>;
|
|
2546
2722
|
/** OAuth revocation endpoint (optional - can be auto-discovered) */
|
|
2547
|
-
revocation_endpoint: z.ZodOptional<z.ZodString
|
|
2723
|
+
revocation_endpoint: z.ZodOptional<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>>;
|
|
2548
2724
|
/** OAuth revocation endpoint authentication methods supported (optional - can be auto-discovered) */
|
|
2549
2725
|
revocation_endpoint_auth_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
2550
2726
|
}, "strip", z.ZodTypeAny, {
|
|
@@ -2633,12 +2809,12 @@ export declare const MCPServersSchema: z.ZodRecord<z.ZodString, z.ZodUnion<[z.Zo
|
|
|
2633
2809
|
/** Custom header name when authorization_type is 'custom' */
|
|
2634
2810
|
custom_header: z.ZodOptional<z.ZodString>;
|
|
2635
2811
|
}, "strip", z.ZodTypeAny, {
|
|
2636
|
-
source: "
|
|
2812
|
+
source: "user" | "admin";
|
|
2637
2813
|
authorization_type: "custom" | "basic" | "bearer";
|
|
2638
2814
|
key?: string | undefined;
|
|
2639
2815
|
custom_header?: string | undefined;
|
|
2640
2816
|
}, {
|
|
2641
|
-
source: "
|
|
2817
|
+
source: "user" | "admin";
|
|
2642
2818
|
authorization_type: "custom" | "basic" | "bearer";
|
|
2643
2819
|
key?: string | undefined;
|
|
2644
2820
|
custom_header?: string | undefined;
|
|
@@ -2646,15 +2822,24 @@ export declare const MCPServersSchema: z.ZodRecord<z.ZodString, z.ZodUnion<[z.Zo
|
|
|
2646
2822
|
customUserVars: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodObject<{
|
|
2647
2823
|
title: z.ZodString;
|
|
2648
2824
|
description: z.ZodString;
|
|
2825
|
+
/**
|
|
2826
|
+
* Whether the field holds a secret and should be masked in the UI.
|
|
2827
|
+
* Defaults to masked when omitted; set to `false` for non-secret setup
|
|
2828
|
+
* values (e.g. username, project key, base URL) to render as plain text.
|
|
2829
|
+
*/
|
|
2830
|
+
sensitive: z.ZodOptional<z.ZodBoolean>;
|
|
2649
2831
|
}, "strip", z.ZodTypeAny, {
|
|
2650
|
-
title: string;
|
|
2651
2832
|
description: string;
|
|
2652
|
-
}, {
|
|
2653
2833
|
title: string;
|
|
2834
|
+
sensitive?: boolean | undefined;
|
|
2835
|
+
}, {
|
|
2654
2836
|
description: string;
|
|
2837
|
+
title: string;
|
|
2838
|
+
sensitive?: boolean | undefined;
|
|
2655
2839
|
}>>>;
|
|
2656
2840
|
} & {
|
|
2657
2841
|
type: z.ZodDefault<z.ZodLiteral<"stdio">>;
|
|
2842
|
+
obo: z.ZodOptional<z.ZodUndefined>;
|
|
2658
2843
|
/**
|
|
2659
2844
|
* The executable to run to start the server.
|
|
2660
2845
|
*/
|
|
@@ -2680,14 +2865,15 @@ export declare const MCPServersSchema: z.ZodRecord<z.ZodString, z.ZodUnion<[z.Zo
|
|
|
2680
2865
|
type: "stdio";
|
|
2681
2866
|
command: string;
|
|
2682
2867
|
args: string[];
|
|
2683
|
-
title?: string | undefined;
|
|
2684
2868
|
description?: string | undefined;
|
|
2869
|
+
title?: string | undefined;
|
|
2870
|
+
chatMenu?: boolean | undefined;
|
|
2871
|
+
env?: Record<string, string> | undefined;
|
|
2685
2872
|
startup?: boolean | undefined;
|
|
2686
2873
|
iconPath?: string | undefined;
|
|
2687
2874
|
timeout?: number | undefined;
|
|
2688
2875
|
sseReadTimeout?: number | undefined;
|
|
2689
2876
|
initTimeout?: number | undefined;
|
|
2690
|
-
chatMenu?: boolean | undefined;
|
|
2691
2877
|
serverInstructions?: string | boolean | undefined;
|
|
2692
2878
|
requiresOAuth?: boolean | undefined;
|
|
2693
2879
|
oauth?: {
|
|
@@ -2710,29 +2896,31 @@ export declare const MCPServersSchema: z.ZodRecord<z.ZodString, z.ZodUnion<[z.Zo
|
|
|
2710
2896
|
} | undefined;
|
|
2711
2897
|
oauth_headers?: Record<string, string> | undefined;
|
|
2712
2898
|
apiKey?: {
|
|
2713
|
-
source: "
|
|
2899
|
+
source: "user" | "admin";
|
|
2714
2900
|
authorization_type: "custom" | "basic" | "bearer";
|
|
2715
2901
|
key?: string | undefined;
|
|
2716
2902
|
custom_header?: string | undefined;
|
|
2717
2903
|
} | undefined;
|
|
2718
2904
|
customUserVars?: Record<string, {
|
|
2719
|
-
title: string;
|
|
2720
2905
|
description: string;
|
|
2906
|
+
title: string;
|
|
2907
|
+
sensitive?: boolean | undefined;
|
|
2721
2908
|
}> | undefined;
|
|
2722
|
-
|
|
2909
|
+
obo?: undefined;
|
|
2723
2910
|
stderr?: number | "pipe" | "ignore" | "inherit" | undefined;
|
|
2724
2911
|
}, {
|
|
2725
2912
|
command: string;
|
|
2726
2913
|
args: string[];
|
|
2727
2914
|
type?: "stdio" | undefined;
|
|
2728
|
-
title?: string | undefined;
|
|
2729
2915
|
description?: string | undefined;
|
|
2916
|
+
title?: string | undefined;
|
|
2917
|
+
chatMenu?: boolean | undefined;
|
|
2918
|
+
env?: Record<string, string> | undefined;
|
|
2730
2919
|
startup?: boolean | undefined;
|
|
2731
2920
|
iconPath?: string | undefined;
|
|
2732
2921
|
timeout?: number | undefined;
|
|
2733
2922
|
sseReadTimeout?: number | undefined;
|
|
2734
2923
|
initTimeout?: number | undefined;
|
|
2735
|
-
chatMenu?: boolean | undefined;
|
|
2736
2924
|
serverInstructions?: string | boolean | undefined;
|
|
2737
2925
|
requiresOAuth?: boolean | undefined;
|
|
2738
2926
|
oauth?: {
|
|
@@ -2755,16 +2943,17 @@ export declare const MCPServersSchema: z.ZodRecord<z.ZodString, z.ZodUnion<[z.Zo
|
|
|
2755
2943
|
} | undefined;
|
|
2756
2944
|
oauth_headers?: Record<string, string> | undefined;
|
|
2757
2945
|
apiKey?: {
|
|
2758
|
-
source: "
|
|
2946
|
+
source: "user" | "admin";
|
|
2759
2947
|
authorization_type: "custom" | "basic" | "bearer";
|
|
2760
2948
|
key?: string | undefined;
|
|
2761
2949
|
custom_header?: string | undefined;
|
|
2762
2950
|
} | undefined;
|
|
2763
2951
|
customUserVars?: Record<string, {
|
|
2764
|
-
title: string;
|
|
2765
2952
|
description: string;
|
|
2953
|
+
title: string;
|
|
2954
|
+
sensitive?: boolean | undefined;
|
|
2766
2955
|
}> | undefined;
|
|
2767
|
-
|
|
2956
|
+
obo?: undefined;
|
|
2768
2957
|
stderr?: number | "pipe" | "ignore" | "inherit" | undefined;
|
|
2769
2958
|
}>, z.ZodObject<{
|
|
2770
2959
|
/** Display name for the MCP server - only letters, numbers, and spaces allowed */
|
|
@@ -2804,9 +2993,9 @@ export declare const MCPServersSchema: z.ZodRecord<z.ZodString, z.ZodUnion<[z.Zo
|
|
|
2804
2993
|
*/
|
|
2805
2994
|
oauth: z.ZodOptional<z.ZodEffects<z.ZodObject<{
|
|
2806
2995
|
/** OAuth authorization endpoint (optional - can be auto-discovered) */
|
|
2807
|
-
authorization_url: z.ZodOptional<z.ZodString
|
|
2996
|
+
authorization_url: z.ZodOptional<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>>;
|
|
2808
2997
|
/** OAuth token endpoint (optional - can be auto-discovered) */
|
|
2809
|
-
token_url: z.ZodOptional<z.ZodString
|
|
2998
|
+
token_url: z.ZodOptional<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>>;
|
|
2810
2999
|
/** OAuth client ID (optional - can use dynamic registration) */
|
|
2811
3000
|
client_id: z.ZodOptional<z.ZodString>;
|
|
2812
3001
|
/** OAuth client secret (requires explicit authorization and token endpoints) */
|
|
@@ -2814,7 +3003,7 @@ export declare const MCPServersSchema: z.ZodRecord<z.ZodString, z.ZodUnion<[z.Zo
|
|
|
2814
3003
|
/** OAuth scopes to request */
|
|
2815
3004
|
scope: z.ZodOptional<z.ZodString>;
|
|
2816
3005
|
/** OAuth redirect URI (defaults to /api/mcp/{serverName}/oauth/callback) */
|
|
2817
|
-
redirect_uri: z.ZodOptional<z.ZodString
|
|
3006
|
+
redirect_uri: z.ZodOptional<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>>;
|
|
2818
3007
|
/** Token exchange method */
|
|
2819
3008
|
token_exchange_method: z.ZodOptional<z.ZodNativeEnum<typeof TokenExchangeMethodEnum>>;
|
|
2820
3009
|
/** Supported grant types (defaults to ['authorization_code', 'refresh_token']) */
|
|
@@ -2865,7 +3054,7 @@ export declare const MCPServersSchema: z.ZodRecord<z.ZodString, z.ZodUnion<[z.Zo
|
|
|
2865
3054
|
*/
|
|
2866
3055
|
forward_audience_on_refresh: z.ZodOptional<z.ZodBoolean>;
|
|
2867
3056
|
/** OAuth revocation endpoint (optional - can be auto-discovered) */
|
|
2868
|
-
revocation_endpoint: z.ZodOptional<z.ZodString
|
|
3057
|
+
revocation_endpoint: z.ZodOptional<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>>;
|
|
2869
3058
|
/** OAuth revocation endpoint authentication methods supported (optional - can be auto-discovered) */
|
|
2870
3059
|
revocation_endpoint_auth_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
2871
3060
|
}, "strip", z.ZodTypeAny, {
|
|
@@ -2954,12 +3143,12 @@ export declare const MCPServersSchema: z.ZodRecord<z.ZodString, z.ZodUnion<[z.Zo
|
|
|
2954
3143
|
/** Custom header name when authorization_type is 'custom' */
|
|
2955
3144
|
custom_header: z.ZodOptional<z.ZodString>;
|
|
2956
3145
|
}, "strip", z.ZodTypeAny, {
|
|
2957
|
-
source: "
|
|
3146
|
+
source: "user" | "admin";
|
|
2958
3147
|
authorization_type: "custom" | "basic" | "bearer";
|
|
2959
3148
|
key?: string | undefined;
|
|
2960
3149
|
custom_header?: string | undefined;
|
|
2961
3150
|
}, {
|
|
2962
|
-
source: "
|
|
3151
|
+
source: "user" | "admin";
|
|
2963
3152
|
authorization_type: "custom" | "basic" | "bearer";
|
|
2964
3153
|
key?: string | undefined;
|
|
2965
3154
|
custom_header?: string | undefined;
|
|
@@ -2967,27 +3156,36 @@ export declare const MCPServersSchema: z.ZodRecord<z.ZodString, z.ZodUnion<[z.Zo
|
|
|
2967
3156
|
customUserVars: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodObject<{
|
|
2968
3157
|
title: z.ZodString;
|
|
2969
3158
|
description: z.ZodString;
|
|
3159
|
+
/**
|
|
3160
|
+
* Whether the field holds a secret and should be masked in the UI.
|
|
3161
|
+
* Defaults to masked when omitted; set to `false` for non-secret setup
|
|
3162
|
+
* values (e.g. username, project key, base URL) to render as plain text.
|
|
3163
|
+
*/
|
|
3164
|
+
sensitive: z.ZodOptional<z.ZodBoolean>;
|
|
2970
3165
|
}, "strip", z.ZodTypeAny, {
|
|
2971
|
-
title: string;
|
|
2972
3166
|
description: string;
|
|
2973
|
-
}, {
|
|
2974
3167
|
title: string;
|
|
3168
|
+
sensitive?: boolean | undefined;
|
|
3169
|
+
}, {
|
|
2975
3170
|
description: string;
|
|
3171
|
+
title: string;
|
|
3172
|
+
sensitive?: boolean | undefined;
|
|
2976
3173
|
}>>>;
|
|
2977
3174
|
} & {
|
|
2978
3175
|
type: z.ZodDefault<z.ZodLiteral<"websocket">>;
|
|
3176
|
+
obo: z.ZodOptional<z.ZodUndefined>;
|
|
2979
3177
|
url: z.ZodEffects<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>, string, string>;
|
|
2980
3178
|
}, "strip", z.ZodTypeAny, {
|
|
2981
3179
|
type: "websocket";
|
|
2982
3180
|
url: string;
|
|
2983
|
-
title?: string | undefined;
|
|
2984
3181
|
description?: string | undefined;
|
|
3182
|
+
title?: string | undefined;
|
|
3183
|
+
chatMenu?: boolean | undefined;
|
|
2985
3184
|
startup?: boolean | undefined;
|
|
2986
3185
|
iconPath?: string | undefined;
|
|
2987
3186
|
timeout?: number | undefined;
|
|
2988
3187
|
sseReadTimeout?: number | undefined;
|
|
2989
3188
|
initTimeout?: number | undefined;
|
|
2990
|
-
chatMenu?: boolean | undefined;
|
|
2991
3189
|
serverInstructions?: string | boolean | undefined;
|
|
2992
3190
|
requiresOAuth?: boolean | undefined;
|
|
2993
3191
|
oauth?: {
|
|
@@ -3010,26 +3208,28 @@ export declare const MCPServersSchema: z.ZodRecord<z.ZodString, z.ZodUnion<[z.Zo
|
|
|
3010
3208
|
} | undefined;
|
|
3011
3209
|
oauth_headers?: Record<string, string> | undefined;
|
|
3012
3210
|
apiKey?: {
|
|
3013
|
-
source: "
|
|
3211
|
+
source: "user" | "admin";
|
|
3014
3212
|
authorization_type: "custom" | "basic" | "bearer";
|
|
3015
3213
|
key?: string | undefined;
|
|
3016
3214
|
custom_header?: string | undefined;
|
|
3017
3215
|
} | undefined;
|
|
3018
3216
|
customUserVars?: Record<string, {
|
|
3019
|
-
title: string;
|
|
3020
3217
|
description: string;
|
|
3218
|
+
title: string;
|
|
3219
|
+
sensitive?: boolean | undefined;
|
|
3021
3220
|
}> | undefined;
|
|
3221
|
+
obo?: undefined;
|
|
3022
3222
|
}, {
|
|
3023
3223
|
url: string;
|
|
3024
3224
|
type?: "websocket" | undefined;
|
|
3025
|
-
title?: string | undefined;
|
|
3026
3225
|
description?: string | undefined;
|
|
3226
|
+
title?: string | undefined;
|
|
3227
|
+
chatMenu?: boolean | undefined;
|
|
3027
3228
|
startup?: boolean | undefined;
|
|
3028
3229
|
iconPath?: string | undefined;
|
|
3029
3230
|
timeout?: number | undefined;
|
|
3030
3231
|
sseReadTimeout?: number | undefined;
|
|
3031
3232
|
initTimeout?: number | undefined;
|
|
3032
|
-
chatMenu?: boolean | undefined;
|
|
3033
3233
|
serverInstructions?: string | boolean | undefined;
|
|
3034
3234
|
requiresOAuth?: boolean | undefined;
|
|
3035
3235
|
oauth?: {
|
|
@@ -3052,15 +3252,17 @@ export declare const MCPServersSchema: z.ZodRecord<z.ZodString, z.ZodUnion<[z.Zo
|
|
|
3052
3252
|
} | undefined;
|
|
3053
3253
|
oauth_headers?: Record<string, string> | undefined;
|
|
3054
3254
|
apiKey?: {
|
|
3055
|
-
source: "
|
|
3255
|
+
source: "user" | "admin";
|
|
3056
3256
|
authorization_type: "custom" | "basic" | "bearer";
|
|
3057
3257
|
key?: string | undefined;
|
|
3058
3258
|
custom_header?: string | undefined;
|
|
3059
3259
|
} | undefined;
|
|
3060
3260
|
customUserVars?: Record<string, {
|
|
3061
|
-
title: string;
|
|
3062
3261
|
description: string;
|
|
3262
|
+
title: string;
|
|
3263
|
+
sensitive?: boolean | undefined;
|
|
3063
3264
|
}> | undefined;
|
|
3265
|
+
obo?: undefined;
|
|
3064
3266
|
}>, z.ZodObject<{
|
|
3065
3267
|
/** Display name for the MCP server - only letters, numbers, and spaces allowed */
|
|
3066
3268
|
title: z.ZodOptional<z.ZodString>;
|
|
@@ -3099,9 +3301,9 @@ export declare const MCPServersSchema: z.ZodRecord<z.ZodString, z.ZodUnion<[z.Zo
|
|
|
3099
3301
|
*/
|
|
3100
3302
|
oauth: z.ZodOptional<z.ZodEffects<z.ZodObject<{
|
|
3101
3303
|
/** OAuth authorization endpoint (optional - can be auto-discovered) */
|
|
3102
|
-
authorization_url: z.ZodOptional<z.ZodString
|
|
3304
|
+
authorization_url: z.ZodOptional<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>>;
|
|
3103
3305
|
/** OAuth token endpoint (optional - can be auto-discovered) */
|
|
3104
|
-
token_url: z.ZodOptional<z.ZodString
|
|
3306
|
+
token_url: z.ZodOptional<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>>;
|
|
3105
3307
|
/** OAuth client ID (optional - can use dynamic registration) */
|
|
3106
3308
|
client_id: z.ZodOptional<z.ZodString>;
|
|
3107
3309
|
/** OAuth client secret (requires explicit authorization and token endpoints) */
|
|
@@ -3109,7 +3311,7 @@ export declare const MCPServersSchema: z.ZodRecord<z.ZodString, z.ZodUnion<[z.Zo
|
|
|
3109
3311
|
/** OAuth scopes to request */
|
|
3110
3312
|
scope: z.ZodOptional<z.ZodString>;
|
|
3111
3313
|
/** OAuth redirect URI (defaults to /api/mcp/{serverName}/oauth/callback) */
|
|
3112
|
-
redirect_uri: z.ZodOptional<z.ZodString
|
|
3314
|
+
redirect_uri: z.ZodOptional<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>>;
|
|
3113
3315
|
/** Token exchange method */
|
|
3114
3316
|
token_exchange_method: z.ZodOptional<z.ZodNativeEnum<typeof TokenExchangeMethodEnum>>;
|
|
3115
3317
|
/** Supported grant types (defaults to ['authorization_code', 'refresh_token']) */
|
|
@@ -3160,7 +3362,7 @@ export declare const MCPServersSchema: z.ZodRecord<z.ZodString, z.ZodUnion<[z.Zo
|
|
|
3160
3362
|
*/
|
|
3161
3363
|
forward_audience_on_refresh: z.ZodOptional<z.ZodBoolean>;
|
|
3162
3364
|
/** OAuth revocation endpoint (optional - can be auto-discovered) */
|
|
3163
|
-
revocation_endpoint: z.ZodOptional<z.ZodString
|
|
3365
|
+
revocation_endpoint: z.ZodOptional<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>>;
|
|
3164
3366
|
/** OAuth revocation endpoint authentication methods supported (optional - can be auto-discovered) */
|
|
3165
3367
|
revocation_endpoint_auth_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
3166
3368
|
}, "strip", z.ZodTypeAny, {
|
|
@@ -3249,12 +3451,12 @@ export declare const MCPServersSchema: z.ZodRecord<z.ZodString, z.ZodUnion<[z.Zo
|
|
|
3249
3451
|
/** Custom header name when authorization_type is 'custom' */
|
|
3250
3452
|
custom_header: z.ZodOptional<z.ZodString>;
|
|
3251
3453
|
}, "strip", z.ZodTypeAny, {
|
|
3252
|
-
source: "
|
|
3454
|
+
source: "user" | "admin";
|
|
3253
3455
|
authorization_type: "custom" | "basic" | "bearer";
|
|
3254
3456
|
key?: string | undefined;
|
|
3255
3457
|
custom_header?: string | undefined;
|
|
3256
3458
|
}, {
|
|
3257
|
-
source: "
|
|
3459
|
+
source: "user" | "admin";
|
|
3258
3460
|
authorization_type: "custom" | "basic" | "bearer";
|
|
3259
3461
|
key?: string | undefined;
|
|
3260
3462
|
custom_header?: string | undefined;
|
|
@@ -3262,30 +3464,53 @@ export declare const MCPServersSchema: z.ZodRecord<z.ZodString, z.ZodUnion<[z.Zo
|
|
|
3262
3464
|
customUserVars: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodObject<{
|
|
3263
3465
|
title: z.ZodString;
|
|
3264
3466
|
description: z.ZodString;
|
|
3467
|
+
/**
|
|
3468
|
+
* Whether the field holds a secret and should be masked in the UI.
|
|
3469
|
+
* Defaults to masked when omitted; set to `false` for non-secret setup
|
|
3470
|
+
* values (e.g. username, project key, base URL) to render as plain text.
|
|
3471
|
+
*/
|
|
3472
|
+
sensitive: z.ZodOptional<z.ZodBoolean>;
|
|
3265
3473
|
}, "strip", z.ZodTypeAny, {
|
|
3266
|
-
title: string;
|
|
3267
3474
|
description: string;
|
|
3268
|
-
}, {
|
|
3269
3475
|
title: string;
|
|
3476
|
+
sensitive?: boolean | undefined;
|
|
3477
|
+
}, {
|
|
3270
3478
|
description: string;
|
|
3479
|
+
title: string;
|
|
3480
|
+
sensitive?: boolean | undefined;
|
|
3271
3481
|
}>>>;
|
|
3272
3482
|
} & {
|
|
3273
3483
|
type: z.ZodDefault<z.ZodLiteral<"sse">>;
|
|
3274
3484
|
headers: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodString>>;
|
|
3485
|
+
/**
|
|
3486
|
+
* On-Behalf-Of (OBO) token exchange configuration.
|
|
3487
|
+
* When configured, LibreChat exchanges the logged-in user's federated access token
|
|
3488
|
+
* for a token scoped to this MCP server via the OAuth 2.0 OBO flow (jwt-bearer grant).
|
|
3489
|
+
* The exchanged token is injected as a Bearer Authorization header automatically.
|
|
3490
|
+
* Requires the user to be authenticated via OpenID Connect (e.g., Entra ID).
|
|
3491
|
+
*/
|
|
3492
|
+
obo: z.ZodOptional<z.ZodObject<{
|
|
3493
|
+
/** Scopes to request for the downstream MCP server (e.g., "api://<client-id>/Mcp.Tools.ReadWrite") */
|
|
3494
|
+
scopes: z.ZodString;
|
|
3495
|
+
}, "strip", z.ZodTypeAny, {
|
|
3496
|
+
scopes: string;
|
|
3497
|
+
}, {
|
|
3498
|
+
scopes: string;
|
|
3499
|
+
}>>;
|
|
3275
3500
|
/** Optional outbound proxy URL for this remote MCP transport */
|
|
3276
3501
|
proxy: z.ZodOptional<z.ZodEffects<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>, string, string>>;
|
|
3277
3502
|
url: z.ZodEffects<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>, string, string>;
|
|
3278
3503
|
}, "strip", z.ZodTypeAny, {
|
|
3279
3504
|
type: "sse";
|
|
3280
3505
|
url: string;
|
|
3281
|
-
title?: string | undefined;
|
|
3282
3506
|
description?: string | undefined;
|
|
3507
|
+
title?: string | undefined;
|
|
3508
|
+
chatMenu?: boolean | undefined;
|
|
3283
3509
|
startup?: boolean | undefined;
|
|
3284
3510
|
iconPath?: string | undefined;
|
|
3285
3511
|
timeout?: number | undefined;
|
|
3286
3512
|
sseReadTimeout?: number | undefined;
|
|
3287
3513
|
initTimeout?: number | undefined;
|
|
3288
|
-
chatMenu?: boolean | undefined;
|
|
3289
3514
|
serverInstructions?: string | boolean | undefined;
|
|
3290
3515
|
requiresOAuth?: boolean | undefined;
|
|
3291
3516
|
oauth?: {
|
|
@@ -3308,28 +3533,32 @@ export declare const MCPServersSchema: z.ZodRecord<z.ZodString, z.ZodUnion<[z.Zo
|
|
|
3308
3533
|
} | undefined;
|
|
3309
3534
|
oauth_headers?: Record<string, string> | undefined;
|
|
3310
3535
|
apiKey?: {
|
|
3311
|
-
source: "
|
|
3536
|
+
source: "user" | "admin";
|
|
3312
3537
|
authorization_type: "custom" | "basic" | "bearer";
|
|
3313
3538
|
key?: string | undefined;
|
|
3314
3539
|
custom_header?: string | undefined;
|
|
3315
3540
|
} | undefined;
|
|
3316
3541
|
customUserVars?: Record<string, {
|
|
3317
|
-
title: string;
|
|
3318
3542
|
description: string;
|
|
3543
|
+
title: string;
|
|
3544
|
+
sensitive?: boolean | undefined;
|
|
3319
3545
|
}> | undefined;
|
|
3546
|
+
obo?: {
|
|
3547
|
+
scopes: string;
|
|
3548
|
+
} | undefined;
|
|
3320
3549
|
headers?: Record<string, string> | undefined;
|
|
3321
3550
|
proxy?: string | undefined;
|
|
3322
3551
|
}, {
|
|
3323
3552
|
url: string;
|
|
3324
3553
|
type?: "sse" | undefined;
|
|
3325
|
-
title?: string | undefined;
|
|
3326
3554
|
description?: string | undefined;
|
|
3555
|
+
title?: string | undefined;
|
|
3556
|
+
chatMenu?: boolean | undefined;
|
|
3327
3557
|
startup?: boolean | undefined;
|
|
3328
3558
|
iconPath?: string | undefined;
|
|
3329
3559
|
timeout?: number | undefined;
|
|
3330
3560
|
sseReadTimeout?: number | undefined;
|
|
3331
3561
|
initTimeout?: number | undefined;
|
|
3332
|
-
chatMenu?: boolean | undefined;
|
|
3333
3562
|
serverInstructions?: string | boolean | undefined;
|
|
3334
3563
|
requiresOAuth?: boolean | undefined;
|
|
3335
3564
|
oauth?: {
|
|
@@ -3352,15 +3581,19 @@ export declare const MCPServersSchema: z.ZodRecord<z.ZodString, z.ZodUnion<[z.Zo
|
|
|
3352
3581
|
} | undefined;
|
|
3353
3582
|
oauth_headers?: Record<string, string> | undefined;
|
|
3354
3583
|
apiKey?: {
|
|
3355
|
-
source: "
|
|
3584
|
+
source: "user" | "admin";
|
|
3356
3585
|
authorization_type: "custom" | "basic" | "bearer";
|
|
3357
3586
|
key?: string | undefined;
|
|
3358
3587
|
custom_header?: string | undefined;
|
|
3359
3588
|
} | undefined;
|
|
3360
3589
|
customUserVars?: Record<string, {
|
|
3361
|
-
title: string;
|
|
3362
3590
|
description: string;
|
|
3591
|
+
title: string;
|
|
3592
|
+
sensitive?: boolean | undefined;
|
|
3363
3593
|
}> | undefined;
|
|
3594
|
+
obo?: {
|
|
3595
|
+
scopes: string;
|
|
3596
|
+
} | undefined;
|
|
3364
3597
|
headers?: Record<string, string> | undefined;
|
|
3365
3598
|
proxy?: string | undefined;
|
|
3366
3599
|
}>, z.ZodObject<{
|
|
@@ -3401,9 +3634,9 @@ export declare const MCPServersSchema: z.ZodRecord<z.ZodString, z.ZodUnion<[z.Zo
|
|
|
3401
3634
|
*/
|
|
3402
3635
|
oauth: z.ZodOptional<z.ZodEffects<z.ZodObject<{
|
|
3403
3636
|
/** OAuth authorization endpoint (optional - can be auto-discovered) */
|
|
3404
|
-
authorization_url: z.ZodOptional<z.ZodString
|
|
3637
|
+
authorization_url: z.ZodOptional<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>>;
|
|
3405
3638
|
/** OAuth token endpoint (optional - can be auto-discovered) */
|
|
3406
|
-
token_url: z.ZodOptional<z.ZodString
|
|
3639
|
+
token_url: z.ZodOptional<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>>;
|
|
3407
3640
|
/** OAuth client ID (optional - can use dynamic registration) */
|
|
3408
3641
|
client_id: z.ZodOptional<z.ZodString>;
|
|
3409
3642
|
/** OAuth client secret (requires explicit authorization and token endpoints) */
|
|
@@ -3411,7 +3644,7 @@ export declare const MCPServersSchema: z.ZodRecord<z.ZodString, z.ZodUnion<[z.Zo
|
|
|
3411
3644
|
/** OAuth scopes to request */
|
|
3412
3645
|
scope: z.ZodOptional<z.ZodString>;
|
|
3413
3646
|
/** OAuth redirect URI (defaults to /api/mcp/{serverName}/oauth/callback) */
|
|
3414
|
-
redirect_uri: z.ZodOptional<z.ZodString
|
|
3647
|
+
redirect_uri: z.ZodOptional<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>>;
|
|
3415
3648
|
/** Token exchange method */
|
|
3416
3649
|
token_exchange_method: z.ZodOptional<z.ZodNativeEnum<typeof TokenExchangeMethodEnum>>;
|
|
3417
3650
|
/** Supported grant types (defaults to ['authorization_code', 'refresh_token']) */
|
|
@@ -3462,7 +3695,7 @@ export declare const MCPServersSchema: z.ZodRecord<z.ZodString, z.ZodUnion<[z.Zo
|
|
|
3462
3695
|
*/
|
|
3463
3696
|
forward_audience_on_refresh: z.ZodOptional<z.ZodBoolean>;
|
|
3464
3697
|
/** OAuth revocation endpoint (optional - can be auto-discovered) */
|
|
3465
|
-
revocation_endpoint: z.ZodOptional<z.ZodString
|
|
3698
|
+
revocation_endpoint: z.ZodOptional<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>>;
|
|
3466
3699
|
/** OAuth revocation endpoint authentication methods supported (optional - can be auto-discovered) */
|
|
3467
3700
|
revocation_endpoint_auth_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
3468
3701
|
}, "strip", z.ZodTypeAny, {
|
|
@@ -3551,12 +3784,12 @@ export declare const MCPServersSchema: z.ZodRecord<z.ZodString, z.ZodUnion<[z.Zo
|
|
|
3551
3784
|
/** Custom header name when authorization_type is 'custom' */
|
|
3552
3785
|
custom_header: z.ZodOptional<z.ZodString>;
|
|
3553
3786
|
}, "strip", z.ZodTypeAny, {
|
|
3554
|
-
source: "
|
|
3787
|
+
source: "user" | "admin";
|
|
3555
3788
|
authorization_type: "custom" | "basic" | "bearer";
|
|
3556
3789
|
key?: string | undefined;
|
|
3557
3790
|
custom_header?: string | undefined;
|
|
3558
3791
|
}, {
|
|
3559
|
-
source: "
|
|
3792
|
+
source: "user" | "admin";
|
|
3560
3793
|
authorization_type: "custom" | "basic" | "bearer";
|
|
3561
3794
|
key?: string | undefined;
|
|
3562
3795
|
custom_header?: string | undefined;
|
|
@@ -3564,30 +3797,53 @@ export declare const MCPServersSchema: z.ZodRecord<z.ZodString, z.ZodUnion<[z.Zo
|
|
|
3564
3797
|
customUserVars: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodObject<{
|
|
3565
3798
|
title: z.ZodString;
|
|
3566
3799
|
description: z.ZodString;
|
|
3800
|
+
/**
|
|
3801
|
+
* Whether the field holds a secret and should be masked in the UI.
|
|
3802
|
+
* Defaults to masked when omitted; set to `false` for non-secret setup
|
|
3803
|
+
* values (e.g. username, project key, base URL) to render as plain text.
|
|
3804
|
+
*/
|
|
3805
|
+
sensitive: z.ZodOptional<z.ZodBoolean>;
|
|
3567
3806
|
}, "strip", z.ZodTypeAny, {
|
|
3568
|
-
title: string;
|
|
3569
3807
|
description: string;
|
|
3570
|
-
}, {
|
|
3571
3808
|
title: string;
|
|
3809
|
+
sensitive?: boolean | undefined;
|
|
3810
|
+
}, {
|
|
3572
3811
|
description: string;
|
|
3812
|
+
title: string;
|
|
3813
|
+
sensitive?: boolean | undefined;
|
|
3573
3814
|
}>>>;
|
|
3574
3815
|
} & {
|
|
3575
3816
|
type: z.ZodUnion<[z.ZodLiteral<"streamable-http">, z.ZodLiteral<"http">]>;
|
|
3576
3817
|
headers: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodString>>;
|
|
3818
|
+
/**
|
|
3819
|
+
* On-Behalf-Of (OBO) token exchange configuration.
|
|
3820
|
+
* When configured, LibreChat exchanges the logged-in user's federated access token
|
|
3821
|
+
* for a token scoped to this MCP server via the OAuth 2.0 OBO flow (jwt-bearer grant).
|
|
3822
|
+
* The exchanged token is injected as a Bearer Authorization header automatically.
|
|
3823
|
+
* Requires the user to be authenticated via OpenID Connect (e.g., Entra ID).
|
|
3824
|
+
*/
|
|
3825
|
+
obo: z.ZodOptional<z.ZodObject<{
|
|
3826
|
+
/** Scopes to request for the downstream MCP server (e.g., "api://<client-id>/Mcp.Tools.ReadWrite") */
|
|
3827
|
+
scopes: z.ZodString;
|
|
3828
|
+
}, "strip", z.ZodTypeAny, {
|
|
3829
|
+
scopes: string;
|
|
3830
|
+
}, {
|
|
3831
|
+
scopes: string;
|
|
3832
|
+
}>>;
|
|
3577
3833
|
/** Optional outbound proxy URL for this remote MCP transport */
|
|
3578
3834
|
proxy: z.ZodOptional<z.ZodEffects<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>, string, string>>;
|
|
3579
3835
|
url: z.ZodEffects<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>, string, string>;
|
|
3580
3836
|
}, "strip", z.ZodTypeAny, {
|
|
3581
3837
|
type: "streamable-http" | "http";
|
|
3582
3838
|
url: string;
|
|
3583
|
-
title?: string | undefined;
|
|
3584
3839
|
description?: string | undefined;
|
|
3840
|
+
title?: string | undefined;
|
|
3841
|
+
chatMenu?: boolean | undefined;
|
|
3585
3842
|
startup?: boolean | undefined;
|
|
3586
3843
|
iconPath?: string | undefined;
|
|
3587
3844
|
timeout?: number | undefined;
|
|
3588
3845
|
sseReadTimeout?: number | undefined;
|
|
3589
3846
|
initTimeout?: number | undefined;
|
|
3590
|
-
chatMenu?: boolean | undefined;
|
|
3591
3847
|
serverInstructions?: string | boolean | undefined;
|
|
3592
3848
|
requiresOAuth?: boolean | undefined;
|
|
3593
3849
|
oauth?: {
|
|
@@ -3610,28 +3866,32 @@ export declare const MCPServersSchema: z.ZodRecord<z.ZodString, z.ZodUnion<[z.Zo
|
|
|
3610
3866
|
} | undefined;
|
|
3611
3867
|
oauth_headers?: Record<string, string> | undefined;
|
|
3612
3868
|
apiKey?: {
|
|
3613
|
-
source: "
|
|
3869
|
+
source: "user" | "admin";
|
|
3614
3870
|
authorization_type: "custom" | "basic" | "bearer";
|
|
3615
3871
|
key?: string | undefined;
|
|
3616
3872
|
custom_header?: string | undefined;
|
|
3617
3873
|
} | undefined;
|
|
3618
3874
|
customUserVars?: Record<string, {
|
|
3619
|
-
title: string;
|
|
3620
3875
|
description: string;
|
|
3876
|
+
title: string;
|
|
3877
|
+
sensitive?: boolean | undefined;
|
|
3621
3878
|
}> | undefined;
|
|
3879
|
+
obo?: {
|
|
3880
|
+
scopes: string;
|
|
3881
|
+
} | undefined;
|
|
3622
3882
|
headers?: Record<string, string> | undefined;
|
|
3623
3883
|
proxy?: string | undefined;
|
|
3624
3884
|
}, {
|
|
3625
3885
|
type: "streamable-http" | "http";
|
|
3626
3886
|
url: string;
|
|
3627
|
-
title?: string | undefined;
|
|
3628
3887
|
description?: string | undefined;
|
|
3888
|
+
title?: string | undefined;
|
|
3889
|
+
chatMenu?: boolean | undefined;
|
|
3629
3890
|
startup?: boolean | undefined;
|
|
3630
3891
|
iconPath?: string | undefined;
|
|
3631
3892
|
timeout?: number | undefined;
|
|
3632
3893
|
sseReadTimeout?: number | undefined;
|
|
3633
3894
|
initTimeout?: number | undefined;
|
|
3634
|
-
chatMenu?: boolean | undefined;
|
|
3635
3895
|
serverInstructions?: string | boolean | undefined;
|
|
3636
3896
|
requiresOAuth?: boolean | undefined;
|
|
3637
3897
|
oauth?: {
|
|
@@ -3654,15 +3914,19 @@ export declare const MCPServersSchema: z.ZodRecord<z.ZodString, z.ZodUnion<[z.Zo
|
|
|
3654
3914
|
} | undefined;
|
|
3655
3915
|
oauth_headers?: Record<string, string> | undefined;
|
|
3656
3916
|
apiKey?: {
|
|
3657
|
-
source: "
|
|
3917
|
+
source: "user" | "admin";
|
|
3658
3918
|
authorization_type: "custom" | "basic" | "bearer";
|
|
3659
3919
|
key?: string | undefined;
|
|
3660
3920
|
custom_header?: string | undefined;
|
|
3661
3921
|
} | undefined;
|
|
3662
3922
|
customUserVars?: Record<string, {
|
|
3663
|
-
title: string;
|
|
3664
3923
|
description: string;
|
|
3924
|
+
title: string;
|
|
3925
|
+
sensitive?: boolean | undefined;
|
|
3665
3926
|
}> | undefined;
|
|
3927
|
+
obo?: {
|
|
3928
|
+
scopes: string;
|
|
3929
|
+
} | undefined;
|
|
3666
3930
|
headers?: Record<string, string> | undefined;
|
|
3667
3931
|
proxy?: string | undefined;
|
|
3668
3932
|
}>]>>;
|
|
@@ -3691,18 +3955,18 @@ export declare const MCPServerUserInputSchema: z.ZodUnion<[z.ZodObject<{
|
|
|
3691
3955
|
client_id: z.ZodOptional<z.ZodString>;
|
|
3692
3956
|
client_secret: z.ZodOptional<z.ZodString>;
|
|
3693
3957
|
scope: z.ZodOptional<z.ZodString>;
|
|
3694
|
-
redirect_uri: z.ZodOptional<z.ZodString>;
|
|
3695
3958
|
token_exchange_method: z.ZodOptional<z.ZodNativeEnum<typeof TokenExchangeMethodEnum>>;
|
|
3696
3959
|
grant_types_supported: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
3697
3960
|
token_endpoint_auth_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
3698
3961
|
response_types_supported: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
3699
3962
|
code_challenge_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
3700
3963
|
skip_code_challenge_check: z.ZodOptional<z.ZodBoolean>;
|
|
3701
|
-
revocation_endpoint: z.ZodOptional<z.ZodString>;
|
|
3702
3964
|
revocation_endpoint_auth_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
3703
3965
|
} & {
|
|
3704
|
-
authorization_url: z.ZodOptional<z.ZodEffects<z.ZodString, string, string>>;
|
|
3705
|
-
token_url: z.ZodOptional<z.ZodEffects<z.ZodString, string, string>>;
|
|
3966
|
+
authorization_url: z.ZodOptional<z.ZodEffects<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>, string, string>>;
|
|
3967
|
+
token_url: z.ZodOptional<z.ZodEffects<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>, string, string>>;
|
|
3968
|
+
redirect_uri: z.ZodOptional<z.ZodEffects<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>, string, string>>;
|
|
3969
|
+
revocation_endpoint: z.ZodOptional<z.ZodEffects<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>, string, string>>;
|
|
3706
3970
|
audience: z.ZodOptional<z.ZodNever>;
|
|
3707
3971
|
forward_audience_on_refresh: z.ZodOptional<z.ZodNever>;
|
|
3708
3972
|
}, "strip", z.ZodTypeAny, {
|
|
@@ -3793,18 +4057,18 @@ export declare const MCPServerUserInputSchema: z.ZodUnion<[z.ZodObject<{
|
|
|
3793
4057
|
client_id: z.ZodOptional<z.ZodString>;
|
|
3794
4058
|
client_secret: z.ZodOptional<z.ZodString>;
|
|
3795
4059
|
scope: z.ZodOptional<z.ZodString>;
|
|
3796
|
-
redirect_uri: z.ZodOptional<z.ZodString>;
|
|
3797
4060
|
token_exchange_method: z.ZodOptional<z.ZodNativeEnum<typeof TokenExchangeMethodEnum>>;
|
|
3798
4061
|
grant_types_supported: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
3799
4062
|
token_endpoint_auth_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
3800
4063
|
response_types_supported: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
3801
4064
|
code_challenge_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
3802
4065
|
skip_code_challenge_check: z.ZodOptional<z.ZodBoolean>;
|
|
3803
|
-
revocation_endpoint: z.ZodOptional<z.ZodString>;
|
|
3804
4066
|
revocation_endpoint_auth_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
3805
4067
|
} & {
|
|
3806
|
-
authorization_url: z.ZodOptional<z.ZodEffects<z.ZodString, string, string>>;
|
|
3807
|
-
token_url: z.ZodOptional<z.ZodEffects<z.ZodString, string, string>>;
|
|
4068
|
+
authorization_url: z.ZodOptional<z.ZodEffects<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>, string, string>>;
|
|
4069
|
+
token_url: z.ZodOptional<z.ZodEffects<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>, string, string>>;
|
|
4070
|
+
redirect_uri: z.ZodOptional<z.ZodEffects<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>, string, string>>;
|
|
4071
|
+
revocation_endpoint: z.ZodOptional<z.ZodEffects<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>, string, string>>;
|
|
3808
4072
|
audience: z.ZodOptional<z.ZodNever>;
|
|
3809
4073
|
forward_audience_on_refresh: z.ZodOptional<z.ZodNever>;
|
|
3810
4074
|
}, "strip", z.ZodTypeAny, {
|
|
@@ -3898,18 +4162,18 @@ export declare const MCPServerUserInputSchema: z.ZodUnion<[z.ZodObject<{
|
|
|
3898
4162
|
client_id: z.ZodOptional<z.ZodString>;
|
|
3899
4163
|
client_secret: z.ZodOptional<z.ZodString>;
|
|
3900
4164
|
scope: z.ZodOptional<z.ZodString>;
|
|
3901
|
-
redirect_uri: z.ZodOptional<z.ZodString>;
|
|
3902
4165
|
token_exchange_method: z.ZodOptional<z.ZodNativeEnum<typeof TokenExchangeMethodEnum>>;
|
|
3903
4166
|
grant_types_supported: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
3904
4167
|
token_endpoint_auth_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
3905
4168
|
response_types_supported: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
3906
4169
|
code_challenge_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
3907
4170
|
skip_code_challenge_check: z.ZodOptional<z.ZodBoolean>;
|
|
3908
|
-
revocation_endpoint: z.ZodOptional<z.ZodString>;
|
|
3909
4171
|
revocation_endpoint_auth_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
3910
4172
|
} & {
|
|
3911
|
-
authorization_url: z.ZodOptional<z.ZodEffects<z.ZodString, string, string>>;
|
|
3912
|
-
token_url: z.ZodOptional<z.ZodEffects<z.ZodString, string, string>>;
|
|
4173
|
+
authorization_url: z.ZodOptional<z.ZodEffects<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>, string, string>>;
|
|
4174
|
+
token_url: z.ZodOptional<z.ZodEffects<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>, string, string>>;
|
|
4175
|
+
redirect_uri: z.ZodOptional<z.ZodEffects<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>, string, string>>;
|
|
4176
|
+
revocation_endpoint: z.ZodOptional<z.ZodEffects<z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodString>, string, string>>;
|
|
3913
4177
|
audience: z.ZodOptional<z.ZodNever>;
|
|
3914
4178
|
forward_audience_on_refresh: z.ZodOptional<z.ZodNever>;
|
|
3915
4179
|
}, "strip", z.ZodTypeAny, {
|
|
@@ -3998,3 +4262,18 @@ export declare const MCPServerUserInputSchema: z.ZodUnion<[z.ZodObject<{
|
|
|
3998
4262
|
url?: unknown;
|
|
3999
4263
|
}>]>;
|
|
4000
4264
|
export type MCPServerUserInput = z.infer<typeof MCPServerUserInputSchema>;
|
|
4265
|
+
/**
|
|
4266
|
+
* Set of every field name that may appear in a user-submitted MCP server config,
|
|
4267
|
+
* derived from `MCPServerUserInputSchema`'s union members. Used as the comparison
|
|
4268
|
+
* surface for the OBO lockdown check in `updateMCPServerController` so that
|
|
4269
|
+
* server-managed fields on the existing config (`dbId`, `source`, `author`,
|
|
4270
|
+
* `requiresOAuth`, `oauthMetadata`, etc.) don't show up as differences and
|
|
4271
|
+
* cause spurious 403s on legitimate saves.
|
|
4272
|
+
*
|
|
4273
|
+
* Schema-derived rather than hand-maintained: when a new field is added to
|
|
4274
|
+
* `BaseOptionsSchema` or any transport variant, it flows into this set
|
|
4275
|
+
* automatically. The OBO lockdown then locks the new field by default
|
|
4276
|
+
* (since it won't be in the hand-curated `OBO_USER_EDITABLE_FIELDS`
|
|
4277
|
+
* allowlist), preventing a silent privilege regression.
|
|
4278
|
+
*/
|
|
4279
|
+
export declare const MCP_USER_INPUT_FIELDS: ReadonlySet<string>;
|