zuplo 6.67.32 → 6.68.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (644) hide show
  1. package/README.md +9 -0
  2. package/docs/_index.md +44 -0
  3. package/docs/ai-gateway/apps.mdx +28 -0
  4. package/docs/ai-gateway/custom-providers.mdx +54 -0
  5. package/docs/ai-gateway/getting-started.mdx +224 -0
  6. package/docs/ai-gateway/guardrails.mdx +65 -0
  7. package/docs/ai-gateway/integrations/ai-sdk.mdx +109 -0
  8. package/docs/ai-gateway/integrations/claude-code.mdx +49 -0
  9. package/docs/ai-gateway/integrations/codex.mdx +78 -0
  10. package/docs/ai-gateway/integrations/goose.mdx +104 -0
  11. package/docs/ai-gateway/integrations/langchain.mdx +66 -0
  12. package/docs/ai-gateway/integrations/openai.mdx +99 -0
  13. package/docs/ai-gateway/introduction.mdx +85 -0
  14. package/docs/ai-gateway/managing-apps.mdx +46 -0
  15. package/docs/ai-gateway/managing-providers.mdx +66 -0
  16. package/docs/ai-gateway/managing-teams.mdx +63 -0
  17. package/docs/ai-gateway/policies/akamai-ai-firewall.mdx +125 -0
  18. package/docs/ai-gateway/policies/comet-opik-tracing.mdx +139 -0
  19. package/docs/ai-gateway/policies/galileo-tracing.mdx +147 -0
  20. package/docs/ai-gateway/providers.mdx +32 -0
  21. package/docs/ai-gateway/teams.mdx +38 -0
  22. package/docs/ai-gateway/universal-api.mdx +43 -0
  23. package/docs/ai-gateway/usage-limits.mdx +89 -0
  24. package/docs/api-management/introduction.md +127 -0
  25. package/docs/articles/accounts/audit-logs.mdx +227 -0
  26. package/docs/articles/accounts/billing.mdx +25 -0
  27. package/docs/articles/accounts/default-api-key.mdx +30 -0
  28. package/docs/articles/accounts/delete-account.mdx +36 -0
  29. package/docs/articles/accounts/enterprise-sso.mdx +116 -0
  30. package/docs/articles/accounts/managing-account-members.mdx +45 -0
  31. package/docs/articles/accounts/managing-project-members.mdx +37 -0
  32. package/docs/articles/accounts/members-and-roles.mdx +21 -0
  33. package/docs/articles/accounts/roles-and-permissions.mdx +115 -0
  34. package/docs/articles/accounts/zuplo-api-keys.mdx +94 -0
  35. package/docs/articles/add-api-to-backstage.mdx +216 -0
  36. package/docs/articles/advanced-path-matching.mdx +139 -0
  37. package/docs/articles/api-key-administration.mdx +47 -0
  38. package/docs/articles/api-key-api.mdx +220 -0
  39. package/docs/articles/api-key-authentication.mdx +195 -0
  40. package/docs/articles/api-key-buckets.mdx +61 -0
  41. package/docs/articles/api-key-end-users.mdx +52 -0
  42. package/docs/articles/api-key-leak-detection.mdx +75 -0
  43. package/docs/articles/api-key-management.mdx +100 -0
  44. package/docs/articles/api-key-react-component.mdx +90 -0
  45. package/docs/articles/api-key-service-limits.mdx +14 -0
  46. package/docs/articles/archiving-requests-to-storage.mdx +119 -0
  47. package/docs/articles/branch-based-deployments.mdx +184 -0
  48. package/docs/articles/bypass-policy-for-testing.mdx +117 -0
  49. package/docs/articles/check-ip-address.mdx +17 -0
  50. package/docs/articles/ci-cd-azure/basic-deployment.mdx +49 -0
  51. package/docs/articles/ci-cd-azure/deploy-and-test.mdx +47 -0
  52. package/docs/articles/ci-cd-azure/local-testing.mdx +59 -0
  53. package/docs/articles/ci-cd-azure/multi-stage-deployment.mdx +88 -0
  54. package/docs/articles/ci-cd-azure/pr-preview-environments.mdx +50 -0
  55. package/docs/articles/ci-cd-azure/tag-based-releases.mdx +37 -0
  56. package/docs/articles/ci-cd-bitbucket/basic-deployment.mdx +27 -0
  57. package/docs/articles/ci-cd-bitbucket/deploy-and-test.mdx +41 -0
  58. package/docs/articles/ci-cd-bitbucket/local-testing.mdx +34 -0
  59. package/docs/articles/ci-cd-bitbucket/multi-stage-deployment.mdx +52 -0
  60. package/docs/articles/ci-cd-bitbucket/pr-preview-environments.mdx +46 -0
  61. package/docs/articles/ci-cd-bitbucket/tag-based-releases.mdx +27 -0
  62. package/docs/articles/ci-cd-circleci/basic-deployment.mdx +34 -0
  63. package/docs/articles/ci-cd-circleci/deploy-and-test.mdx +44 -0
  64. package/docs/articles/ci-cd-circleci/local-testing.mdx +50 -0
  65. package/docs/articles/ci-cd-circleci/multi-stage-deployment.mdx +82 -0
  66. package/docs/articles/ci-cd-circleci/pr-preview-environments.mdx +47 -0
  67. package/docs/articles/ci-cd-circleci/tag-based-releases.mdx +38 -0
  68. package/docs/articles/ci-cd-github/basic-deployment.mdx +48 -0
  69. package/docs/articles/ci-cd-github/cleanup-on-branch-delete.mdx +123 -0
  70. package/docs/articles/ci-cd-github/deploy-and-test.mdx +82 -0
  71. package/docs/articles/ci-cd-github/local-testing.mdx +102 -0
  72. package/docs/articles/ci-cd-github/multi-stage-deployment.mdx +136 -0
  73. package/docs/articles/ci-cd-github/pr-preview-environments.mdx +106 -0
  74. package/docs/articles/ci-cd-github/tag-based-releases.mdx +99 -0
  75. package/docs/articles/ci-cd-gitlab/basic-deployment.mdx +28 -0
  76. package/docs/articles/ci-cd-gitlab/deploy-and-test.mdx +44 -0
  77. package/docs/articles/ci-cd-gitlab/local-testing.mdx +39 -0
  78. package/docs/articles/ci-cd-gitlab/mr-preview-environments.mdx +52 -0
  79. package/docs/articles/ci-cd-gitlab/multi-stage-deployment.mdx +64 -0
  80. package/docs/articles/ci-cd-gitlab/tag-based-releases.mdx +28 -0
  81. package/docs/articles/composite-policy-reference.mdx +284 -0
  82. package/docs/articles/configuring-auth0-for-mcp-auth.mdx +186 -0
  83. package/docs/articles/configuring-okta-for-mcp-auth.mdx +208 -0
  84. package/docs/articles/convert-urls-to-openapi.mdx +62 -0
  85. package/docs/articles/cors.mdx +447 -0
  86. package/docs/articles/custom-audit-log-policy.mdx +95 -0
  87. package/docs/articles/custom-ci-cd-azure.mdx +81 -0
  88. package/docs/articles/custom-ci-cd-bitbucket.mdx +80 -0
  89. package/docs/articles/custom-ci-cd-circleci.mdx +78 -0
  90. package/docs/articles/custom-ci-cd-github.mdx +99 -0
  91. package/docs/articles/custom-ci-cd-gitlab.mdx +79 -0
  92. package/docs/articles/custom-ci-cd.mdx +82 -0
  93. package/docs/articles/custom-code-patterns.md +418 -0
  94. package/docs/articles/custom-domains.mdx +258 -0
  95. package/docs/articles/custom-logging-example.mdx +139 -0
  96. package/docs/articles/ddos-protection.mdx +138 -0
  97. package/docs/articles/development-options.mdx +49 -0
  98. package/docs/articles/environment-variables.mdx +134 -0
  99. package/docs/articles/environments.mdx +143 -0
  100. package/docs/articles/fastly-zuplo-host-setup.mdx +41 -0
  101. package/docs/articles/github-deployment-testing.mdx +101 -0
  102. package/docs/articles/gke-with-upstream-auth-policy.mdx +192 -0
  103. package/docs/articles/graphql-security.mdx +180 -0
  104. package/docs/articles/handling-form-data.mdx +61 -0
  105. package/docs/articles/health-checks.mdx +109 -0
  106. package/docs/articles/hosting-options.mdx +70 -0
  107. package/docs/articles/lazy-load-configuration-into-cache.mdx +92 -0
  108. package/docs/articles/limits.mdx +98 -0
  109. package/docs/articles/local-development-debugging.mdx +44 -0
  110. package/docs/articles/local-development-env-variables.mdx +23 -0
  111. package/docs/articles/local-development-installing-packages.mdx +23 -0
  112. package/docs/articles/local-development-routes-designer.mdx +27 -0
  113. package/docs/articles/local-development-services.mdx +40 -0
  114. package/docs/articles/local-development-troubleshooting.mdx +56 -0
  115. package/docs/articles/local-development.mdx +81 -0
  116. package/docs/articles/log-plugin-aws-cloudwatch.mdx +83 -0
  117. package/docs/articles/log-plugin-datadog.mdx +84 -0
  118. package/docs/articles/log-plugin-dynatrace.mdx +75 -0
  119. package/docs/articles/log-plugin-gcp.mdx +75 -0
  120. package/docs/articles/log-plugin-loki.mdx +136 -0
  121. package/docs/articles/log-plugin-new-relic.mdx +84 -0
  122. package/docs/articles/log-plugin-splunk.mdx +104 -0
  123. package/docs/articles/log-plugin-sumo.mdx +73 -0
  124. package/docs/articles/log-plugin-vmware-log-insight.mdx +154 -0
  125. package/docs/articles/log-request-response-data.mdx +398 -0
  126. package/docs/articles/logging.mdx +115 -0
  127. package/docs/articles/manual-mcp-oauth-testing.mdx +193 -0
  128. package/docs/articles/mcp-quickstart.mdx +135 -0
  129. package/docs/articles/metrics-plugins.mdx +371 -0
  130. package/docs/articles/migrate-from-apigee.md +408 -0
  131. package/docs/articles/migrate-from-aws-api-gateway.md +248 -0
  132. package/docs/articles/migrate-from-azure-apim.md +292 -0
  133. package/docs/articles/migrate-from-kong.md +300 -0
  134. package/docs/articles/migration-overview.md +81 -0
  135. package/docs/articles/monetization/api-access.mdx +69 -0
  136. package/docs/articles/monetization/billing-models.md +520 -0
  137. package/docs/articles/monetization/developer-portal.md +167 -0
  138. package/docs/articles/monetization/features.mdx +98 -0
  139. package/docs/articles/monetization/index.mdx +113 -0
  140. package/docs/articles/monetization/meters.mdx +135 -0
  141. package/docs/articles/monetization/monetization-policy.md +314 -0
  142. package/docs/articles/monetization/plan-examples.mdx +366 -0
  143. package/docs/articles/monetization/plans.mdx +266 -0
  144. package/docs/articles/monetization/pricing-models.mdx +225 -0
  145. package/docs/articles/monetization/private-plans.md +154 -0
  146. package/docs/articles/monetization/quickstart.md +355 -0
  147. package/docs/articles/monetization/rate-cards.mdx +171 -0
  148. package/docs/articles/monetization/stripe-integration.md +195 -0
  149. package/docs/articles/monetization/subscription-lifecycle.md +298 -0
  150. package/docs/articles/monetization/tax-collection.md +166 -0
  151. package/docs/articles/monetization/troubleshooting.md +272 -0
  152. package/docs/articles/monetization-custom.mdx +71 -0
  153. package/docs/articles/monetization-integrations.mdx +104 -0
  154. package/docs/articles/monitoring-your-gateway.mdx +53 -0
  155. package/docs/articles/monorepo-deployment.mdx +350 -0
  156. package/docs/articles/multiple-auth-policies.mdx +81 -0
  157. package/docs/articles/non-standard-ports.mdx +30 -0
  158. package/docs/articles/oauth-authentication.mdx +54 -0
  159. package/docs/articles/openapi-server-urls.mdx +60 -0
  160. package/docs/articles/openapi.mdx +130 -0
  161. package/docs/articles/opentelemetry.mdx +250 -0
  162. package/docs/articles/per-user-rate-limits-using-db.mdx +112 -0
  163. package/docs/articles/performance-testing.mdx +304 -0
  164. package/docs/articles/plugin-akamai-api-security.mdx +76 -0
  165. package/docs/articles/plugin-azure-blob.mdx +73 -0
  166. package/docs/articles/plugin-azure-event-hubs.mdx +64 -0
  167. package/docs/articles/plugin-hydrolix-traffic-peak.mdx +147 -0
  168. package/docs/articles/policies.mdx +33 -0
  169. package/docs/articles/rename-or-move-project.mdx +39 -0
  170. package/docs/articles/rick-and-morty-api-developer-portal-example.mdx +23 -0
  171. package/docs/articles/routing.mdx +193 -0
  172. package/docs/articles/s3-signed-url-uploads.mdx +521 -0
  173. package/docs/articles/secure-tunnel.mdx +84 -0
  174. package/docs/articles/securing-backend-mtls.mdx +268 -0
  175. package/docs/articles/securing-your-backend.mdx +148 -0
  176. package/docs/articles/security.mdx +105 -0
  177. package/docs/articles/sharing-code-across-projects.mdx +412 -0
  178. package/docs/articles/source-control-setup-azure.mdx +13 -0
  179. package/docs/articles/source-control-setup-bitbucket.mdx +43 -0
  180. package/docs/articles/source-control-setup-github.mdx +172 -0
  181. package/docs/articles/source-control-setup-gitlab.mdx +12 -0
  182. package/docs/articles/source-control.mdx +80 -0
  183. package/docs/articles/step-1-setup-basic-gateway-local.mdx +136 -0
  184. package/docs/articles/step-1-setup-basic-gateway.mdx +118 -0
  185. package/docs/articles/step-2-add-rate-limiting-local.mdx +126 -0
  186. package/docs/articles/step-2-add-rate-limiting.mdx +82 -0
  187. package/docs/articles/step-3-add-api-key-auth-local.mdx +199 -0
  188. package/docs/articles/step-3-add-api-key-auth.mdx +166 -0
  189. package/docs/articles/step-4-deploying-to-the-edge.mdx +220 -0
  190. package/docs/articles/step-5-dynamic-rate-limiting.mdx +167 -0
  191. package/docs/articles/support.mdx +144 -0
  192. package/docs/articles/terraform.mdx +114 -0
  193. package/docs/articles/testing-graphql.mdx +34 -0
  194. package/docs/articles/testing.mdx +522 -0
  195. package/docs/articles/troubleshooting-slow-responses.mdx +301 -0
  196. package/docs/articles/troubleshooting.md +302 -0
  197. package/docs/articles/tsconfig.mdx +105 -0
  198. package/docs/articles/tunnel-setup.mdx +195 -0
  199. package/docs/articles/tunnel-troubleshooting.mdx +50 -0
  200. package/docs/articles/update-zup-in-github-action.mdx +110 -0
  201. package/docs/articles/use-openapi-extension-data.mdx +79 -0
  202. package/docs/articles/users/multifactor-authentication.mdx +64 -0
  203. package/docs/articles/users/profile.mdx +13 -0
  204. package/docs/articles/versioning-on-zuplo.mdx +89 -0
  205. package/docs/articles/waf-ddos-akamai.md +133 -0
  206. package/docs/articles/waf-ddos-aws-waf-shield.mdx +85 -0
  207. package/docs/articles/waf-ddos-fastly.mdx +251 -0
  208. package/docs/articles/waf-ddos.mdx +140 -0
  209. package/docs/articles/zuplo-waf.mdx +156 -0
  210. package/docs/ask.mdx +3 -0
  211. package/docs/cli/authentication.mdx +56 -0
  212. package/docs/cli/connectivity.mdx +38 -0
  213. package/docs/cli/create-zuplo-api.mdx +80 -0
  214. package/docs/cli/delete.mdx +79 -0
  215. package/docs/cli/deploy.mdx +156 -0
  216. package/docs/cli/deploy.partial.mdx +46 -0
  217. package/docs/cli/dev.mdx +115 -0
  218. package/docs/cli/docs.mdx +66 -0
  219. package/docs/cli/editor.mdx +50 -0
  220. package/docs/cli/global-options.mdx +19 -0
  221. package/docs/cli/init.mdx +74 -0
  222. package/docs/cli/link.mdx +74 -0
  223. package/docs/cli/list.mdx +55 -0
  224. package/docs/cli/mtls-certificate-create.mdx +94 -0
  225. package/docs/cli/mtls-certificate-delete.mdx +55 -0
  226. package/docs/cli/mtls-certificate-describe.mdx +55 -0
  227. package/docs/cli/mtls-certificate-disable.mdx +55 -0
  228. package/docs/cli/mtls-certificate-list.mdx +47 -0
  229. package/docs/cli/mtls-certificate-update.mdx +72 -0
  230. package/docs/cli/openapi-convert.mdx +111 -0
  231. package/docs/cli/openapi-merge.mdx +138 -0
  232. package/docs/cli/openapi-merge.partial.mdx +29 -0
  233. package/docs/cli/openapi-overlay.mdx +123 -0
  234. package/docs/cli/overview.mdx +78 -0
  235. package/docs/cli/project-create.mdx +43 -0
  236. package/docs/cli/source-migrate.mdx +18 -0
  237. package/docs/cli/source-upgrade.mdx +41 -0
  238. package/docs/cli/test.mdx +70 -0
  239. package/docs/cli/test.partial.mdx +7 -0
  240. package/docs/cli/tunnel-create.mdx +53 -0
  241. package/docs/cli/tunnel-create.partial.mdx +9 -0
  242. package/docs/cli/tunnel-delete.mdx +35 -0
  243. package/docs/cli/tunnel-delete.partial.mdx +9 -0
  244. package/docs/cli/tunnel-describe.mdx +45 -0
  245. package/docs/cli/tunnel-describe.partial.mdx +5 -0
  246. package/docs/cli/tunnel-list.mdx +35 -0
  247. package/docs/cli/tunnel-list.partial.mdx +9 -0
  248. package/docs/cli/tunnel-rate-token.partial.mdx +9 -0
  249. package/docs/cli/tunnel-rotate-token.mdx +39 -0
  250. package/docs/cli/tunnel-services-describe.mdx +45 -0
  251. package/docs/cli/tunnel-services-describe.partial.mdx +9 -0
  252. package/docs/cli/tunnel-services-update.mdx +48 -0
  253. package/docs/cli/variable-create.mdx +91 -0
  254. package/docs/cli/variable-create.partial.mdx +5 -0
  255. package/docs/cli/variable-update.mdx +75 -0
  256. package/docs/cli/variable-update.partial.mdx +5 -0
  257. package/docs/concepts/api-keys.md +146 -0
  258. package/docs/concepts/authentication.mdx +109 -0
  259. package/docs/concepts/how-zuplo-works.mdx +120 -0
  260. package/docs/concepts/project-structure.mdx +174 -0
  261. package/docs/concepts/rate-limiting.md +246 -0
  262. package/docs/concepts/request-lifecycle.mdx +56 -0
  263. package/docs/concepts/source-control-and-deployment.mdx +229 -0
  264. package/docs/conferences/conference-prize-terms.mdx +80 -0
  265. package/docs/dedicated/akamai/ai-powered-applications.mdx +223 -0
  266. package/docs/dedicated/akamai/architecture.mdx +280 -0
  267. package/docs/dedicated/akamai/caching.mdx +212 -0
  268. package/docs/dedicated/akamai/cdn.mdx +156 -0
  269. package/docs/dedicated/architecture.mdx +208 -0
  270. package/docs/dedicated/custom-domains.mdx +31 -0
  271. package/docs/dedicated/federated-gateways.mdx +80 -0
  272. package/docs/dedicated/networking.mdx +69 -0
  273. package/docs/dedicated/overview.mdx +80 -0
  274. package/docs/dedicated/source-control.mdx +63 -0
  275. package/docs/dev-portal/dev-portal-create-consumer-on-auth.mdx +134 -0
  276. package/docs/dev-portal/introduction.mdx +65 -0
  277. package/docs/dev-portal/local-development.mdx +72 -0
  278. package/docs/dev-portal/migration.mdx +526 -0
  279. package/docs/dev-portal/node-modules.mdx +45 -0
  280. package/docs/dev-portal/updating.mdx +28 -0
  281. package/docs/dev-portal/zudoku/components/alert.mdx +130 -0
  282. package/docs/dev-portal/zudoku/components/badge.mdx +70 -0
  283. package/docs/dev-portal/zudoku/components/button.mdx +132 -0
  284. package/docs/dev-portal/zudoku/components/callout.mdx +112 -0
  285. package/docs/dev-portal/zudoku/components/card.mdx +104 -0
  286. package/docs/dev-portal/zudoku/components/checkbox.mdx +72 -0
  287. package/docs/dev-portal/zudoku/components/client-only.mdx +79 -0
  288. package/docs/dev-portal/zudoku/components/code-tabs.mdx +179 -0
  289. package/docs/dev-portal/zudoku/components/dialog.mdx +167 -0
  290. package/docs/dev-portal/zudoku/components/head.mdx +199 -0
  291. package/docs/dev-portal/zudoku/components/icons.mdx +27 -0
  292. package/docs/dev-portal/zudoku/components/input.mdx +96 -0
  293. package/docs/dev-portal/zudoku/components/label.mdx +86 -0
  294. package/docs/dev-portal/zudoku/components/link.mdx +242 -0
  295. package/docs/dev-portal/zudoku/components/markdown.mdx +151 -0
  296. package/docs/dev-portal/zudoku/components/mermaid.mdx +81 -0
  297. package/docs/dev-portal/zudoku/components/playground.mdx +87 -0
  298. package/docs/dev-portal/zudoku/components/secret.mdx +78 -0
  299. package/docs/dev-portal/zudoku/components/select.mdx +176 -0
  300. package/docs/dev-portal/zudoku/components/shadcn.mdx +73 -0
  301. package/docs/dev-portal/zudoku/components/slider.mdx +108 -0
  302. package/docs/dev-portal/zudoku/components/slot.mdx +119 -0
  303. package/docs/dev-portal/zudoku/components/stepper.mdx +138 -0
  304. package/docs/dev-portal/zudoku/components/switch.mdx +96 -0
  305. package/docs/dev-portal/zudoku/components/syntax-highlight.mdx +602 -0
  306. package/docs/dev-portal/zudoku/components/textarea.mdx +78 -0
  307. package/docs/dev-portal/zudoku/components/tooltip.mdx +195 -0
  308. package/docs/dev-portal/zudoku/components/typography.mdx +61 -0
  309. package/docs/dev-portal/zudoku/configuration/ai-assistants.md +64 -0
  310. package/docs/dev-portal/zudoku/configuration/api-catalog.md +108 -0
  311. package/docs/dev-portal/zudoku/configuration/api-reference.md +397 -0
  312. package/docs/dev-portal/zudoku/configuration/authentication-auth0.md +173 -0
  313. package/docs/dev-portal/zudoku/configuration/authentication-azure-ad.md +238 -0
  314. package/docs/dev-portal/zudoku/configuration/authentication-clerk.md +110 -0
  315. package/docs/dev-portal/zudoku/configuration/authentication-firebase.md +61 -0
  316. package/docs/dev-portal/zudoku/configuration/authentication-pingfederate.md +136 -0
  317. package/docs/dev-portal/zudoku/configuration/authentication-supabase.md +225 -0
  318. package/docs/dev-portal/zudoku/configuration/authentication.md +199 -0
  319. package/docs/dev-portal/zudoku/configuration/build-configuration.mdx +147 -0
  320. package/docs/dev-portal/zudoku/configuration/docs.md +282 -0
  321. package/docs/dev-portal/zudoku/configuration/footer.mdx +214 -0
  322. package/docs/dev-portal/zudoku/configuration/llms.md +89 -0
  323. package/docs/dev-portal/zudoku/configuration/navigation.mdx +408 -0
  324. package/docs/dev-portal/zudoku/configuration/overview.md +380 -0
  325. package/docs/dev-portal/zudoku/configuration/protected-routes.md +149 -0
  326. package/docs/dev-portal/zudoku/configuration/search.md +169 -0
  327. package/docs/dev-portal/zudoku/configuration/sentry.mdx +44 -0
  328. package/docs/dev-portal/zudoku/configuration/site.md +124 -0
  329. package/docs/dev-portal/zudoku/configuration/slots.mdx +124 -0
  330. package/docs/dev-portal/zudoku/configuration/vite-config.md +18 -0
  331. package/docs/dev-portal/zudoku/custom-plugins.md +287 -0
  332. package/docs/dev-portal/zudoku/customization/colors-theme.mdx +275 -0
  333. package/docs/dev-portal/zudoku/customization/fonts.md +110 -0
  334. package/docs/dev-portal/zudoku/extending/events.md +124 -0
  335. package/docs/dev-portal/zudoku/guides/custom-pages.md +106 -0
  336. package/docs/dev-portal/zudoku/guides/environment-variables.md +99 -0
  337. package/docs/dev-portal/zudoku/guides/mermaid.mdx +70 -0
  338. package/docs/dev-portal/zudoku/guides/navigation-migration.md +87 -0
  339. package/docs/dev-portal/zudoku/guides/navigation-rules.mdx +197 -0
  340. package/docs/dev-portal/zudoku/guides/processors.mdx +234 -0
  341. package/docs/dev-portal/zudoku/guides/static-files.md +55 -0
  342. package/docs/dev-portal/zudoku/guides/transforming-examples.md +156 -0
  343. package/docs/dev-portal/zudoku/guides/using-multiple-apis.md +87 -0
  344. package/docs/dev-portal/zudoku/markdown/admonitions.md +128 -0
  345. package/docs/dev-portal/zudoku/markdown/code-blocks.md +196 -0
  346. package/docs/dev-portal/zudoku/markdown/frontmatter.md +172 -0
  347. package/docs/dev-portal/zudoku/markdown/mdx.md +68 -0
  348. package/docs/dev-portal/zudoku/markdown/overview.md +275 -0
  349. package/docs/dev-portal/zudoku/plugins.md +5 -0
  350. package/docs/dev-portal/zudoku/writing.mdx +72 -0
  351. package/docs/errors/bad-request.mdx +39 -0
  352. package/docs/errors/build-error.mdx +45 -0
  353. package/docs/errors/fatal-project-error.mdx +39 -0
  354. package/docs/errors/gateway-timeout.mdx +33 -0
  355. package/docs/errors/get-head-body-error.mdx +41 -0
  356. package/docs/errors/main-mod-error.mdx +40 -0
  357. package/docs/errors/no-project-set.mdx +41 -0
  358. package/docs/errors/not-found.mdx +43 -0
  359. package/docs/errors/rate-limit-exceeded.mdx +31 -0
  360. package/docs/errors/schema-validation-failed.mdx +51 -0
  361. package/docs/errors/system-configuration-error.mdx +44 -0
  362. package/docs/errors/unauthorized.mdx +50 -0
  363. package/docs/errors/unknown-error.mdx +42 -0
  364. package/docs/errors.mdx +14 -0
  365. package/docs/guides/canary-routing-for-employees.mdx +385 -0
  366. package/docs/guides/geolocation-backend-routing.mdx +404 -0
  367. package/docs/guides/modify-openapi-paths.mdx +371 -0
  368. package/docs/guides/openapi-overlays.mdx +492 -0
  369. package/docs/guides/overview.mdx +12 -0
  370. package/docs/guides/user-based-backend-routing.mdx +437 -0
  371. package/docs/handlers/aws-lambda.mdx +201 -0
  372. package/docs/handlers/custom-handler.mdx +112 -0
  373. package/docs/handlers/legacy-dev-portal-handler.mdx +135 -0
  374. package/docs/handlers/mcp-server.mdx +730 -0
  375. package/docs/handlers/openapi.mdx +78 -0
  376. package/docs/handlers/redirect.mdx +115 -0
  377. package/docs/handlers/system-handlers.mdx +41 -0
  378. package/docs/handlers/url-forward.mdx +204 -0
  379. package/docs/handlers/url-rewrite.mdx +224 -0
  380. package/docs/handlers/websocket-handler.mdx +154 -0
  381. package/docs/home.mdx +6 -0
  382. package/docs/managed-edge/overview.md +78 -0
  383. package/docs/mcp-server/configuration-migration-guide.mdx +344 -0
  384. package/docs/mcp-server/custom-tools.mdx +487 -0
  385. package/docs/mcp-server/graphql.mdx +241 -0
  386. package/docs/mcp-server/introduction.mdx +122 -0
  387. package/docs/mcp-server/openai-apps-sdk.mdx +160 -0
  388. package/docs/mcp-server/prompts.mdx +283 -0
  389. package/docs/mcp-server/resources.mdx +288 -0
  390. package/docs/mcp-server/testing.mdx +53 -0
  391. package/docs/mcp-server/tools.mdx +306 -0
  392. package/docs/policies/_index.md +92 -0
  393. package/docs/policies/ab-test-inbound/intro.md +8 -0
  394. package/docs/policies/ab-test-inbound/policy.ts +14 -0
  395. package/docs/policies/ab-test-inbound/schema.json +27 -0
  396. package/docs/policies/ab-test-outbound/intro.md +8 -0
  397. package/docs/policies/ab-test-outbound/policy.ts +26 -0
  398. package/docs/policies/ab-test-outbound/schema.json +27 -0
  399. package/docs/policies/acl-policy-inbound/intro.md +5 -0
  400. package/docs/policies/acl-policy-inbound/policy.ts +32 -0
  401. package/docs/policies/acl-policy-inbound/schema.json +52 -0
  402. package/docs/policies/akamai-ai-firewall/schema.json +98 -0
  403. package/docs/policies/amberflo-metering-inbound/doc.md +183 -0
  404. package/docs/policies/amberflo-metering-inbound/intro.md +20 -0
  405. package/docs/policies/amberflo-metering-inbound/schema.json +108 -0
  406. package/docs/policies/api-key-inbound/doc.md +77 -0
  407. package/docs/policies/api-key-inbound/intro.md +30 -0
  408. package/docs/policies/api-key-inbound/schema.json +84 -0
  409. package/docs/policies/archive-request-aws-s3-inbound/intro.md +4 -0
  410. package/docs/policies/archive-request-aws-s3-inbound/policy.ts +58 -0
  411. package/docs/policies/archive-request-aws-s3-inbound/schema.json +68 -0
  412. package/docs/policies/archive-request-azure-storage-inbound/doc.md +31 -0
  413. package/docs/policies/archive-request-azure-storage-inbound/intro.md +4 -0
  414. package/docs/policies/archive-request-azure-storage-inbound/policy.ts +54 -0
  415. package/docs/policies/archive-request-azure-storage-inbound/schema.json +53 -0
  416. package/docs/policies/archive-request-gcp-storage-inbound/doc.md +63 -0
  417. package/docs/policies/archive-request-gcp-storage-inbound/intro.md +4 -0
  418. package/docs/policies/archive-request-gcp-storage-inbound/policy.ts +68 -0
  419. package/docs/policies/archive-request-gcp-storage-inbound/schema.json +47 -0
  420. package/docs/policies/archive-response-aws-s3-outbound/intro.md +2 -0
  421. package/docs/policies/archive-response-aws-s3-outbound/policy.ts +59 -0
  422. package/docs/policies/archive-response-aws-s3-outbound/schema.json +68 -0
  423. package/docs/policies/archive-response-azure-storage-outbound/doc.md +31 -0
  424. package/docs/policies/archive-response-azure-storage-outbound/intro.md +3 -0
  425. package/docs/policies/archive-response-azure-storage-outbound/policy.ts +54 -0
  426. package/docs/policies/archive-response-azure-storage-outbound/schema.json +53 -0
  427. package/docs/policies/audit-log-inbound/doc.md +78 -0
  428. package/docs/policies/audit-log-inbound/intro.md +10 -0
  429. package/docs/policies/audit-log-inbound/schema.json +81 -0
  430. package/docs/policies/auth0-jwt-auth-inbound/doc.md +125 -0
  431. package/docs/policies/auth0-jwt-auth-inbound/intro.md +17 -0
  432. package/docs/policies/auth0-jwt-auth-inbound/schema.json +74 -0
  433. package/docs/policies/authzen-inbound/doc.md +24 -0
  434. package/docs/policies/authzen-inbound/intro.md +31 -0
  435. package/docs/policies/authzen-inbound/schema.json +126 -0
  436. package/docs/policies/axiomatics-authz-inbound/doc.md +144 -0
  437. package/docs/policies/axiomatics-authz-inbound/intro.md +11 -0
  438. package/docs/policies/axiomatics-authz-inbound/schema.json +161 -0
  439. package/docs/policies/basic-auth-inbound/intro.md +9 -0
  440. package/docs/policies/basic-auth-inbound/schema.json +99 -0
  441. package/docs/policies/bot-detection-inbound/intro.md +4 -0
  442. package/docs/policies/bot-detection-inbound/schema.json +56 -0
  443. package/docs/policies/brownout-inbound/doc.md +55 -0
  444. package/docs/policies/brownout-inbound/intro.md +12 -0
  445. package/docs/policies/brownout-inbound/schema.json +115 -0
  446. package/docs/policies/caching-inbound/doc.md +209 -0
  447. package/docs/policies/caching-inbound/intro.md +23 -0
  448. package/docs/policies/caching-inbound/schema.json +98 -0
  449. package/docs/policies/change-method-inbound/schema.json +56 -0
  450. package/docs/policies/clear-headers-inbound/schema.json +59 -0
  451. package/docs/policies/clear-headers-outbound/schema.json +59 -0
  452. package/docs/policies/clerk-jwt-auth-inbound/doc.md +85 -0
  453. package/docs/policies/clerk-jwt-auth-inbound/intro.md +4 -0
  454. package/docs/policies/clerk-jwt-auth-inbound/schema.json +68 -0
  455. package/docs/policies/cognito-jwt-auth-inbound/intro.md +7 -0
  456. package/docs/policies/cognito-jwt-auth-inbound/schema.json +74 -0
  457. package/docs/policies/comet-opik-tracing-inbound/schema.json +65 -0
  458. package/docs/policies/complex-rate-limit-inbound/doc.md +20 -0
  459. package/docs/policies/complex-rate-limit-inbound/intro.md +23 -0
  460. package/docs/policies/complex-rate-limit-inbound/schema.json +142 -0
  461. package/docs/policies/composite-inbound/doc.md +69 -0
  462. package/docs/policies/composite-inbound/intro.md +15 -0
  463. package/docs/policies/composite-inbound/schema.json +59 -0
  464. package/docs/policies/composite-outbound/intro.md +6 -0
  465. package/docs/policies/composite-outbound/schema.json +59 -0
  466. package/docs/policies/curity-phantom-token-inbound/doc.md +109 -0
  467. package/docs/policies/curity-phantom-token-inbound/intro.md +3 -0
  468. package/docs/policies/curity-phantom-token-inbound/schema.json +68 -0
  469. package/docs/policies/custom-code-inbound/doc.md +267 -0
  470. package/docs/policies/custom-code-inbound/intro.md +2 -0
  471. package/docs/policies/custom-code-inbound/schema.json +48 -0
  472. package/docs/policies/custom-code-outbound/doc.md +235 -0
  473. package/docs/policies/custom-code-outbound/intro.md +2 -0
  474. package/docs/policies/custom-code-outbound/schema.json +43 -0
  475. package/docs/policies/firebase-jwt-inbound/intro.md +6 -0
  476. package/docs/policies/firebase-jwt-inbound/schema.json +68 -0
  477. package/docs/policies/formdata-to-json-inbound/schema.json +60 -0
  478. package/docs/policies/galileo-tracing-inbound/schema.json +65 -0
  479. package/docs/policies/geo-filter-inbound/doc.md +33 -0
  480. package/docs/policies/geo-filter-inbound/schema.json +108 -0
  481. package/docs/policies/graphql-complexity-limit-inbound/doc.md +48 -0
  482. package/docs/policies/graphql-complexity-limit-inbound/intro.md +2 -0
  483. package/docs/policies/graphql-complexity-limit-inbound/schema.json +90 -0
  484. package/docs/policies/graphql-disable-introspection-inbound/doc.md +66 -0
  485. package/docs/policies/graphql-disable-introspection-inbound/intro.md +15 -0
  486. package/docs/policies/graphql-disable-introspection-inbound/schema.json +48 -0
  487. package/docs/policies/graphql-introspection-filter-outbound/doc.md +148 -0
  488. package/docs/policies/graphql-introspection-filter-outbound/schema.json +79 -0
  489. package/docs/policies/hmac-auth-inbound/doc.md +30 -0
  490. package/docs/policies/hmac-auth-inbound/intro.md +10 -0
  491. package/docs/policies/hmac-auth-inbound/policy.ts +70 -0
  492. package/docs/policies/hmac-auth-inbound/schema.json +53 -0
  493. package/docs/policies/http-deprecation-outbound/doc.md +73 -0
  494. package/docs/policies/http-deprecation-outbound/schema.json +83 -0
  495. package/docs/policies/ip-restriction-inbound/intro.md +8 -0
  496. package/docs/policies/ip-restriction-inbound/policy.ts +40 -0
  497. package/docs/policies/ip-restriction-inbound/schema.json +58 -0
  498. package/docs/policies/jwt-scopes-inbound/schema.json +59 -0
  499. package/docs/policies/ldap-auth-inbound/schema.json +56 -0
  500. package/docs/policies/mock-api-inbound/schema.json +72 -0
  501. package/docs/policies/moesif-inbound/doc.md +44 -0
  502. package/docs/policies/moesif-inbound/intro.md +6 -0
  503. package/docs/policies/moesif-inbound/schema.json +68 -0
  504. package/docs/policies/monetization-inbound/doc.md +87 -0
  505. package/docs/policies/monetization-inbound/intro.md +6 -0
  506. package/docs/policies/monetization-inbound/schema.json +102 -0
  507. package/docs/policies/mtls-auth-inbound/intro.md +6 -0
  508. package/docs/policies/mtls-auth-inbound/schema.json +68 -0
  509. package/docs/policies/okta-fga-authz-inbound/doc.md +181 -0
  510. package/docs/policies/okta-fga-authz-inbound/intro.md +20 -0
  511. package/docs/policies/okta-fga-authz-inbound/schema.json +104 -0
  512. package/docs/policies/okta-jwt-auth-inbound/intro.md +7 -0
  513. package/docs/policies/okta-jwt-auth-inbound/schema.json +74 -0
  514. package/docs/policies/open-id-jwt-auth-inbound/doc.md +58 -0
  515. package/docs/policies/open-id-jwt-auth-inbound/intro.md +30 -0
  516. package/docs/policies/open-id-jwt-auth-inbound/schema.json +128 -0
  517. package/docs/policies/openfga-authz-inbound/doc.md +207 -0
  518. package/docs/policies/openfga-authz-inbound/intro.md +17 -0
  519. package/docs/policies/openfga-authz-inbound/schema.json +191 -0
  520. package/docs/policies/openmeter-inbound/doc.md +163 -0
  521. package/docs/policies/openmeter-inbound/intro.md +18 -0
  522. package/docs/policies/openmeter-inbound/schema.json +183 -0
  523. package/docs/policies/prompt-injection-outbound/doc.md +106 -0
  524. package/docs/policies/prompt-injection-outbound/intro.md +4 -0
  525. package/docs/policies/prompt-injection-outbound/schema.json +74 -0
  526. package/docs/policies/propel-auth-jwt-inbound/doc.md +88 -0
  527. package/docs/policies/propel-auth-jwt-inbound/intro.md +4 -0
  528. package/docs/policies/propel-auth-jwt-inbound/schema.json +74 -0
  529. package/docs/policies/query-param-to-header-inbound/doc.md +70 -0
  530. package/docs/policies/query-param-to-header-inbound/intro.md +5 -0
  531. package/docs/policies/query-param-to-header-inbound/schema.json +74 -0
  532. package/docs/policies/quota-inbound/doc.md +235 -0
  533. package/docs/policies/quota-inbound/intro.md +7 -0
  534. package/docs/policies/quota-inbound/schema.json +133 -0
  535. package/docs/policies/rate-limit-inbound/doc.md +78 -0
  536. package/docs/policies/rate-limit-inbound/intro.md +30 -0
  537. package/docs/policies/rate-limit-inbound/schema.json +134 -0
  538. package/docs/policies/rbac-policy-inbound/intro.md +3 -0
  539. package/docs/policies/rbac-policy-inbound/policy.ts +42 -0
  540. package/docs/policies/rbac-policy-inbound/schema.json +52 -0
  541. package/docs/policies/readme-metrics-inbound/doc.md +1 -0
  542. package/docs/policies/readme-metrics-inbound/intro.md +3 -0
  543. package/docs/policies/readme-metrics-inbound/schema.json +84 -0
  544. package/docs/policies/remove-headers-inbound/schema.json +59 -0
  545. package/docs/policies/remove-headers-outbound/schema.json +59 -0
  546. package/docs/policies/remove-query-params-inbound/schema.json +59 -0
  547. package/docs/policies/replace-string-outbound/schema.json +69 -0
  548. package/docs/policies/request-size-limit-inbound/schema.json +60 -0
  549. package/docs/policies/request-validation-inbound/doc.md +72 -0
  550. package/docs/policies/request-validation-inbound/intro.md +24 -0
  551. package/docs/policies/request-validation-inbound/schema.json +98 -0
  552. package/docs/policies/require-origin-inbound/intro.md +12 -0
  553. package/docs/policies/require-origin-inbound/schema.json +65 -0
  554. package/docs/policies/secret-masking-outbound/doc.md +41 -0
  555. package/docs/policies/secret-masking-outbound/intro.md +13 -0
  556. package/docs/policies/secret-masking-outbound/schema.json +65 -0
  557. package/docs/policies/semantic-cache-inbound/doc.md +63 -0
  558. package/docs/policies/semantic-cache-inbound/intro.md +4 -0
  559. package/docs/policies/semantic-cache-inbound/schema.json +179 -0
  560. package/docs/policies/set-body-inbound/intro.md +7 -0
  561. package/docs/policies/set-body-inbound/schema.json +56 -0
  562. package/docs/policies/set-headers-inbound/doc.md +41 -0
  563. package/docs/policies/set-headers-inbound/intro.md +2 -0
  564. package/docs/policies/set-headers-inbound/schema.json +83 -0
  565. package/docs/policies/set-headers-outbound/schema.json +83 -0
  566. package/docs/policies/set-query-params-inbound/schema.json +83 -0
  567. package/docs/policies/set-status-outbound/schema.json +62 -0
  568. package/docs/policies/sleep-inbound/schema.json +56 -0
  569. package/docs/policies/stripe-webhook-verification-inbound/intro.md +2 -0
  570. package/docs/policies/stripe-webhook-verification-inbound/schema.json +60 -0
  571. package/docs/policies/supabase-jwt-auth-inbound/doc.md +29 -0
  572. package/docs/policies/supabase-jwt-auth-inbound/intro.md +12 -0
  573. package/docs/policies/supabase-jwt-auth-inbound/schema.json +86 -0
  574. package/docs/policies/transform-body-inbound/intro.md +8 -0
  575. package/docs/policies/transform-body-inbound/policy.ts +16 -0
  576. package/docs/policies/transform-body-inbound/schema.json +27 -0
  577. package/docs/policies/transform-body-outbound/intro.md +8 -0
  578. package/docs/policies/transform-body-outbound/policy.ts +19 -0
  579. package/docs/policies/transform-body-outbound/schema.json +27 -0
  580. package/docs/policies/upstream-azure-ad-service-auth-inbound/doc.md +82 -0
  581. package/docs/policies/upstream-azure-ad-service-auth-inbound/intro.md +20 -0
  582. package/docs/policies/upstream-azure-ad-service-auth-inbound/schema.json +84 -0
  583. package/docs/policies/upstream-firebase-admin-auth-inbound/intro.md +10 -0
  584. package/docs/policies/upstream-firebase-admin-auth-inbound/schema.json +68 -0
  585. package/docs/policies/upstream-firebase-user-auth-inbound/intro.md +2 -0
  586. package/docs/policies/upstream-firebase-user-auth-inbound/schema.json +113 -0
  587. package/docs/policies/upstream-gcp-federated-auth-inbound/doc.md +139 -0
  588. package/docs/policies/upstream-gcp-federated-auth-inbound/intro.md +21 -0
  589. package/docs/policies/upstream-gcp-federated-auth-inbound/schema.json +96 -0
  590. package/docs/policies/upstream-gcp-jwt-inbound/intro.md +10 -0
  591. package/docs/policies/upstream-gcp-jwt-inbound/schema.json +62 -0
  592. package/docs/policies/upstream-gcp-service-auth-inbound/doc.md +132 -0
  593. package/docs/policies/upstream-gcp-service-auth-inbound/intro.md +25 -0
  594. package/docs/policies/upstream-gcp-service-auth-inbound/schema.json +95 -0
  595. package/docs/policies/upstream-zuplo-jwt-auth-inbound/doc.md +213 -0
  596. package/docs/policies/upstream-zuplo-jwt-auth-inbound/intro.md +16 -0
  597. package/docs/policies/upstream-zuplo-jwt-auth-inbound/schema.json +101 -0
  598. package/docs/policies/validate-json-schema-inbound/doc.md +129 -0
  599. package/docs/policies/validate-json-schema-inbound/intro.md +7 -0
  600. package/docs/policies/validate-json-schema-inbound/schema.json +56 -0
  601. package/docs/policies/web-bot-auth-inbound/doc.md +104 -0
  602. package/docs/policies/web-bot-auth-inbound/intro.md +16 -0
  603. package/docs/policies/web-bot-auth-inbound/schema.json +76 -0
  604. package/docs/policies/xml-to-json-outbound/doc.md +71 -0
  605. package/docs/policies/xml-to-json-outbound/intro.md +4 -0
  606. package/docs/policies/xml-to-json-outbound/schema.json +117 -0
  607. package/docs/programmable-api/audit-log.mdx +74 -0
  608. package/docs/programmable-api/background-dispatcher.mdx +124 -0
  609. package/docs/programmable-api/background-loader.mdx +104 -0
  610. package/docs/programmable-api/cache.mdx +186 -0
  611. package/docs/programmable-api/compatibility-dates.mdx +201 -0
  612. package/docs/programmable-api/console-logging.mdx +48 -0
  613. package/docs/programmable-api/context-data.mdx +127 -0
  614. package/docs/programmable-api/custom-cors-policy.mdx +64 -0
  615. package/docs/programmable-api/environment.mdx +328 -0
  616. package/docs/programmable-api/hooks.mdx +569 -0
  617. package/docs/programmable-api/http-problems.mdx +385 -0
  618. package/docs/programmable-api/jwt-service-plugin.mdx +420 -0
  619. package/docs/programmable-api/logger.mdx +223 -0
  620. package/docs/programmable-api/memory-zone-read-through-cache.mdx +96 -0
  621. package/docs/programmable-api/node-modules.mdx +67 -0
  622. package/docs/programmable-api/not-found-handler.mdx +47 -0
  623. package/docs/programmable-api/oauth-protected-resource-plugin.mdx +46 -0
  624. package/docs/programmable-api/overview.mdx +213 -0
  625. package/docs/programmable-api/problem-response-formatter.mdx +183 -0
  626. package/docs/programmable-api/request-user.mdx +289 -0
  627. package/docs/programmable-api/reusing-code.mdx +26 -0
  628. package/docs/programmable-api/route-raw.mdx +55 -0
  629. package/docs/programmable-api/runtime-behaviors.mdx +25 -0
  630. package/docs/programmable-api/runtime-errors.mdx +246 -0
  631. package/docs/programmable-api/runtime-extensions.mdx +340 -0
  632. package/docs/programmable-api/safely-clone-a-request-or-response.mdx +57 -0
  633. package/docs/programmable-api/streaming-zone-cache.mdx +155 -0
  634. package/docs/programmable-api/web-crypto-apis.mdx +219 -0
  635. package/docs/programmable-api/web-standard-apis.mdx +109 -0
  636. package/docs/programmable-api/zone-cache.mdx +131 -0
  637. package/docs/programmable-api/zp-body-removed.mdx +32 -0
  638. package/docs/programmable-api/zuplo-context.mdx +414 -0
  639. package/docs/programmable-api/zuplo-id-token.mdx +90 -0
  640. package/docs/programmable-api/zuplo-json.mdx +91 -0
  641. package/docs/programmable-api/zuplo-request.mdx +200 -0
  642. package/docs/sample-apis.mdx +78 -0
  643. package/docs/self-hosted/overview.md +60 -0
  644. package/package.json +6 -5
@@ -0,0 +1,730 @@
1
+ ---
2
+ title: MCP Server Handler
3
+ sidebar_label: MCP Server
4
+ ---
5
+
6
+ The MCP (Model Context Protocol) Server handler allows you to run a lightweight,
7
+ stateless MCP server on your gateway that automatically transforms your API
8
+ routes into MCP tools.
9
+
10
+ This enables your API gateway to seamlessly serve external AI tools and agents
11
+ through [Model Context Protocol](https://modelcontextprotocol.io/introduction)
12
+ interactions by using your existing APIs, without needing to duplicate
13
+ functionality or rebuild business logic in your backend.
14
+
15
+ Each MCP Server handler has a 1:1 relationship with a route. That means one
16
+ route can host one server. A gateway may have any number of MCP servers.
17
+
18
+ A single MCP server may have many tools and prompts, where each tool interfaces
19
+ with an API route in your gateway. You can compose multiple MCP servers on
20
+ different routes to tailor MCP tools and prompts for each server's specific
21
+ purpose.
22
+
23
+ The MCP Server Handler works by re-invoking configured routes on the gateway. It
24
+ does **_not_** go back out to HTTP: it keeps requests _within_ the gateway while
25
+ still re-invoking the policy pipeline for your routes. This means that if you
26
+ configure an MCP server with policies, routes with policies, and configure those
27
+ routes as tools, the policy pipelines for both will be invoked. First the MCP
28
+ server handler inbound policies, then the inbound policies for the tool's route,
29
+ then the outbound policies for the tool's route, and finally, the outbound
30
+ policies for the MCP server handler.
31
+
32
+ ## Setup via Portal
33
+
34
+ Open the **Route Designer** by navigating to the **Code** tab, then click
35
+ **routes.oas.json**. For any route definition, select **MCP Server** from the
36
+ **Request Handlers** drop-down. Set the method to **POST**.
37
+
38
+ Configure the handler with the following required options:
39
+
40
+ - **Server Name** - The name of the MCP server. AI MCP clients will read this
41
+ name when they initialize with the server.
42
+ - **Server Version** - The version of your MCP server. AI MCP clients read this
43
+ version when they initialize with the server and may make autonomous decisions
44
+ based on the versioning of your MCP server and the instructions they've been
45
+ given.
46
+
47
+ Next, configure your routes to be transformed into MCP tools or prompts (see
48
+ Configuration section below).
49
+
50
+ ## Setup via routes.oas.json
51
+
52
+ The MCP Server handler can be manually added to the **routes.oas.json** file
53
+ with the following route configuration:
54
+
55
+ ```json
56
+ "paths": {
57
+ "/mcp": {
58
+ "x-zuplo-path": {
59
+ "pathMode": "open-api"
60
+ },
61
+ "post": {
62
+ "summary": "MCP Server",
63
+ "x-zuplo-route": {
64
+ "corsPolicy": "none",
65
+ "handler": {
66
+
67
+ // The MCP Server Handler handler
68
+ // and required options
69
+
70
+ "export": "mcpServerHandler",
71
+ "module": "$import(@zuplo/runtime)",
72
+ "options": {
73
+ "name": "example-mcp-server",
74
+ "version": "1.0.0",
75
+ "debugMode": false,
76
+ }
77
+ },
78
+ "policies": {
79
+ "inbound": []
80
+ }
81
+ }
82
+ }
83
+ }
84
+ }
85
+ ```
86
+
87
+ ## Configuration
88
+
89
+ The MCP Server handler requires the following configurations:
90
+
91
+ - `name` (optional) - The name identifier of the MCP server.
92
+ - `version` (optional) - The version of the MCP server.
93
+ - `debugMode` (optional, default `false`) - Verbose logs on server startup,
94
+ initialization, tool listing, and tool calls. NOT recommended for production
95
+ environments.
96
+ - `operations` - An array of operation references to register with the MCP
97
+ server. Each operation can be a tool, prompt, or resource based on its
98
+ `x-zuplo-route.mcp` configuration.
99
+
100
+ ### MCP `2025-06-18` Global Options
101
+
102
+ :::danger
103
+
104
+ These options are part of the new
105
+ [MCP specification (2025-06-18)](https://modelcontextprotocol.io/specification/2025-06-18).
106
+ Some MCP clients **may not yet support these features** and output schemas may
107
+ not be considered valid by various clients given MCP has not yet adopted an
108
+ exact JSON schema dialect. If you experience compatibility issues with your MCP
109
+ client, ensure your `outputSchema` is a valid `type: object` JSON Schema and
110
+ `structuredContent` is also of `type: object`.
111
+
112
+ :::
113
+
114
+ - `includeOutputSchema` (optional, default: `false`) - Whether to include output
115
+ schema from the route's OpenAPI response schema. When `true`, the schema from
116
+ successful responses (2xx) will be used as `outputSchema` for MCP tools.
117
+ - `includeStructuredContent` (optional, default: `false`) - Whether to include
118
+ structured content in responses. When `true`, response JSON will be parsed and
119
+ included as `structuredContent`. When `false`, only `text` content will be
120
+ returned.
121
+
122
+ ### Operations
123
+
124
+ Configure MCP tools, prompts, and resources using the `operations`
125
+ configuration. Specify OpenAPI files and the exact operation IDs you want to
126
+ expose:
127
+
128
+ ```json
129
+ "paths": {
130
+ "/mcp": {
131
+ "post": {
132
+ "x-zuplo-route": {
133
+ "handler": {
134
+ "export": "mcpServerHandler",
135
+ "module": "$import(@zuplo/runtime)",
136
+ "options": {
137
+ "name": "My MCP Server",
138
+ "version": "1.0.0",
139
+ "operations": [
140
+ {
141
+ "file": "./config/weather.oas.json",
142
+ "id": "getCurrentWeather"
143
+ },
144
+ {
145
+ "file": "./config/todos.oas.json",
146
+ "id": "createTodo"
147
+ }
148
+ ]
149
+ }
150
+ }
151
+ }
152
+ }
153
+ }
154
+ }
155
+ ```
156
+
157
+ - `file`: Path to an OpenAPI JSON spec file (relative to the project root)
158
+ - `id`: The specific operation ID to include from the targeted file
159
+
160
+ This approach provides explicit control over exactly which API operations become
161
+ MCP tools, prompts, or resources.
162
+
163
+ ### Deprecated Configurations
164
+
165
+ :::caution
166
+
167
+ The `files`, `prompts`, and `resources` configuration options are **deprecated**
168
+ and will be removed in a future version. Please migrate to the `operations`
169
+ configuration option described above.
170
+
171
+ :::
172
+
173
+ <details>
174
+ <summary>Legacy Configuration Options (Deprecated)</summary>
175
+
176
+ Prior to `operations`, specific configuration arrays were used:
177
+
178
+ - `files`: For tools
179
+ - `prompts`: For prompts
180
+ - `resources`: For resources
181
+
182
+ ```json
183
+ "post": {
184
+ "operationId": "mcp-server",
185
+ "x-zuplo-route": {
186
+ "handler": {
187
+ "export": "mcpServerHandler",
188
+ "module": "$import(@zuplo/runtime)",
189
+ "options": {
190
+ "files": [
191
+ {
192
+ "path": "./config/weather.oas.json",
193
+ "operationIds": [
194
+ "getCurrentWeather"
195
+ ]
196
+ }
197
+ ],
198
+ "prompts": [
199
+ {
200
+ "path": "./config/weather.oas.json",
201
+ "operationIds": [
202
+ "weatherPrompt"
203
+ ]
204
+ }
205
+ ]
206
+ }
207
+ }
208
+ }
209
+ ```
210
+
211
+ Please migrate these to the unified `operations` array.
212
+
213
+ </details>
214
+
215
+ ### MCP Tools
216
+
217
+ Tools are the main way that AI agents can discover capabilities from MCP
218
+ servers. They are flexible, lite weight ways to execute some functionality,
219
+ query some data, or perform an action on the user's behalf.
220
+
221
+ Routes configured as MCP tools may include the `x-zuplo-route.mcp` extension
222
+ with `type: "tool"` in their OpenAPI definition. By default, without the
223
+ `x-zuplo-route.mcp` configuration, the MCP server handler will assume the
224
+ provided operation is a "tool". See [MCP Server Tools](../mcp-server/tools.mdx)
225
+ for detailed documentation.
226
+
227
+ ### Custom MCP Tools
228
+
229
+ Create custom tools as routes with full programmatic control using dedicated
230
+ OpenAPI specifications and custom handler functions.
231
+
232
+ This approach provides maximum flexibility for complex workflows. See
233
+ [MCP Server Custom Tools](../mcp-server/custom-tools.mdx) for detailed
234
+ documentation.
235
+
236
+ ### MCP Prompts
237
+
238
+ In addition to tools, MCP servers can expose prompts - reusable, parameterized
239
+ prompt templates that AI clients can request and execute. Configure prompts
240
+ using the `operations` array in your MCP server options, just like tools.
241
+
242
+ Routes configured as MCP prompts must include the `x-zuplo-route.mcp` extension
243
+ with `type: "prompt"` in their OpenAPI definition. See
244
+ [MCP Server Prompts](../mcp-server/prompts.mdx) for detailed documentation.
245
+
246
+ ### MCP Resources
247
+
248
+ MCP servers can also expose resources - static read-only content like
249
+ documentation, configuration files, or any other data an AI system might need.
250
+ Like tools and prompts, configure resources using the `operations` array in your
251
+ MCP server options.
252
+
253
+ Routes configured as MCP resources must use the GET method and must include the
254
+ `x-zuplo-route.mcp` extension with `type: "resource"` in their OpenAPI
255
+ definition.
256
+
257
+ See [MCP Server Resources](../mcp-server/resources.mdx) for detailed
258
+ documentation.
259
+
260
+ ### Route `x-zuplo-route.mcp` configuration
261
+
262
+ You can customize individual tools, prompts, and resources using the
263
+ `x-zuplo-route.mcp` property in your OpenAPI definition. This allows you to
264
+ define the type of MCP capability and provide specific metadata.
265
+
266
+ ```json
267
+ "paths": {
268
+ "/weather/current": {
269
+ "get": {
270
+ "operationId": "getCurrentWeather",
271
+ "summary": "Get current weather",
272
+ "x-zuplo-route": {
273
+ "handler": { ... },
274
+ "mcp": {
275
+ "type": "tool",
276
+ "name": "get_current_weather",
277
+ "description": "Retrieve current weather conditions for a specified location",
278
+ "enabled": true
279
+ }
280
+ }
281
+ }
282
+ },
283
+ "/prompts/greeting": {
284
+ "post": {
285
+ "operationId": "greeting-prompt",
286
+ "x-zuplo-route": {
287
+ "handler": { ... },
288
+ "mcp": {
289
+ "type": "prompt",
290
+ "name": "greeting_generator",
291
+ "description": "Generate a personalized greeting"
292
+ }
293
+ }
294
+ }
295
+ }
296
+ }
297
+ ```
298
+
299
+ **Common options:**
300
+
301
+ - `type`: The type of MCP capability (`tool`, `prompt`, `resource`, or
302
+ `graphql`). Defaults to `tool` if not specified.
303
+ - `name`: Override the name shown to AI systems (defaults to `operationId`)
304
+ - `description`: Override the description for AI consumption (defaults to route
305
+ description/summary)
306
+ - `enabled`: Whether this operation should be available in the MCP server.
307
+
308
+ See the respective [tools](../mcp-server/tools.mdx),
309
+ [prompts](../mcp-server/prompts.mdx) and
310
+ [resources](../mcp-server/resources.mdx) documentation for type-specific
311
+ options.
312
+
313
+ ## Authentication
314
+
315
+ ### OAuth Authentication
316
+
317
+ The MCP Protocol natively supports OAuth authentication to enable MCP Clients to
318
+ authenticate and authorize themselves when calling tools. For more information,
319
+ see the
320
+ [official MCP Authentication documentation](https://modelcontextprotocol.io/specification/draft/basic/authorization).
321
+
322
+ Zuplo allows you to configure any of the built-in OAuth policies (like Auth0,
323
+ Okta, etc.) on the MCP Server route to secure it. To enable OAuth
324
+ authentication, you will need to have an OAuth Authorization server configured.
325
+ Specifically, the OAuth Authorization server will need to support the following
326
+ things:
327
+
328
+ 1. (Optional but recommended) OAuth 2.0 Dynamic Client Registration
329
+ 2. Authorization Code Grant with PKCE
330
+ 3. Refresh Tokens
331
+
332
+ For an example of a basic configuration of an Authorization Server with Auth0,
333
+ see:
334
+ [Setting up Auth0 as an Authentication Server for MCP OAuth Authentication](../articles/configuring-auth0-for-mcp-auth.mdx).
335
+
336
+ Once you have configured your authorization server, you can do the following to
337
+ enable OAuth authentication on your MCP Server:
338
+
339
+ 1. Create an OAuth policy on your MCP Server route. This policy will need to
340
+ have the option `"oAuthResourceMetadataEnabled": true`, for example:
341
+
342
+ ```json
343
+ {
344
+ "name": "mcp-oauth-inbound",
345
+ "policyType": "oauth-inbound",
346
+ "handler": {
347
+ "export": "Auth0JwtInboundPolicy",
348
+ "module": "$import(@zuplo/runtime)",
349
+ "options": {
350
+ "auth0Domain": "my-auth0-domain.us.auth0.com",
351
+ "audience": "https://my-mcp-audience",
352
+ "oAuthResourceMetadataEnabled": true
353
+ }
354
+ }
355
+ }
356
+ ```
357
+
358
+ In this example, the audience should be the identifier of the Auth0 API you
359
+ want your MCP Server to be protected by. For more information on configuring
360
+ OAuth JWT policies, see the
361
+ [OAuth Policy docs](../articles/oauth-authentication.mdx).
362
+
363
+ 2. Add the OAuth policy to the MCP Server route. For example:
364
+
365
+ ```json
366
+ "paths": {
367
+ "/mcp": {
368
+ "post": {
369
+ "x-zuplo-route": {
370
+ // etc. etc.
371
+ // other properties and route handlers for MCP
372
+
373
+ "policies": {
374
+ "inbound": [
375
+ "mcp-oauth-inbound"
376
+ ]
377
+ }
378
+ }
379
+ }
380
+ }
381
+ }
382
+ ```
383
+
384
+ 3. Add the `OAuthProtectedResourcePlugin` to your `runtimeInit` function in the
385
+ `zuplo.runtime.ts` file:
386
+
387
+ ```ts
388
+ import { OAuthProtectedResourcePlugin } from "@zuplo/runtime";
389
+
390
+ export function runtimeInit(runtime: RuntimeExtensions) {
391
+ runtime.addPlugin(
392
+ new OAuthProtectedResourcePlugin({
393
+ authorizationServers: ["https://your-auth0-domain.us.auth0.com"],
394
+ resourceName: "My MCP OAuth Resource",
395
+ }),
396
+ );
397
+ }
398
+ ```
399
+
400
+ See the
401
+ [OAuth Protected Resource Plugin docs](../programmable-api/oauth-protected-resource-plugin.mdx)
402
+ for more details.
403
+
404
+ ### API Key Auth
405
+
406
+ An MCP server on Zuplo can be configured to use an API key from a query
407
+ parameter using the
408
+ [Query Parameter to Header Policy](../policies/query-param-to-header-inbound.mdx).
409
+
410
+ :::warning
411
+
412
+ Currently, API keys aren't supported directly by MCP. But using an API key via
413
+ query params transformed through your Zuplo gateway is a great way to get up and
414
+ running quickly with an MCP server.
415
+
416
+ :::
417
+
418
+ Configure the policy to expect a query param and inject it as an Auth header:
419
+
420
+ ```json
421
+ {
422
+ "policies": [
423
+ {
424
+ "name": "mcp-query-param-to-header-inbound",
425
+ "policyType": "query-param-to-header-inbound",
426
+ "handler": {
427
+ "export": "QueryParamToHeaderInboundPolicy",
428
+ "module": "$import(@zuplo/runtime)",
429
+ "options": {
430
+ "queryParam": "apiKey",
431
+ "headerName": "Authorization",
432
+ "headerValue": "Bearer {value}"
433
+ }
434
+ }
435
+ }
436
+
437
+ // etc. etc. other policies, your API key policy
438
+ ]
439
+ }
440
+ ```
441
+
442
+ Then, to secure your MCP endpoint, add the "query param to header" policy
443
+ **_before_** your API key policy:
444
+
445
+ ```json
446
+ {
447
+ "paths": {
448
+ "/mcp": {
449
+ "post": {
450
+ "x-zuplo-route": {
451
+ // etc. etc.
452
+ // other properties and route handlers for MCP
453
+
454
+ "policies": {
455
+ "inbound": [
456
+ "mcp-query-param-to-header-inbound",
457
+ "api-key-auth-inbound"
458
+ ]
459
+ }
460
+ }
461
+ }
462
+ }
463
+ }
464
+ }
465
+ ```
466
+
467
+ This will effectively transform the query param into an `Authorization: Bearer`
468
+ header and pass those through to other routes on your gateway.
469
+
470
+ Then, when using MCP clients, simply add your API key as a query param! For
471
+ example, in Cursor:
472
+
473
+ ```json
474
+ {
475
+ "mcpServers": {
476
+ "my-zuplo-mcp-server": {
477
+ "url": "https://my-server.zuplo.com/mcp?apiKey=123abc"
478
+ }
479
+ }
480
+ }
481
+ ```
482
+
483
+ ## Testing
484
+
485
+ ### MCP Inspector
486
+
487
+ Use the [MCP Inspector](https://github.com/modelcontextprotocol/inspector), a
488
+ developer focused tool for building MCP servers, to quickly and easily test out
489
+ your MCP server:
490
+
491
+ ```sh
492
+ npx @modelcontextprotocol/inspector
493
+ ```
494
+
495
+ By default, this will start a local MCP proxy and web app that you can use on
496
+ `localhost` to connect to your server, list tools, call tools, view message
497
+ history, and more.
498
+
499
+ To connect to your remote Zuplo MCP server in the Inspector UI:
500
+
501
+ 1. Set the **Transport Type** to "Streamable HTTP"
502
+ 2. Set the **URL** to your Zuplo gateway with the route used by the MCP Server
503
+ Handler (that is, `https://my-gateway.zuplo.dev/mcp`)
504
+ 3. If you have configured OAuth authentication, you will need to login using the
505
+ OAuth flow using the **Open Auth Settings** button.
506
+ 4. Hit **Connect**.
507
+
508
+ ### Curl
509
+
510
+ For more fine grained debugging, utilize
511
+ [MCP JSON RPC 2.0 messages](https://modelcontextprotocol.io/specification/2025-03-26/basic)
512
+ directly with curl. There are lots of different interactions and message flows
513
+ supported by MCP, but some useful ones include:
514
+
515
+ #### Ping
516
+
517
+ To send a
518
+ [simple "ping" message](https://modelcontextprotocol.io/specification/2025-03-26/basic/utilities/ping),
519
+ which can be useful for testing availability of your MCP server:
520
+
521
+ ```sh
522
+ curl https://my-gateway.zuplo.dev/mcp \
523
+ -X POST \
524
+ -H 'accept: application/json, text/event-stream' \
525
+ -d '{
526
+ "jsonrpc": "2.0",
527
+ "id": "0",
528
+ "method": "ping"
529
+ }'
530
+ ```
531
+
532
+ #### List tools
533
+
534
+ To see
535
+ [what tools a server has registered](https://modelcontextprotocol.io/specification/2025-03-26/server/tools#listing-tools):
536
+
537
+ ```sh
538
+ curl https://my-gateway.zuplo.dev/mcp \
539
+ -X POST \
540
+ -H 'accept: application/json, text/event-stream' \
541
+ -d '{
542
+ "jsonrpc": "2.0",
543
+ "id": "0",
544
+ "method": "tools/list"
545
+ }'
546
+ ```
547
+
548
+ #### List prompts
549
+
550
+ To see what prompts a server has available:
551
+
552
+ ```sh
553
+ curl https://my-gateway.zuplo.dev/mcp \
554
+ -X POST \
555
+ -H 'accept: application/json, text/event-stream' \
556
+ -d '{
557
+ "jsonrpc": "2.0",
558
+ "id": "0",
559
+ "method": "prompts/list"
560
+ }'
561
+ ```
562
+
563
+ #### List resources
564
+
565
+ To see what resources a server has available:
566
+
567
+ ```sh
568
+ curl https://my-gateway.zuplo.dev/mcp \
569
+ -X POST \
570
+ -H 'accept: application/json, text/event-stream' \
571
+ -d '{
572
+ "jsonrpc": "2.0",
573
+ "id": "0",
574
+ "method": "resources/list"
575
+ }'
576
+ ```
577
+
578
+ #### Call tool
579
+
580
+ To
581
+ [manually invoke a tool by name](https://modelcontextprotocol.io/specification/2025-03-26/server/tools#calling-tools):
582
+
583
+ ```sh
584
+ curl https://my-gateway.zuplo.dev/mcp \
585
+ -X POST \
586
+ -H 'accept: application/json, text/event-stream' \
587
+ -d '{
588
+ "jsonrpc": "2.0",
589
+ "id": "1",
590
+ "method": "tools/call",
591
+ "params": {
592
+ "name": "my_tool",
593
+ "arguments": {}
594
+ }
595
+ }'
596
+ ```
597
+
598
+ For more complex tools, you'll need to provide the schema compliant `arguments`.
599
+ Note the `inputSchema` for the tool from `tools/list` to appropriately craft the
600
+ `arguments`.
601
+
602
+ #### Get prompt
603
+
604
+ To execute a prompt with parameters:
605
+
606
+ ```sh
607
+ curl https://my-gateway.zuplo.dev/mcp \
608
+ -X POST \
609
+ -H 'accept: application/json, text/event-stream' \
610
+ -d '{
611
+ "jsonrpc": "2.0",
612
+ "id": "1",
613
+ "method": "prompts/get",
614
+ "params": {
615
+ "name": "my_prompt",
616
+ "arguments": {
617
+ "param1": "value1"
618
+ }
619
+ }
620
+ }'
621
+ ```
622
+
623
+ For prompts with parameters, provide the required `arguments` object based on
624
+ the prompt's schema from `prompts/list`.
625
+
626
+ #### Read resource
627
+
628
+ To read a resource by its URI:
629
+
630
+ ```sh
631
+ curl https://my-gateway.zuplo.dev/mcp \
632
+ -X POST \
633
+ -H 'accept: application/json, text/event-stream' \
634
+ -d '{
635
+ "jsonrpc": "2.0",
636
+ "id": "1",
637
+ "method": "resources/read",
638
+ "params": {
639
+ "uri": "mcp://resources/my_resource"
640
+ }
641
+ }'
642
+ ```
643
+
644
+ Use the URI from `resources/list` to specify which resource to read.
645
+
646
+ :::tip
647
+
648
+ Read more about how calling tools works in
649
+ [the Model Context Protocol server specification](https://modelcontextprotocol.io/specification/2025-03-26/server/tools).
650
+
651
+ :::
652
+
653
+ ### OAuth Testing
654
+
655
+ If you have configured OAuth authentication for your MCP Server, you can use the
656
+ MCP Inspector to test the OAuth flow.
657
+
658
+ Hit the **Open Auth Settings** button in the Inspector UI to start the OAuth
659
+ flow. When first setting up the OAuth flow, it's recommended to use the **Guided
660
+ OAuth Flow** which you will see when you open the OAuth settings. This will
661
+ allow you to debug the flow step by step.
662
+
663
+ The OAuth flow involves the following steps, as shown in the MCP inspector
664
+ guided auth flow. After you've checked each step, click the **Continue** button
665
+ in the MCP Inspector UI to move to the next step.
666
+
667
+ 1. **Metadata Discovery**: The MCP Inspector will make a request to the
668
+ `.well-known/oauth-protected-resource` endpoint to learn about the OAuth
669
+ configuration. The MCP Inspector will then make a request to the
670
+ Authorization server which you configured in the
671
+ `OAuthProtectedResourcePlugin`, which will return the metadata it needs to
672
+ continue with the OAuth flow.
673
+
674
+ If you see errors in this part, check that you have correctly added the
675
+ `OAuthProtectedResourcePlugin` to your `zuplo.runtime.ts` file, and that you
676
+ have correctly configured the `authorizationServers` value to be the
677
+ canonical URL of your Authorization server, and registered an OAuth policy to
678
+ the route of your MCP server.
679
+
680
+ 2. **Client Registration**: The MCP Inspector will try to use
681
+ [Dynamic Client Registration](https://modelcontextprotocol.io/specification/draft/basic/authorization#dynamic-client-registration)
682
+ to register a new client with the Authorization server. Note that not all MCP
683
+ Clients require this, however at this time, the MCP Inspector does. You will
684
+ need to enable Dynamic Client Registration on your Authorization server if
685
+ you want to test the full flow through the MCP Inspector.
686
+
687
+ If you see errors in this step, check that you have enabled Dynamic Client
688
+ Registration on your Authorization server.
689
+
690
+ 3. **Preparing Authorization**: The MCP Inspector will then redirect the user to
691
+ the authorization server to login and authorize the MCP Client. Click the
692
+ redirect link in the Authorization URL section to be prompted to login. After
693
+ logging in, you will be given a code to copy in to the next step.
694
+
695
+ 4. **Request Authorization and acquire authorization code**: Take the copied
696
+ code from the last step and paste it in to the MCP Inspector and input it
697
+ into the box.
698
+
699
+ 5. **Token Request**: The MCP Inspector will do PKCE and make a request to the
700
+ `token` endpoint of your Authorization server to exchange the authorization
701
+ code for an access token. This is attached as the Authorization header when
702
+ calling your MCP server, typically as a Bearer token.
703
+
704
+ 6. **Authentication Complete**: You should now see a success message in the MCP
705
+ Inspector. You can now hit the **Connect** button to connect to your MCP
706
+ server.
707
+
708
+ If you see errors in the flow in steps 2-6, check that you have correctly
709
+ configured your Authorization server to support the OAuth 2.0 Authorization Code
710
+ Grant with PKCE and Refresh Tokens.
711
+
712
+ ### MCP Client
713
+
714
+ By connecting to an LLM enabled MCP Client, you can test the true end to end
715
+ experience.
716
+
717
+ Many clients (like OpenAI, Claude Desktop, or Cursor) let you define the remote
718
+ server URL and the name. For example,
719
+ [in Cursor](https://docs.cursor.com/context/model-context-protocol), you can add
720
+ your MCP server like so:
721
+
722
+ ```json
723
+ {
724
+ "mcpServers": {
725
+ "my-custom-mcp-server": {
726
+ "url": "https://my-gateway.zuplo.dev/mcp"
727
+ }
728
+ }
729
+ }
730
+ ```