MCP Server Listener
MCP Server Listener
The MCP Server Listener is a consumer component that enable ConnectPlaza user to expose ConnectPlaza Flows as MCP Tools and Resources.
MCP is the protocol that is used by MCP Clients, I.E. the AI Chat applications, in order to access datasources, applications and other forms of integration for use with the AI’s LLM. This protocol considers these integrations ‘Tools’ or ‘Resources’ and these tools/resources can be used by the AI to discover data and information which would otherwise be hidden from the AI’s reach.
The ConnectPlaza MCP Server Listener will allow a flow on which this Consumer component is applied, to expose itself as either a TOOL or a RESOURCE.
MCP Tools are considered functions, which can be implemented as ConnectPlaza flows. The respective flow will execute and return with a dataset to be returned to the MCP Client.
MCP Resources are direct links to physical resources on the platform to be accessed by the MCP Client. The respective ConnectPlaza flow must therefor respond with a correct Resource payload.
In short the AI Chat application which speaks to the LLM can provide a Prompt for a user to ask questions. These questions may be pertinent to specific data in de user’s infrastructure which is not availble online. The user may use this MCP Server Listener to expose the ConnectPlaza Flow as a Tool or Resource, making it available for connection by the AI Client through the MCP protocol. The AI app can then request additional information from this Tool (which in fact is a ConnectPlaza flow) or Resource and send this additional data to the AI’s LLM for further processing.
Communcation from the MCP Client will be done in a JSON-RPC format. This format may contain tool-parameters which are mapped into this format. The JSON-RPC message will be converted into a ConnectMessage with a String messagepart which can be accessed using JSON Path.
Every MCP Listener will be connected to the HTTP Host and Port and together with the Context path (which defaults to /). The Server will automatically add /sse to the context path for Server Sent Events mode. This will form an unique triplet and therefor internally one MCP Server. Listeners which are configured on other Host, Port or Context path will automatically open a new MCP Server. Each MCP Listener will expose exactly one Tool or Resource on its designated MCP Server with specified configuration. When all MCP Listeners that form a MCP Server are either undeployed or destroyed, and all Tools and Resources are deregistered, the MCP Server itself will automatically be removed.
Currently the MCP Server Listener supports both HTTP with SSE (Server-sent Events) and Streamable HTTP, it does not support STDIO as the MCP Client must access the Agent through HTTP(S). As with other HTTP based Listeners this Consumer also support TLS and supports either BASIC authentication or Oauth2 based authentication identical to the REST Listener. For more information see the REST Listener’s security documentation which applies here.
Also all Flows that use the MCP Server Listener must also use a Message Reply producer.
In the table below, you will find an explanation of these properties. All attributes with a ‘*’ are mandatory.
|
Attribute |
Description |
|
Name* |
By default, we fill this out with the technical ‘tag’, followed by a serial number. Changing the name is optional. |
|
Enabled |
Set this value to true, if you want this service to be enabled. |
|
Hostname |
Hostname used to create the endpoint |
|
Port |
Port number. The default is the Jetty port. |
|
Context Path |
Path on which to open webservice endpoint. A custom Context Path should always start with a forward slash (/). So for instance: "/CustomPath". |
|
Transport Type |
Defines the transport type of the MCP Client. Can be set to either SSE (Server Sent Events) or Streamable HTTP. When set to STREAMABLE, the defined Context Path will be used to register the MCP Server Listener. |
|
Method |
Specify which HTTP Methods are allowed (GET/POST/HEAD/OPTIONS/PUT/PATCH/DELETE/TRACE). You may also use a comma separated list. Input can be done by clicking in the lower part of the box. A drop-down menu will appear and you can select, or type your selection: |
|
MessagePartName |
Name of the MessagePart in a ConnectMessage where the content of the file is being stored. |
|
Response Timeout |
Time in milliseconds to wait before time-out. |
|
Enable TLS |
Enables TLS Connector. When set to true, the keystore value and alias value should be set. Otherwise, the defaults will be used. |
|
Certificate alias in Keystore
|
This attribute is only visible when the attribute Enable TLS has value true. Set the certificate alias for the selected server certificate. Should exist in defined keystore. |
|
Key password
|
This attribute is only visible when advanced mode is enabled, and the attribute Enable TLS has value true. Password for the certificate key. If left empty the default key password will be used. |
|
Keystore location
|
This attribute is only visible when advanced mode is enabled, and the attribute Enable TLS has value true. The location of the keystore. Should be a path to the keystore JKS file. If left empty the default keystore will be used. |
|
Keystore password
|
This attribute is only visible when advanced mode is enabled, and the attribute Enable TLS has value true. Password of the keystore. If left empty the default keystore password will be used. |
|
Authentication Realm |
Provide an Authentication file from Resources to specify configured Authentication for selected Scheme. See chapter on Providing Authentication for HTTP/WS Listeners. For more information, follow this link. |
|
Authentication Scheme |
Select desired Authentication Schema (NONE, BASIC, JDBC, LDAP, OAUTH2_OIDC_ISSUER_URI, OAUTH2_OIDC_JWK_SET_URI). See chapter on Providing Authentication for HTTP/WS Listeners and the section on OAuth2/OIDC security on this page. For more information, follow this link. |
|
Issuer URI |
If Authentication Scheme is set to OAUTH2_OIDC_ISSUER_URI, you are required to provide an OAuth2/OIDC issuer url. See the section above on OAuth2/OIDC Security. |
|
JWK Set URI |
If Authentication Scheme is set to OAUTH2_OIDC_JWK_SET_URI, you are required to provide a JSON Web Key (JWK) Set URI. See the section above on OAuth2/OIDC Security. |
|
OAuth2/OIDC Scope |
If Authentication Scheme is set to OAuth2/OIDC, you can optionally specify that access tokens are required to have a certain scope. In the case of JWTs this is a scope included in the scopes claim. Note that you can currently only specify a single scope. If left empty, no further requirements are imposed on access tokens. |
|
JWT Claim Expression |
Only available if Authentication Scheme is set to OAuth2/OIDC. The JSON Web Token (JWT) claim expression can be used to allow or deny requests based on the claims inside the access token (provided it is a JWT) used by OAuth2/OIDC. See the documentation above for more information. |
|
Include JWT in ConnectMessage |
NOTE: This attribute is only visible when the attribute Authentication Scheme has value OAUTH2_OIDC_ISSUER_URI, or OAUTH2_OIDC_JWK_SET_URI. If enabled, the JWT claims will be included in the ConnectMessage as a text messagepart. The JWT claims will be in JSON format. You can use JSONPath expressions to extract specific claims from the messagepart. |
|
JWT Claims MessagePart Name |
NOTE: This attribute is only visible when the attribute Include JWT in ConnectMessage has value true. The name of the message part that will contain the JWT claims. |
|
MCP Type |
Can be set to either TOOL or RESOURCE. This will define the behaviour of this MCP Listener and whether it will be presented to the MCP Client as either a tool or resource. Tools are considered functions which uses the flow to execute additional services before using a Message Reply to respond the result back to the MCP Client. Resources are directly linked to physical Resources on either the local platform or using an URI. |
|
Tool name* |
This will specify the unique name of the tool. This name cannot be reused in other tools. MCP will propagate this flow as a tool under this name. |
|
Tool Description |
A description of this tool, which will also be propagated by MCP |
|
Tool-Parameters |
For every tool there is the option specify one or more tool-parameters. Each parameter can specified by a name and a type (string / number). These tool-parameters will be propagated to de MCP Client and the MCP Client may provide values for these parameters in the JSON RPC message. |
|
Resource name* |
This will specify the unique name of the Resource. This name cannot be reused in other resources. MCP will propagate this flow as a resource under this name. |
|
Resource Description |
A description of this Resource, which will also be propagated by MCP |
|
Resource URI* |
Reference to the desired Resource |
|
Resource |
Type or the Resource’s content. Use TEXT for simple text based resources, XML for XML (DOM) parsed documents and BYTES for binary resources. |
|
Resource Type Match Policy |
This Resource’s Match Policy. Can be set to EXACT or LENIENT. When set to EXACT it will check that the Flow returns the correct payload corresponding to this Resource’s type. For example, when set to TEXT it will check wether the Flow responds with a TEXT Message Part. If it fails this check, an Exception will be thrown. When set to LENIENT only a Warning will be logged. Defaults to EXACT. |