Documentation
API Reference#
Packages#
kagent.dev/v1alpha1#
Package v1alpha1 contains API Schema definitions for the v1alpha1 API group.
Resource Types#
HTTPTransport#
HTTPTransport defines the configuration for a Streamable HTTP transport.
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
targetPort integer | target port is the HTTP port that serves the MCP server.over HTTP | ||
path string | the target path where MCP is served |
KeycloakProvider#
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
realm string |
MCPAuthorizationServer#
MCPAuthorizationServer represents the configuration for the MCP authorization server
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
issuer string | |||
audience string | |||
jwksUrl string | |||
provider MCPClientProvider | |||
resourceMetadata MCPClientResourceMetadata |
MCPClientProvider#
MCPClientProvider represents the support identity providers currently only keycloak is supported
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
keycloak KeycloakProvider |
MCPClientResourceMetadata#
MCPClientResourceMetadata represents resource metadata for MCP client authentication
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
baseUrl string | BaseURL denotes the protected base url of the protected resource ie: http://localhost:3000 | ||
scopesSupported string array | Scopes supported by this resource | ||
bearerMethodsSupported string array | Bearer methods supported by this resource | ||
additionalFields object (keys:string, values:string) | Additional resource metadata fields |
MCPServer#
MCPServer is the Schema for the mcpservers API.
| Field | Description | Default | Validation |
|---|---|---|---|
apiVersion string | kagent.dev/v1alpha1 | ||
kind string | MCPServer | ||
kind string | Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds | ||
apiVersion string | APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources | ||
metadata ObjectMeta | Refer to Kubernetes API documentation for fields of metadata. | ||
spec MCPServerSpec | |||
status MCPServerStatus |
MCPServerAuthentication#
MCPServerAuthentication defines the authentication configuration for the MCP server.
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
jwt MCPServerJWTAuthentication | JWT defines the JWT authentication configuration. |
MCPServerAuthorization#
MCPServerAuthorization defines the authorization configuration for the MCP server.
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
server MCPAuthorizationServer | Server defines the configuration for the MCP authorization server that protects the MCP server. Setting this field will configure agentgateway to use the authorization server to protect the MCP server and its resources as well as adapt traffic to the MCP client to comply with the MCP authorization spec before forwarding traffic to the MCP client. | ||
rules string | Rules defines the CEL-based authorization rules that control access to the MCP server resources. |
MCPServerDeployment#
MCPServerDeployment
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
image string | Image defines the container image to to deploy the MCP server. | ||
port integer | Port defines the port on which the MCP server will listen. | ||
cmd string | Cmd defines the command to run in the container to start the mcp server. | ||
args string array | Args defines the arguments to pass to the command. | ||
env object (keys:string, values:string) | Env defines the environment variables to set in the container. | ||
secretRefs LocalObjectReference array | SecretRefs defines the list of Kubernetes secrets to reference. These secrets will be mounted as volumes to the MCP server container. |
MCPServerJWTAuthentication#
MCPServerJWTAuthentication defines the JWT authentication configuration for the MCP server.
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
issuer string | Issuer is the JWT issuer URL. | ||
audiences string array | Audiences is a list of audiences that the JWT must match. | ||
jwks SecretKeySelector | JWKS references a secret containing the JSON Web Key Set. The secret must contain a key with the JWKS content. |
MCPServerSpec#
MCPServerSpec defines the desired state of MCPServer.
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
deployment MCPServerDeployment | Configuration to Deploy the MCP Server using a docker container | ||
transportType TransportType | TransportType defines the type of mcp server being run | Enum: [stdio http] | |
stdioTransport StdioTransport | StdioTransport defines the configuration for a standard input/output transport. | ||
httpTransport HTTPTransport | HTTPTransport defines the configuration for a Streamable HTTP transport. | ||
authn MCPServerAuthentication | Authn defines the authentication configuration for the MCP server. This field is optional and can be used to configure JWT authentication. If not specified, the MCP server will not require authentication. | ||
authz MCPServerAuthorization | Authz defines the authorization rule configuration for the MCP server. This field is optional and can be used to configure authorization rules for access to the MCP server and specific tools. If not specified, the MCP server will not enforce any authorization rules. |
MCPServerStatus#
MCPServerStatus defines the observed state of MCPServer.
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
conditions Condition array | Conditions describe the current conditions of the MCPServer. Implementations should prefer to express MCPServer conditions using the MCPServerConditionType and MCPServerConditionReasonconstants so that operators and tools can converge on a common vocabulary to describe MCPServer state. Known condition types are: * "Accepted" * "ResolvedRefs" * "Programmed" * "Ready" | MaxItems: 8 | |
observedGeneration integer | ObservedGeneration is the most recent generation observed for this MCPServer. It corresponds to the MCPServer's generation, which is updated on mutation by the API Server. |
StdioTransport#
StdioTransport defines the configuration for a standard input/output transport.
Appears in:
TransportType#
Underlying type: string
MCPServerTransportType defines the type of transport for the MCP server.
Appears in:
| Field | Description |
|---|---|
stdio | TransportTypeStdio indicates that the MCP server uses standard input/output for communication. |
http | TransportTypeHTTP indicates that the MCP server uses Streamable HTTP for communication. |
Kagent Lab: Discover kagent and kmcp
Free, on‑demand lab: build custom AI agents with kagent and integrate tools via kmcp on Kubernetes.