package envoy.extensions.filters.http.mcp_router.v3

Get desktop application:
View/edit binary Protocol Buffers messages

Extract identity from dynamic metadata (e.g., populated by JWT or ext_authz filter).

optional type.metadata.v3.MetadataKey key = 1
The metadata key to retrieve the value from.

Extract identity from a request header.

string name = 1
Header name to extract (e.g., "x-user-identity").

Defines how the identity (user/principal) is extracted from the request. Exactly one of ``header`` or ``dynamic_metadata`` must be set.

Used in: SessionIdentity

optional HeaderSource header = 1
Extract identity from a request header.
optional DynamicMetadataSource dynamic_metadata = 2
Extract identity from dynamic metadata.

repeated McpRouter.McpBackend servers = 1
A list of remote MCP servers. MCP router aggregates capabilities, tools and resources from remote MCP servers and presents itself as single MCP server to the client. All remote MCP servers are sent the same capabilities that the client presented to Envoy.
optional SessionIdentity session_identity = 2
If set, extracts a request "subject" and binds it into the MCP session. If not set, sessions are created without identity binding.

Specification of the MCP server.

Used in: McpRouter

string name = 1
Unique name for this backend. Used for: - Tool name prefixing (e.g., "time__get_current_time") - Session ID composition - Logging and error messages. Default will be the cluster name if not specified.
optional McpCluster mcp_cluster = 2
Backend target specification.

Cluster-based backend configuration.

Used in: McpBackend

string cluster = 1
Cluster name to route requests to.
string path = 2
Path to use for MCP requests. Defaults to "/mcp".
optional google.protobuf.Duration timeout = 3
Request timeout. If not set, uses cluster's timeout configuration.
string host_rewrite_literal = 4
Indicates that during forwarding, the host header will be swapped with this value.

Session identity configuration.

Used in: McpRouter

optional IdentityExtractor identity = 1
Defines how the identity (user/principal) is extracted from the request.
optional ValidationPolicy validation = 2
Specifies how to handle requests where the subject is missing or invalid. Defaults to DISABLED.

Specifies how to handle requests where the identity is missing or mismatched.

Used in: SessionIdentity

ValidationPolicy.Mode mode = 1

Used in: ValidationPolicy

MODE_UNSPECIFIED = 0
Not specified. Defaults to DISABLED behavior.
DISABLED = 1
Bind identity on Initialize if present, but do not validate subsequent requests. If extraction fails, the session proceeds anonymously.
ENFORCE = 2
Reject the request (403) if the identity cannot be extracted or if the session identity does not match the request identity.

package envoy.extensions.filters.http.mcp_router.v3

message DynamicMetadataSource

optional type.metadata.v3.MetadataKey key = 1

message HeaderSource

string name = 1

message IdentityExtractor

optional HeaderSource header = 1

optional DynamicMetadataSource dynamic_metadata = 2

message McpRouter

repeated McpRouter.McpBackend servers = 1

optional SessionIdentity session_identity = 2

message McpRouter.McpBackend

string name = 1

optional McpCluster mcp_cluster = 2

message McpRouter.McpCluster

string cluster = 1

string path = 2

optional google.protobuf.Duration timeout = 3

string host_rewrite_literal = 4

message SessionIdentity

optional IdentityExtractor identity = 1

optional ValidationPolicy validation = 2

message ValidationPolicy

ValidationPolicy.Mode mode = 1

enum ValidationPolicy.Mode

MODE_UNSPECIFIED = 0

DISABLED = 1

ENFORCE = 2