Skip to content

MCP Integration

The MCP server is implemented directly within the FastAPI application using a custom extension of FastMCP. This provides several advantages: - HTTP Transport: Natively supports HTTP-based MCP clients via StreamableHTTP, enabling secure remote access. - Unified Authentication: Leverages the same JWT authentication as the rest of the API. - Code Reusability: Directly calls internal services and CRUD operations, reducing code duplication. - Scalability: Benefits from the same deployment and scaling infrastructure as the main API.

Dynamic Tool Filtering

The MCP server implements per-user dynamic tool filtering using DynamicFastMCP, a custom subclass of FastMCP:

Implementation Details: - DynamicFastMCP (preloop/services/dynamic_fastmcp.py): Extends FastMCP and overrides _list_tools() and _mcp_call_tool() methods - Tool Visibility: Default tools (get_issue, create_issue, update_issue, search, estimate_compliance, improve_compliance) are only visible when the authenticated account has one or more trackers configured - User Context Propagation: Uses Python's ContextVar for async-safe user context storage across request boundaries - Authentication: PreloopBearerAuthBackend validates JWT tokens and injects user context into the request scope - Middleware: UserContextMiddleware extracts authenticated user info and stores it in a ContextVar for access during tool listing and execution - StreamableHTTP Transport: Uses FastMCP's proven http_app(transport="streamable-http") implementation for bidirectional streaming - Endpoint: Mounted at /mcp/v1 with full authentication and lifespan management

Tool Registration: All built-in tools are registered in preloop/services/initialize_mcp.py using FastMCP's @mcp.tool() decorator, then filtered at runtime based on user context.

Benefits: - Zero performance overhead for tool registration (happens once at startup) - Dynamic filtering happens only during tool list requests - Full compatibility with FastMCP's StreamableHTTP implementation - Backward compatible with existing authentication infrastructure

MCP Server Management

Preloop supports configuration and management of external MCP servers, enabling tool proxying and federation.

Database Model: - MCPServer: Stores configuration for external MCP servers - Connection details (URL, transport type, authentication) - Status tracking (active, inactive, error) - Tool discovery and caching - Account-scoped isolation

Features: - Automatic tool discovery from external MCP servers - Connection pooling and health checking via MCPClientPool - Support for multiple authentication schemes (bearer token, API key, none) - StreamableHTTP and SSE transport protocols - Tool scanning and metadata caching

API Endpoints: - GET /api/v1/mcp-servers - List configured MCP servers - POST /api/v1/mcp-servers - Add new MCP server - PUT /api/v1/mcp-servers/{id} - Update MCP server configuration - DELETE /api/v1/mcp-servers/{id} - Remove MCP server - POST /api/v1/mcp-servers/{id}/scan - Trigger tool discovery scan - GET /api/v1/mcp-servers/{id}/tools - List tools available on server