FruxonDocs
IntegrationsMCP

Update MCP settings for an integration.

Patches `enabled`, `configId`, `exposedToolIds`, and `description` on the integration's MCP server settings; null fields are preserved. When `enabled` transitions to `true` for the first time, a dedicated MCP-scoped API key is auto-minted and bound to this MCP; the raw secret is returned exactly once on `apiKey` — surface it to the user immediately. Use `POST /integrations/{integration}/mcp:rotateKey` to mint a fresh secret later. Toggling `enabled` to false causes the JSON-RPC endpoints to reject calls for this integration but leaves the bound key in place so re-enabling doesn't break already-distributed configs.

PATCH
/v1/tenants/{tenant}/integrations/{integration}/mcp

Authorization

Bearer
AuthorizationBearer <token>

JWT Authorization header using the Bearer scheme. Enter 'Bearer' [space] and then your token.

In: header

Path Parameters

integration*string

The integration ID.

tenant*string

The tenant identifier

Request Body

The patch to apply.

enabled?boolean|null
configId?string|null

Use System.Guid.Empty to clear the config binding.

Formatuuid
exposedToolIds?|null
description?string|null
[key: string]?never

Response Body

curl -X PATCH "https://api.fruxon.com/v1/tenants/string/integrations/string/mcp" \  -H "Content-Type: application/json" \  -d '{}'
{
  "integrationId": "string",
  "enabled": false,
  "configId": "00000000-0000-0000-0000-000000000000",
  "exposedToolIds": [
    "string"
  ],
  "description": "string",
  "apiKeyId": "00000000-0000-0000-0000-000000000000",
  "callUrl": "string",
  "testUrl": "string",
  "createdAt": 0,
  "modifiedAt": 0,
  "keyPrefix": "string",
  "apiKey": "string"
}
{
  "type": "string",
  "title": "string",
  "status": 0,
  "detail": "string",
  "instance": "string",
  "property1": null,
  "property2": null
}
Empty
Empty
{
  "type": "string",
  "title": "string",
  "status": 0,
  "detail": "string",
  "instance": "string",
  "property1": null,
  "property2": null
}

MCP JSON-RPC endpoint (production)

Single JSON-RPC entry point that external MCP clients connect to in production. Dispatches the standard MCP methods (`initialize`, `tools/list`, `tools/call`, etc.); `tools/list` reflects the integration's `exposedToolIds`, and `tools/call` resolves the integration's published `configId` revision to authenticate against the real upstream API. Authenticated via API key (the `apiKeyId` configured on the MCP settings) and concurrency-rate-limited. Use `/integrations/{integration}/mcp:test` for the sandbox equivalent that routes through the integration simulator.

Rotate the MCP key for an integration.

Mints a fresh secret with the same `mcp:invoke` scope, binds the MCP config to it, and revokes the original. The raw secret is returned once on `apiKey` — the user must update their MCP client config (Claude Desktop, Cursor) with the new value. Rotating renders any previously-distributed copy of the key permanently unusable.