MCP Server Schema
Top-level fields
| Field | Type | Required | Description |
|---|---|---|---|
name | string | yes | Display name for your MCP server |
slug | string | yes | URL identifier — your server becomes available at /mcp/{slug} |
description | string | no | Short description of what the server does |
authentication | object | no | Server-level auth applied to every tool call (see below) |
oauth | object | no | OAuth 2.0 configuration for user-delegated auth flows (see below) |
tools | array | yes | List of tools your server exposes (see below) |
authentication object
Defines how the caller's API token is forwarded to your upstream service. When present, Shredly automatically injects the token into every outbound request using the specified scheme.
| Field | Type | Required | Description |
|---|---|---|---|
type | string | yes | Auth scheme: Bearer (prepends "Bearer "), ApiKey (sends the raw token), or Basic (prepends "Basic ") |
header | string | no | Override header name when using ApiKey — e.g. X-My-Key |
{
"authentication": {
"type": "Bearer"
}
}
Using ApiKey with a custom header name:
{
"authentication": {
"type": "ApiKey",
"header": "X-My-Key"
}
}
oauth object
Configures an OAuth 2.0 authorization code flow for your server. When present, Shredly handles the redirect and token exchange on behalf of the user.
| Field | Type | Required | Description |
|---|---|---|---|
authorization_url | string | yes | The provider's authorization endpoint where users are redirected to grant access |
token_url | string | yes | The endpoint Shredly calls to exchange an authorization code for an access token |
client_id | string | yes | Your OAuth application's client ID |
client_secret | string | yes | Your OAuth application's client secret |
scopes | array | yes | List of OAuth scopes to request — e.g. ["openid", "profile", "email"] |
extra_params | object | no | Additional query parameters appended to the authorization URL — e.g. {"access_type": "offline"} for refresh tokens |
{
"oauth": {
"authorization_url": "https://accounts.google.com/o/oauth2/v2/auth",
"token_url": "https://your-backend.com/oauth/token",
"client_id": "your-client-id",
"client_secret": "your-client-secret",
"scopes": ["openid", "profile", "email"],
"extra_params": {
"access_type": "offline"
}
}
}
tools array
Each entry describes one callable tool. All fields are required.
| Field | Type | Description |
|---|---|---|
name | string | Tool name exposed to the MCP client |
description | string | Natural-language description of what the tool does |
method | string | HTTP verb: GET, POST, PUT, PATCH, or DELETE |
url | string | Static upstream URL — no template variables |
headers | object | Static key/value headers sent on every request (e.g. {"Content-Type": "application/json"}) |
input_schema | object | Flat map of argument name → field definition. Each field has a type (string, number, etc.) and optional description and optional: true. |
response_transform | string | Dot-path into the response JSON to extract — e.g. data.results. Use . to return the full response. |
timeout_ms | number | Request timeout in milliseconds. Maximum 20000. |
Example tool definition:
{
"name": "getUser",
"description": "Fetch a user by ID from your backend.",
"method": "GET",
"url": "https://api.yourapp.com/users",
"headers": {
"Content-Type": "application/json"
},
"input_schema": {
"user_id": {
"type": "string",
"description": "The ID of the user to fetch"
}
},
"response_transform": "data",
"timeout_ms": 5000
}
Example full server configuration:
{
"name": "My App MCP",
"slug": "my-app",
"description": "MCP server for My App",
"authentication": {
"type": "Bearer"
},
"oauth": {
"authorization_url": "https://accounts.google.com/o/oauth2/v2/auth",
"token_url": "https://your-backend.com/oauth/token",
"client_id": "your-client-id",
"client_secret": "your-client-secret",
"scopes": ["openid", "profile", "email"],
"extra_params": {
"access_type": "offline"
}
},
"tools": [
{
"name": "createRecord",
"description": "Create a new record in My App.",
"method": "POST",
"url": "https://api.yourapp.com/records",
"headers": {
"Content-Type": "application/json"
},
"input_schema": {
"title": {
"type": "string"
}
},
"response_transform": ".",
"timeout_ms": 10000
}
]
}