Skip to content

Commit d33229a

Browse files
authored
RHIDP-12603: Doc for MCP Service Selector in chat and token storage (#2031)
* Doc for MCP Service Selector in chat and token storage * Incorporated Maysun's comments * Incorporated Maysun's comment and rewrote a bit * Incorporated Maysun's comments * Incorporated Tim - peer review comments * Incorproated Fabrice's comments * Made CQA changeS * A few more cqa related updates
1 parent ef7bf99 commit d33229a

8 files changed

Lines changed: 168 additions & 33 deletions

File tree

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,16 @@
1+
:_mod-docs-content-type: ASSEMBLY
2+
ifdef::context[:parent-context: {context}]
3+
4+
[id="configure-and-manage-mcp-settings_{context}"]
5+
= Configure and manage MCP settings
6+
:context: configure-and-manage-mcp-settings
7+
8+
[role="_abstract"]
9+
To use Model Context Protocol (MCP) servers securely, you must configure the backend storage and encryption. After configuration, users can manage connections and tokens by using the chat interface.
10+
11+
include::../modules/integrate_interacting-with-model-context-protocol-tools-for-rhdh/proc-enable-encryption-and-database-storage-for-mcp-server-tokens.adoc[leveloffset=+1]
12+
13+
include::../modules/integrate_interacting-with-model-context-protocol-tools-for-rhdh/proc-manage-mcp-settings-in-the-user-interface.adoc[leveloffset=+1]
14+
15+
ifdef::parent-context[:context: {parent-context}]
16+
ifndef::parent-context[:!context:]

assemblies/integrate_interacting-with-model-context-protocol-tools-for-rhdh/assembly-troubleshoot-mcp-server-and-client-problems.adoc

Lines changed: 1 addition & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,13 +1,10 @@
11
:_mod-docs-content-type: ASSEMBLY
22
ifdef::context[:parent-context: {context}]
33

4-
5-
64
[id="troubleshoot-mcp-server-and-client-problems_{context}"]
75
= Troubleshoot MCP server and client problems
8-
9-
106
:context: troubleshoot-mcp-server-and-client-problems
7+
118
[role="_abstract"]
129
Diagnose and resolve common issues with MCP server installation, client configuration, and tool execution in {product-short}.
1310

modules/integrate_interacting-with-model-context-protocol-tools-for-rhdh/proc-configure-mcp-clients-to-access-the-rhdh-server.adoc

Lines changed: 23 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -4,29 +4,28 @@
44
= Configure MCP clients to access the {product-very-short} server
55

66
[role="_abstract"]
7-
Configure MCP client applications with server URLs and authentication to enable interaction with the {product-very-short} MCP server.
7+
Configure Model Context Protocol (MCP) client applications with server URLs and authentication to enable interaction with the {product-very-short} server.
88

9-
You must configure an MCP client before it can interact with the MCP server.
10-
For more information on the list of clients and the configuration for each client, see https://modelcontextprotocol.io/clients[Example Clients].
9+
You must configure an MCP client before it can interact with the MCP server. For a list of supported clients and their specific configurations, see link:https://modelcontextprotocol.io/clients[Example Clients].
1110

1211
.Prerequisites
1312

14-
* You have configured one of the following endpoints as the server URL, where `pass:c,a,q[{my-product-domain}]` is the hostname of your {product-very-short} instance.
13+
* You have one of the following endpoints for the server URL, where `pass:c,a,q[{my-product-domain}]` is the hostname of your {product-very-short} instance.
1514

16-
** Streamable: pass:c,a,q[`{my-product-url}/api/mcp-actions/v1`]
17-
** SSE (Legacy): pass:c,a,q[`{my-product-url}/api/mcp-actions/v1/sse`]
15+
** Streamable: `pass:c,a,q[{my-product-url}/api/mcp-actions/v1]`
16+
** SSE (Legacy): `pass:c,a,q[`{my-product-url}/api/mcp-actions/v1/sse]`
1817
+
1918
[NOTE]
2019
====
21-
Some clients do not yet support the Streamable endpoint, and you might need to use the SSE endpoint instead.
20+
If a client does not yet support the Streamable endpoint, you must use the SSE endpoint.
2221
====
2322

24-
* You have set the `${MCP_TOKEN}` environment variable in your MCP server configuration as the bearer token when authenticating with the MCP server.
23+
* You have set the `MCP_TOKEN` environment variable in your MCP server configuration as the bearer token for authentication.
2524

2625
.Procedure
2726

2827
. Configure *{ls-short}* as a client. For more details, see {developer-lightspeed-link}[{ls-brand-name}].
29-
.. In the `lightspeed-stack.yaml` configuration, add the following configuration for `mcp_servers`:
28+
.. In the `lightspeed-stack.yaml` configuration, add the following `mcp_servers` configuration:
3029
+
3130
[source,yaml,subs="+attributes,+quotes"]
3231
----
@@ -37,11 +36,11 @@ mcp_servers:
3736
authorization_headers:
3837
Authorization: "client"
3938
----
40-
where:
39+
+
4140

42-
`model-context-protocol`:: This is the tool runtime provider defined and configured in the llama-stack `run.yaml` configuration for use in {lcs-short}.
41+
`model-context-protocol`:: Enter the tool runtime provider defined in the llama-stack `run.yaml` configuration for {lcs-short}.
4342

44-
.. Optional: If you want to use your own Llama Stack configuration, add the following code to your Llama Stack configuration file (`run.yaml`).
43+
.. Optional: To use a custom Llama Stack configuration, add the following code to the `run.yaml` Llama Stack configuration file.
4544
+
4645
[source,yaml]
4746
----
@@ -51,16 +50,24 @@ providers:
5150
provider_type: remote::model-context-protocol
5251
config: {}
5352
----
54-
.. To authorize requests to the MCP endpoint using `<MCP_TOKEN>`, add it in the {ls-short} `{my-app-config-file}` file, to make POST requests to {lcs-short}, as shown in the following code:
53+
54+
.. To authorize requests to the MCP endpoint using `_<MCP_TOKEN>_`, add one or more servers to the `mcpServers` list in the {ls-short} `{my-app-config-file}` file, to make POST requests to {lcs-short}:
5555
+
5656
[source,yaml]
5757
----
5858
lightspeed:
5959
mcpServers:
6060
- name: mcp::backstage
6161
token: ${MCP_TOKEN}
62+
- name: _<mcp_server_name>_
63+
token: ${MCP_TOKEN_2}
6264
----
63-
.. Optional: You can query the {lcs-short} `/v1/streaming_query` endpoint directly by providing the `MCP_TOKEN` in the header, as shown in the following code:
65+
where:
66+
67+
`name`:: Enter the server name. This must match the name configured in the {lcs-short}.
68+
`token`:: Optional: Enter the static token used to authorize requests. You can also configure the token through the *MCP Server Settings* in the *Developer Lightspeed* user interface. The setting remains disabled until you configure the token.
69+
70+
.. Optional: Query the {lcs-short} `/v1/streaming_query` endpoint directly by providing the `MCP_TOKEN` in the header:
6471
+
6572
[source,yaml]
6673
----
@@ -73,10 +80,10 @@ curl -X POST \
7380
+
7481
where:
7582

76-
`<url>`:: Enter the {lcs-short} endpoint. You can use localhost(pass:c,a,q:[`<{product-very-short}_servicename>.{my-product-namespace}.svc.cluster.local:8080`]) or the service name for this field if you are inside the {backstage} container.
83+
`<url>`:: Enter the {lcs-short} endpoint. Use `localhost` or the service name `pass:c,a,q:[<{product-very-short}_servicename>.{my-product-namespace}.svc.cluster.local:8080]` if you are inside the {backstage} container.
7784

7885
. Configure *Cursor* as a client.
79-
.. From your Desktop app, navigate to *Cursor Settings*, select *MCP Tools > New MCP Server* and add the following configuraiton:
86+
.. From your Desktop app, navigate to *Cursor Settings*, select *MCP Tools* > *New MCP Server* and add the following configuration:
8087
+
8188
[source,yaml,subs="+attributes,+quotes"]
8289
----
Lines changed: 67 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,67 @@
1+
:_mod-docs-content-type: PROCEDURE
2+
3+
[id="enable-encryption-and-database-storage-for-mcp-server-tokens_{context}"]
4+
= Enable encryption and database storage for MCP server tokens
5+
6+
[role="_abstract"]
7+
To protect sensitive credentials and persist user preferences, you must configure encryption and database settings in the `{my-app-config-file}` file.
8+
9+
Configuring encryption prevents the system from storing Model Context Protocol (MCP) tokens as plaintext in the database.
10+
11+
.Prerequisites
12+
13+
* You have administrator access to the {product-very-short} environment.
14+
* Your backend secet is available in the `BACKEND_SECRET` environment variable.
15+
16+
.Procedure
17+
18+
. To enable encryption for MCP server tokens, add the following snippet to the `backend` section of your `{my-app-config-file}` file:
19+
+
20+
[source,yaml]
21+
----
22+
backend:
23+
auth:
24+
keys:
25+
- secret: ${BACKEND_SECRET}
26+
----
27+
28+
. To store MCP server user preferences, configure the database connection. Use the configuration example that matches your environment:
29+
30+
** *Local development (In-memory):*
31+
+
32+
[source,yaml]
33+
----
34+
backend:
35+
database:
36+
client: better-sqlite3
37+
connection: ':memory:'
38+
----
39+
40+
** *Local path storage:*
41+
+
42+
[source,yaml]
43+
----
44+
backend:
45+
database:
46+
client: better-sqlite3
47+
connection:
48+
directory: './sqlite-data'
49+
----
50+
51+
** *Deployed PostgreSQL database:*
52+
+
53+
[source,yaml]
54+
----
55+
backend:
56+
database:
57+
client: pg
58+
connection:
59+
host: localhost
60+
port: 5432
61+
user: ${POSTGRES_USER}
62+
password: ${POSTGRES_PASSWORD}
63+
----
64+
65+
.Verification
66+
67+
* Restart the {product-very-short} instance and ensure no errors appear in the logs related to the `backend-auth` or `database` plugins.
Lines changed: 37 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,37 @@
1+
:_mod-docs-content-type: PROCEDURE
2+
3+
[id="manage-mcp-settings-in-the-user-interface_{context}"]
4+
= Manage MCP settings in the user interface
5+
6+
[role="_abstract"]
7+
To customize the tools and data sources available in the {ls-brand-name} chat interface, you can manage Model Context Protocol (MCP) server connections and personal authentication tokens.
8+
9+
You can use the *MCP settings* panel in the {ls-short} chat interface to review server status and enable or disable specific tools for your session.
10+
11+
.Prerequisites
12+
13+
* An administrator has configured encryption and database storage for the backend.
14+
* You have a valid Personal Access Token for the MCP servers you want to enable.
15+
16+
.Procedure
17+
18+
. In the {ls-brand-name} chat box, click the *Chatbot options* menu icon in the header.
19+
. Select *MCP settings*.
20+
. In the *MCP settings* panel, perform any of the following actions to configure your session:
21+
** Review server status: View whether available MCP servers are enabled or disabled.
22+
** View available tools: View the count of specific tools available for each server under *Status*.
23+
** Configure personal tokens:
24+
*** To add or update a token, click the *Edit* icon, enter your Personal Access Token in the field, and click *Save*. The system validates the token automatically.
25+
*** To remove or replace a token, click the *Edit* icon and select *Forget Token*.
26+
** Enable or disable servers: Use the toggles to select which servers provide tools for your chat session.
27+
+
28+
[NOTE]
29+
====
30+
You must configure a token before you can enable a server that requires authentication.
31+
====
32+
33+
.Verification
34+
35+
. Submit a query in the chat that requires an MCP tool, such as requesting catalog resources or server information.
36+
. If you enabled a server, verify that the response contains data from that specific MCP tool.
37+
. If you disabled a server, verify that {ls-short} uses standard documentation or general knowledge instead of the MCP tool to provide the response.

modules/integrate_interacting-with-model-context-protocol-tools-for-rhdh/proc-resolve-authentication-issues-when-tools-are-not-found.adoc

Lines changed: 17 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -4,18 +4,25 @@
44
= Resolve authentication issues when tools are not found
55

66
[role="_abstract"]
7-
Verify authentication tokens and configuration when MCP clients connect but cannot find deployed tools.
7+
Verify authentication tokens and configuration settings when Model Context Protocol (MCP) clients connect to the server but do not display deployed tools.
88

9-
If your MCP client connects to the server but cannot find deployed tools, an authentication or configuration issue is likely.
9+
If an MCP client connects to the server but cannot find deployed tools, verify the authentication status and endpoint resolution.
1010

1111
.Procedure
1212

13-
. Verify the authentication token.
14-
.. Configure a static token for the {product-very-short} MCP server.
15-
.. Set this token as the bearer token in your MCP client and make sure the authorization header is the configuration that specifies `Bearer` before the token, for example, `Bearer <mcp_token>`.
13+
. Check the token validation status in the {ls-brand-name} interface:
14+
.. In the {ls-brand-name} chat box, click the menu icon (*Chatbot options*) and select *MCP settings*.
15+
.. Locate the relevant server and check the status message displayed below the token field.
16+
.. If the status is *Authorization failed. Try again*, the token is incorrect, improperly formatted, or missing. You must verify the token value and ensure the server is enabled.
17+
18+
. Verify the authentication token configuration.
19+
.. Ensure a static token is configured for the {product-very-short} MCP server.
20+
.. In your MCP client, verify that the token is set as the bearer token. The authorization header must use the `Bearer _<mcp_token>_` format.
21+
1622
. Check the MCP endpoint configuration.
17-
.. Confirm that the MCP server URL properly resolves, particularly if you are using a desktop client.
18-
.. Use *legacy SSE endpoint* if your MCP client requires it instead of the Streamable endpoint. (For more details, see the *Configuration* topic).
19-
. Verify your {product-very-short} `{my-app-config-file}` file for duplicate backend entries and make sure that the indentation is accurate.
20-
.. Make sure that the configuration for the static token and MCP plugin sources go under an existing backend field, if one is present.
21-
.. If you are unsure, see {model-context-protocol-book-link}#configure-model-context-protocol-in-red-hat-developer-hub[the sample app configuration provided in the reference procedure].
23+
.. Confirm that the MCP server URL properly resolves correctly, particularly when using desktop clients.
24+
.. Use *legacy SSE endpoint* if your MCP client requires it instead of the *Streamable* endpoint. (For more details, see the *Configuration* topic).
25+
26+
. Verify the {product-very-short} `{my-app-config-file}` file for formatting errors:
27+
.. Ensure there are no duplicate `backend` entries and that the YAML indentation is accurate.
28+
.. Confirm that the configuration for the static token and MCP plugin sources is nested under an existing `backend` field, if one is present. For a reference configuration, see {model-context-protocol-book-link}#configure-model-context-protocol-in-red-hat-developer-hub[Configure MCP in {product-very-short}].

modules/shared/proc-manage-chats.adoc

Lines changed: 5 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,7 @@
44
= Manage chats
55

66
[role="_abstract"]
7-
Manage your chat history in {product-very-short} to organize your workspace, resume earlier tasks, or find past solutions.
7+
Manage your chat history and configuration in {product-very-short} to organize your workspace, resume earlier tasks, or find past solutions.
88

99
image::shared/chat-options.png["Chat options menu"]
1010

@@ -16,9 +16,9 @@ image::shared/chat-options.png["Chat options menu"]
1616

1717
. Click the *Lightspeed* floating action button (FAB) at the lower right of the screen to open the chat overlay.
1818

19-
. Optional: Configure the interface display:
19+
. Optional: Configure the interface display and server settings:
2020
* Click the *Chatbot options* icon (⋮) to view chat history or start a new chat.
21-
* Click the *Display menu* icon and select any of the following views:
21+
* Click the *Display mode* icon and select any of the following views:
2222
+
2323
image::shared/settings.png["Display menu options"]
2424

@@ -35,6 +35,8 @@ image::shared/lightspeed-docked-mode.png["Lightspeed docked mode"]
3535
image::shared/lightspeed-fullscreen.png["Lightspeed full-screen mode"]
3636

3737
** Optional: Toggle *Enable pinned chats*/*Disable pinned chats* to enable or hide the pinned chats. The system enables this option by default.
38+
// To add the link to the new module. Will add it once the anchor is generated.
39+
** Available only if MCP is configured: *MCP settings*: Manage Model Context Protocol connections.
3840

3941
. Start a chat or load an earlier session:
4042

titles/integrate_interacting-with-model-context-protocol-tools-for-rhdh/master.adoc

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -22,6 +22,8 @@ include::modules/integrate_interacting-with-model-context-protocol-tools-for-rhd
2222

2323
include::modules/integrate_interacting-with-model-context-protocol-tools-for-rhdh/proc-configure-mcp-clients-to-access-the-rhdh-server.adoc[leveloffset=+2]
2424

25+
include::assemblies/integrate_interacting-with-model-context-protocol-tools-for-rhdh/assembly-configure-and-manage-mcp-settings.adoc[leveloffset=+1]
26+
2527
include::modules/integrate_interacting-with-model-context-protocol-tools-for-rhdh/ref-accessing-rhdh-data-using-the-software-catalog-mcp-tools.adoc[leveloffset=+1]
2628

2729
include::modules/integrate_interacting-with-model-context-protocol-tools-for-rhdh/ref-fetching-entities-using-fetch-catalog-entities.adoc[leveloffset=+2]

0 commit comments

Comments
 (0)