MCP (Model Context Protocol) is an open-source protocol designed to standardize how applications provide context to Large Language Models (LLMs). It functions similar to a "USB-C interface" for AI applications, allowing models to flexibly and securely connect to various data sources and tools. This topic describes how to create gateway managed MCP services.
How it works
MCP service management supports smooth migration of RESTful APIs to MCP services, access via SSE (Server-Sent Events) and Streamable HTTP protocols, and integration of consumer identity-based authentication to provide technical support for enterprise-level API governance.
MCP supports direct proxy mode, which is applicable to services that natively support the MCP protocol. This mode enables efficient streaming communication and context preservation, particularly suitable for high concurrency and long-connection scenarios, such as AI inference and multi-model collaboration.
MCP can also be deeply integrated with Nacos Registry. Through the MCP Router function provided by Nacos, it implements service registration, discovery, and automatic protocol conversion, supporting "zero-modification" upgrades of existing HTTP services to MCP protocol interfaces. Combined with Higress AI gateway, it enables dynamic administration and intelligent routing of services.
Create gateway managed MCP services
On the Instances page of the AI Gateway console, select the region where your instance is located.
Click on the instance ID, then select MCP Management from the left-side navigation pane.
Click Create MCP Service. AI Gateway provides the following two service protocols to create MCP services:
If the backend is an MCP Server, select the MCP Service Direct Proxy.
If the backend is an HTTP Server, select the HTTP to MCP.
MCP Service Direct Proxy
Select MCP service protocol configuration:
Backend Services
Select Service Name and select Terms of Service as MCP.
Select MCP Transport as needed. Two transport protocols are supported: SSE and Streamable HTTP.
Enter the path, which is the actual access path of the backend MCP server. For example, if the backend MCP server access endpoint is
xxx.com/sse, the path should be/sse. If it isxxx.com/test/sse, the path should be/test/sse.
MCP Access Point
Select the domain name used to access the MCP service. Multiple domain names can be selected.
The path of the MCP endpoint is concatenated from /mcp-servers, /MCP service name, and the actual access path of the backend MCP Server. After creation, go to the basic information page of the current MCP service. You can view the actual access endpoint address in the Step 1. Generate URL area.
After successful creation, there will be a direct proxy identifier on the MCP service card.
HTTP to MCP
Select HTTP service protocol configuration:
Backend Services
Select Service Name and select Terms of Service as HTTP. If you have not created a service, you need to create a new one. We recommend that you use services such as FC or DNS for testing.
Enter a description. The description is required and indicates the functional purpose of the MCP tool to improve API comprehensibility and AI processing accuracy.
MCP Access Point
Select the domain name used to access the MCP service. Multiple domain names can be selected.
The path of the MCP endpoint (SSE) is concatenated from /mcp-servers, /MCP service name, and /sse.
The path of the MCP endpoint (Streamable HTTP) is concatenated from /mcp-servers and the MCP service name.
After successful creation, there will be a direct proxy or HTTP to MCP identifier on the MCP service card.
Add tools to MCP services
After successful creation, you can add tools to the service. The procedure is as follows:
Click the target service card, and then click Add Tool.
MCP services currently support two methods to add tools:
Swagger File (recommended)
Import Swagger: Upload an OpenAPI file from your local computer or paste the API definition into the edit box, and then click Generate Now.
Confirm the update: You can view the generated MCP tool description file and further confirm and modify the information.
(Optional) Enable backend service authentication: You can add authentication configuration. The following table describes the different authentication methods:
Parameter
Description
Basic
The username and password are base64-encoded in the username: password format and sent in the Authorization field of the HTTP request header.
Bearer
The client obtains a token through the logon interface first, which is usually a JWT. The token is included in the Authorization header for each subsequent request. Tokens are typically temporary and an expiration date can be set.
API Key
The server assigns a unique string to the client as the access credential. The client submits this string through the header or query parameter in each request.
Custom YAML
You can manually create MCP tools through custom YAML. For more information, see HTTP-to-MCP field configurations.
Click YAML Example. You can modify the generated YAML example.
(Optional) Enable backend service authentication: You can add authentication configuration. The following table describes the different authentication methods:
Parameter
Description
Basic
The username and password are base64-encoded in the username: password format and sent in the Authorization field of the HTTP request header.
Bearer
The client obtains a token through the logon interface first, which is usually a JWT. The token is included in the Authorization header for each subsequent request. Tokens are typically temporary and an expiration date can be set.
API Key
The server assigns a unique string to the client as the access credential. The client submits this string through the header or query parameter in each request.
Click Confirm. You can view the tool list and tool description information on the Tools tab.