MCP (Model Context Protocol) server for HawkAPI — auto-exports routes as agent tools
Project description
hawkapi-mcp
MCP (Model Context Protocol) server for HawkAPI. Auto-exports every route as an agent tool — any MCP-compatible client can call your API.
Install
pip install hawkapi-mcp
Quickstart
from hawkapi import HawkAPI
from hawkapi.responses import JSONResponse
from hawkapi_mcp import mount_mcp
app = HawkAPI()
@app.get("/users/{user_id:int}")
async def get_user(user_id: int) -> JSONResponse:
return JSONResponse({"id": user_id, "name": "Alice"})
@app.post("/items")
async def create_item(body: dict) -> JSONResponse:
return JSONResponse({"created": body})
mount_mcp(app, allow_unauthenticated=True) # serves POST /mcp — dev only; see Auth
/mcpMUST be protected in production — passdependencies=[...]to require auth, orallow_unauthenticated=Trueto opt out explicitly. See Auth.
Point any MCP-compatible client at http://your-host/mcp. Every HawkAPI route becomes a tool — its operationId is the tool name, the OpenAPI schema becomes the input schema.
Tool naming
| Route definition | Generated tool name |
|---|---|
@app.get("/users/{id}", operation_id="get_user") |
get_user |
@app.get("/users/{id}") (no operation_id) |
get_users_id |
Tool input schema
The decorator combines path / query / header parameters and the JSON request body into a single object schema. Parameter names are namespaced so they cannot collide:
| Source | Schema key |
|---|---|
| Path parameter | path.<name> |
| Query parameter | query.<name> |
| Header parameter | header.<name> |
| JSON body | body |
Cookie parameters are deliberately not exposed as tool inputs — exposing session cookies as data trains agents to handle credentials as ordinary fields. Forward credentials via the request to /mcp instead (see Auth).
tools/call example:
{
"jsonrpc": "2.0",
"id": 1,
"method": "tools/call",
"params": {
"name": "get_user",
"arguments": {"path.user_id": "42"}
}
}
The tool result has the response body in content[0].text and the raw HTTP status / headers in structuredContent. isError is true for any 4xx/5xx response.
Credential-bearing response headers are stripped from structuredContent before the agent sees them: set-cookie, authorization, and anything matching x-*-token / x-*-secret. Add more via strip_response_headers={...}.
Filtering tools
mount_mcp(app, include_only={"get_user", "create_item"})
mount_mcp(app, exclude={"internal_admin_route"})
Supported JSON-RPC methods
initialize— handshake. Returns the MCP protocol version, server info, and tool capability.ping— keepalive.tools/list— return the tool catalog.tools/call— invoke a tool. Returns response body + HTTP status.notifications/initialized— accepted, no response.
The endpoint accepts both single JSON-RPC objects and batches.
Auth
The /mcp endpoint exposes every route and MUST be protected. A single MCP
tool call can invoke any route, and the bridge synthesises an inner ASGI request
— so middleware that only guards inner routes can be bypassed. To make this
hard to get wrong, mount_mcp() raises RuntimeError at mount time unless you
either:
- pass
dependencies=[...]to attach auth (e.g.Depends) to the/mcproute, or - explicitly opt out with
allow_unauthenticated=True(local dev, or auth enforced upstream).
from hawkapi import Depends
from hawkapi_mcp import mount_mcp
mount_mcp(app, dependencies=[Depends(verify_token)]) # protected
mount_mcp(app, allow_unauthenticated=True) # explicit opt-out
hawkapi-mcp does not define its own auth layer — wire your HawkAPI dependencies
(HTTPBearer, OAuth2, API key) on the MCP route just like any other path. The
caller's Authorization and Cookie headers on the outer /mcp request are
forwarded into the synthetic inner request, so inner-route Depends(auth) sees
the real credentials (and the real client address is propagated where available).
Header arguments forwarded by the client land in the request before middleware runs.
Tool catalog freshness
The tool catalog is derived from app.openapi() and cached. By default it is
cached for the process lifetime, so routes added/removed/disabled at runtime are
not reflected — call server.invalidate_tools() to force a refresh, or pass
cache_ttl_seconds=... to mount_mcp() (or MCPServer) to auto-refresh after
the given interval:
mount_mcp(app, dependencies=[...], cache_ttl_seconds=60)
Development
git clone https://github.com/Hawk-API/hawkapi-mcp.git
cd hawkapi-mcp
uv sync --extra dev
uv run pytest -q
uv run ruff check . && uv run ruff format --check .
uv run pyright src/
Specification
Implements a subset of the Model Context Protocol sufficient to advertise and invoke tools. Streamable HTTP transport only — stdio is out of scope (deploy your app behind any ASGI server and the agent connects to the /mcp URL).
License
MIT.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file hawkapi_mcp-0.3.0.tar.gz.
File metadata
- Download URL: hawkapi_mcp-0.3.0.tar.gz
- Upload date:
- Size: 28.8 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
fc5906fa90693ced31433d8d2ca778341155b502b2ed4d288a2da020bd19a70a
|
|
| MD5 |
e617408c66a3622319abb5319e4c476b
|
|
| BLAKE2b-256 |
cebbc994b402d92a672a9f5d1c488dd92a7f66c2292c3320d0568eb16f6bda29
|
Provenance
The following attestation bundles were made for hawkapi_mcp-0.3.0.tar.gz:
Publisher:
release.yml on Hawk-API/hawkapi-mcp
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
hawkapi_mcp-0.3.0.tar.gz -
Subject digest:
fc5906fa90693ced31433d8d2ca778341155b502b2ed4d288a2da020bd19a70a - Sigstore transparency entry: 1778522594
- Sigstore integration time:
-
Permalink:
Hawk-API/hawkapi-mcp@ef02fdff9591c944fa31f3e0fdf680a691f47938 -
Branch / Tag:
refs/tags/v0.3.0 - Owner: https://github.com/Hawk-API
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
release.yml@ef02fdff9591c944fa31f3e0fdf680a691f47938 -
Trigger Event:
release
-
Statement type:
File details
Details for the file hawkapi_mcp-0.3.0-py3-none-any.whl.
File metadata
- Download URL: hawkapi_mcp-0.3.0-py3-none-any.whl
- Upload date:
- Size: 15.7 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
1f7e5139d7a83dba42e60501eeeaae1cf5f7e7d9a98dc28fcf11105157d30397
|
|
| MD5 |
b5d32122d1601cbb8574a6f1bcac9cae
|
|
| BLAKE2b-256 |
91b138e5cf6e096f32e85700fc4f204f662433845c71f0429600dad8035613ba
|
Provenance
The following attestation bundles were made for hawkapi_mcp-0.3.0-py3-none-any.whl:
Publisher:
release.yml on Hawk-API/hawkapi-mcp
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
hawkapi_mcp-0.3.0-py3-none-any.whl -
Subject digest:
1f7e5139d7a83dba42e60501eeeaae1cf5f7e7d9a98dc28fcf11105157d30397 - Sigstore transparency entry: 1778523050
- Sigstore integration time:
-
Permalink:
Hawk-API/hawkapi-mcp@ef02fdff9591c944fa31f3e0fdf680a691f47938 -
Branch / Tag:
refs/tags/v0.3.0 - Owner: https://github.com/Hawk-API
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
release.yml@ef02fdff9591c944fa31f3e0fdf680a691f47938 -
Trigger Event:
release
-
Statement type: