Closed beta. The MCP Manager Admin API and MCP server are available now to a
limited set of workspaces through the MCP Manager Admin API entitlement
(
ff-mcpm-admin), ahead of general availability. If you don’t see Settings →
MCP & API in your workspace, it isn’t enabled for you yet — ask your MCP Manager
contact to join the beta.List Servers
Read-only List the caller’s inbound MCP servers. Returns each accessible inbound server as{ guid, name, url, enabled, authenticationType, authenticationStatus }. The set is scoped to the servers the caller’s role and team membership permit, exactly like the servers overview page.
MCP tool: list_inbound_servers · REST: GET /api/v1/mcpm-admin/servers · Capability: View all servers (viewAllServers)
Parameters: none.
Example
Get Server
Read-only Fetch a single inbound server, including its authentication status. Returns the server as{ guid, name, url, enabled, authenticationType, authenticationStatus }. Poll authenticationStatus after create_inbound_server: feature-learn runs asynchronously, so a newly created token-auth server stays needs-authentication until it is validated, then flips to authenticated (or unsupported on failure). Open servers report open.
MCP tool: get_inbound_server · REST: GET /api/v1/mcpm-admin/servers/:inboundServerGuid · Capability: View all servers (viewAllServers)
Parameters
The guid of the inbound server to fetch (from list_inbound_servers).
Create Server
Create a remote inbound MCP server (open, static-header, or OAuth auth). Creates an unmanaged remote inbound server owned by the caller (acreator edge to the calling user), enabled by default, then kicks off feature-learning to validate it and discover its tools.
authType: "none"— an open server needing no credential. No identity or secret is created; the server reportsauthenticationStatus: "open".authType: "headers"— static-header / API-key auth. Provideheadersas a name → value map; a credential identity is created and the headers are stored encrypted. Header values are never logged.authType: "oauth"— OAuth 2.1. Two completion paths:- Headless token injection: supply
oauthAccessToken,oauthClientId, andoauthTokenEndpoint(plus optionaloauthRefreshToken,oauthExpiresAt,oauthClientSecret,oauthScope). The server is authenticated with no browser step; secrets are stored encrypted and never logged. - Interactive: omit the
oauth*token fields. The response includesauthorizationUrl— relay it to the user to open in a browser and approve at the provider. The server-side redirect callback then completes the exchange and creates the identity automatically. Until that approval the server has NO credential identity, so if you assign it to a gateway now, prefer identityScheme:‘userIdentity’ (each user authenticates themselves) or wait until approval and then select the shared identity.
headers / token-injected server is returned as needs-authentication; poll get_inbound_server until authenticationStatus becomes authenticated (or unsupported on failure). For the interactive OAuth path, poll until the human finishes approving.
MCP tool: create_inbound_server · REST: POST /api/v1/mcpm-admin/servers · Capability: Basic server management (basicServerManagement)
Parameters
A human-readable name for the server (e.g. “Microsoft Learn MCP”).
The remote MCP server URL (e.g. “https://learn.microsoft.com/api/mcp”).
How to authenticate to the server: ‘none’ for an open server that needs no credential, ‘headers’ for static-header / API-key auth (provide
headers), or ‘oauth’ for OAuth 2.1 (supply the oauth* token fields for a fully headless setup, or omit them to receive an authorization URL for a human to approve). One of: none, headers, oauth.Static request headers to authenticate with, as a name → value map (e.g.
{ "Authorization": "Bearer ..." }). Required when authType is headers. Header values are secrets — they are stored encrypted and never logged. mcpm- prefixed headers are reserved and dropped. (a string → string map)OAuth access token for headless token injection (
authType: "oauth"). When provided together with oauthClientId and oauthTokenEndpoint, the server is authenticated without any browser step. Secret — never logged.OAuth refresh token (optional) for headless token injection. Secret — never logged.
Unix epoch milliseconds at which the access token expires (optional) for headless token injection.
The OAuth token endpoint URL, used to refresh the access token. Required for headless token injection.
The OAuth client id. Required for headless token injection.
The OAuth client secret (optional — confidential clients only) for headless token injection. Secret — never logged.
Space-separated OAuth scopes granted to the token (optional) for headless token injection.
A name for the credential identity created on the
headers / oauth paths. Defaults to “<server> Identity”.Who may use the created credential: ‘private’ (only the creator) or ‘global’ (anyone in the org). Defaults to ‘private’. Ignored on the open path. One of:
private, global.Rename Server
Change a server’s name. Renames the inbound server tonewName (the only editable field — a remote server’s URL and auth are fixed at creation). Saved only when the name actually changes. Returns the updated server as { guid, name, url, enabled, authenticationType, authenticationStatus }.
MCP tool: rename_inbound_server · REST: PATCH /api/v1/mcpm-admin/servers/:inboundServerGuid/name · Capability: Basic server management (basicServerManagement)
Parameters
The guid of the server to rename (from list_inbound_servers).
The new display name for the server.
Enable Server
Enable a server. Enables the inbound server so it can be reached through its gateways. Saved only when the state actually changes. Returns the updated server summary. MCP tool:enable_inbound_server · REST: POST /api/v1/mcpm-admin/servers/:inboundServerGuid/enable · Capability: Disable and enable servers (enableDisableServers)
Parameters
The guid of the server to enable (from list_inbound_servers).
Disable Server
Disable a server. Disables the inbound server so it is no longer reachable through any gateway (assignments stay but go inert). Saved only when the state actually changes. Returns the updated server summary. MCP tool:disable_inbound_server · REST: POST /api/v1/mcpm-admin/servers/:inboundServerGuid/disable · Capability: Disable and enable servers (enableDisableServers)
Parameters
The guid of the server to disable (from list_inbound_servers).
Delete Server
Destructive Delete a server. Permanently deletes the inbound server. Its gateway assignments and identities are not deleted — the assignments go inert (the server they point at is gone) and any identities linger until removed explicitly. Returns{ deleted: true, inboundServerGuid }.
MCP tool: delete_inbound_server · REST: DELETE /api/v1/mcpm-admin/servers/:inboundServerGuid · Capability: Delete servers (deleteServers)
Parameters
The guid of the server to delete (from list_inbound_servers).
Further reading
Identities
Where to go next in this section.
Authentication & access
Tokens, the entitlement, capability gating, and error codes for every operation here.
Tool & endpoint reference
The full reference index across every domain.
Capabilities
What each capability named on this page actually allows.

