Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.mcpmanager.ai/llms.txt

Use this file to discover all available pages before exploring further.

Not every agent has a browser. CI jobs, cron tasks, and backend services need to reach a gateway with a credential they can carry in code — not an interactive OAuth flow. This tutorial does exactly that: you’ll create a token-based host in MCP Manager, generate an API access token scoped to one gateway, call a tool over HTTP with a bearer token, and confirm the call is governed and logged just like an interactive one. The payoff is real automation that’s still fully attributable.
This tutorial uses Create and manage API tokens. If Apps & Agents won’t let you create a host or generate a token, your role lacks that capability — access depends on the capability, not on a role name. See the capabilities reference.

What you’ll need

  • A gateway with at least one tool, that you can reach. The Quickstart gateway from Your first governed tool call works.
  • A terminal with curl.
  • About 10 minutes.

Headed apps versus headless agents

An interactive client (Claude, Cursor) authorizes through the browser and carries a user’s OAuth session. A headless agent can’t do that, so MCP Manager gives it a token-based host: a host that authenticates with a long-lived API access token instead of an interactive login. The host is the identity of your automation; the token is its credential; both are governed by the same gateways, rules, and logs as everything else.

Step 1: Create a token-based host

1

Open Apps & Agents

Go to Apps & Agents and click Add API access token-based host.
2

Name the host

Set Host name to something that identifies the automation — for example CI bot — and save. This host now represents your agent everywhere in MCP Manager: in logs, in policies, and in access reviews.

Step 2: Generate an API access token

1

Start the token flow

From the host, go to the Connections tab. Then click Add a connection. A new tab will open for the token generation flow.
2

Pick the gateway

Choose the gateway this token should reach (for example, Quickstart), then click Next or Allow. Follow the steps from there to authenticate, if necessary, with any of the assigned servers in that gateway. The token is scoped to that one host-and-gateway pairing.
3

Copy the token and gateway URL

You’ll land on Your API access token is ready. Copy both the Gateway URL and the API access token (or use Download as CSV). The token starts with API_.
The screen warns: Save this token in a secure location. It will not be viewable again after this page is closed. Treat it like a password. Store it in a secret manager or your CI’s encrypted secrets — never in source control. The token does not expire on its own; you revoke it by deleting its connection (see Step 4).

Step 3: Call a tool over HTTP

The gateway speaks MCP over streamable HTTP using JSON-RPC. Present the token as a bearer credential in the Authorization header. Substitute your copied Gateway URL and API access token for the placeholders below. 
curl -X POST '<your-gateway-url>' \
  -H 'Authorization: Bearer <your-api-access-token>' \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json, text/event-stream' \
  -d '{"jsonrpc":"2.0","id":1,"method":"tools/list"}'
The placeholders are <your-gateway-url> and <your-api-access-token> from Step 2, and <tool-name> from the tools/list response. The first call returns the tools the gateway exposes; the second invokes one. No browser, no interactive login.

Step 4: Confirm attribution, then know how to cut it off

Open Logs and find your tools/call. It carries the same detail as an interactive call — the gateway, the server, the tool, the timing — attributed to the CI bot host and the user who generated the token. Token-driven automation is not an anonymous side channel; it’s on the same audit trail as everyone else. To revoke access, delete the token’s connection from the host in Apps & Agents. The token stops working immediately — your break-glass control if a credential is ever exposed.
You created a host to represent an automation, issued it a gateway-scoped bearer token, called a tool over plain HTTP, saw the call attributed and logged, and learned how to revoke it instantly. That’s a headless agent under the same governance as every interactive user.

Further reading

API Tokens & Headless Agents

The full reference: token-based hosts, rotation, break-glass, and per-user identity for agents.

Trace a call in your logs

Read the attributed log entry your token just produced.

Programmatic Access

Automating MCP Manager itself, beyond calling tools through a gateway.

Connection Experience

How the same authorize flow serves both headed and token-based hosts.