Parameters
See plugin common configurations for configuration options available to all plugins.
rules
array[object]
required
An array of access control rules evaluated in order. The first rule whose
exprconditions are all met (or that has noexpr) is applied; remaining rules are skipped. Each rule must contain exactly one ofallow_toolsordeny_tools.Available in API7 Enterprise from version 3.9.8. Not available in APISIX yet.
allow_tools
array[string]
Allowlist of MCP tool names the consumer is permitted to call and see in
tools/list. Matching is exact and case-sensitive. An empty array ([]) denies all tools.Exactly one of
allow_toolsordeny_toolsmust be configured per rule; they cannot be used together in the same rule.deny_tools
array[string]
Blocklist of MCP tool names the consumer is not permitted to call. Denied tools are also hidden from
tools/list. Matching is exact and case-sensitive.Exactly one of
allow_toolsordeny_toolsmust be configured per rule; they cannot be used together in the same rule.rejected_code
integer
default:
403vaild vaule:
200 to 599
HTTP status code returned when a
tools/callrequest is rejected by this rule.rejected_msg
string
default:
MCP tool is not allowedvaild vaule:
non-empty string
Message returned in the response body when a
tools/callrequest is rejected by this rule.expr
array
An array of one or more matching conditions in the form of APISIX expressions. The rule is applied only when all expressions evaluate to true. If omitted, the rule matches unconditionally (catch-all).