Nan Gao
4.1 KiB
MCP (Model Context Protocol) Configuration
DeerFlow supports configurable MCP servers and skills to extend its capabilities, which are loaded from a dedicated extensions_config.json file in the project root directory.
Setup
-
Copy
extensions_config.example.jsontoextensions_config.jsonin the project root directory.# Copy example configuration cp extensions_config.example.json extensions_config.json -
Enable the desired MCP servers or skills by setting
"enabled": true. -
Configure each server’s command, arguments, and environment variables as needed.
-
Restart the application to load and register MCP tools.
Filesystem MCP Servers
DeerFlow already provides built-in file tools for thread-scoped workspace access. Do not add an MCP filesystem server for the same DeerFlow workspace. The overlapping file tools use different path semantics, which can make LLM tool selection and file access behavior unstable.
DeerFlow does not currently adapt the MCP Roots mode for filesystem servers. In
particular, it does not publish per-thread MCP roots or map DeerFlow sandbox
paths such as /mnt/user-data/... to paths accepted by
@modelcontextprotocol/server-filesystem. Use DeerFlow's built-in file tools
for DeerFlow workspace files.
OAuth Support (HTTP/SSE MCP Servers)
For http and sse MCP servers, DeerFlow supports OAuth token acquisition and automatic token refresh.
- Supported grants:
client_credentials,refresh_token - Configure per-server
oauthblock inextensions_config.json - Secrets should be provided via environment variables (for example:
$MCP_OAUTH_CLIENT_SECRET)
Example:
{
"mcpServers": {
"secure-http-server": {
"enabled": true,
"type": "http",
"url": "https://api.example.com/mcp",
"oauth": {
"enabled": true,
"token_url": "https://auth.example.com/oauth/token",
"grant_type": "client_credentials",
"client_id": "$MCP_OAUTH_CLIENT_ID",
"client_secret": "$MCP_OAUTH_CLIENT_SECRET",
"scope": "mcp.read",
"refresh_skew_seconds": 60
}
}
}
}
Custom Tool Interceptors
You can register custom interceptors that run before every MCP tool call. This is useful for injecting per-request headers (e.g., user auth tokens from the LangGraph execution context), logging, or metrics.
Declare interceptors in extensions_config.json using the mcpInterceptors field:
{
"mcpInterceptors": [
"my_package.mcp.auth:build_auth_interceptor"
],
"mcpServers": { ... }
}
Each entry is a Python import path in module:variable format (resolved via resolve_variable). The variable must be a no-arg builder function that returns an async interceptor compatible with MultiServerMCPClient’s tool_interceptors interface, or None to skip.
Example interceptor that injects auth headers from LangGraph metadata:
def build_auth_interceptor():
async def interceptor(request, handler):
from langgraph.config import get_config
metadata = get_config().get("metadata", {})
headers = dict(request.headers or {})
if token := metadata.get("auth_token"):
headers["X-Auth-Token"] = token
return await handler(request.override(headers=headers))
return interceptor
- A single string value is accepted and normalized to a one-element list.
- Invalid paths or builder failures are logged as warnings without blocking other interceptors.
- The builder return value must be
callable; non-callable values are skipped with a warning.
How It Works
MCP servers expose tools that are automatically discovered and integrated into DeerFlow’s agent system at runtime. Once enabled, these tools become available to agents without additional code changes.
Example Capabilities
MCP servers can provide access to:
- Databases (e.g., PostgreSQL)
- External APIs (e.g., GitHub, Brave Search)
- Browser automation (e.g., Puppeteer)
- Custom MCP server implementations
Learn More
For detailed documentation about the Model Context Protocol, visit:
https://modelcontextprotocol.io