View
Apigee Edge documentation.
This page describes how to use Apigee to expose your APIs as MCP tools to agentic applications. MCP in Apigee is available for Subscription, Pay-as-you-go, and Evaluation organizations, including Data Residency-enabled organizations.
Model Context Protocol (MCP) is an open source protocol developed by Anthropic that standardizes the way that AI applications connect to data sources, workflows, and tools.
AI applications can use MCP to access Google Cloud and Apigee services as tools. In this context, the following MCP terms are useful to understand:
MCP endpoints for Google, Google Cloud, and Apigee implement the MCP server specification. This lets compliant MCP clients access them to:
Any MCP client that supports remote MCP endpoints over HTTP/S can access these tools.
Because the endpoints are managed, you don't need to install or manage local MCP servers, remote MCP servers, or additional infrastructure to
enable agentic applications to access your services.
MCP in Apigee offers JSON-RPC support for tools/list and tools/call methods. You can customize your MCP endpoint
with parameters for discoverability, security, network availability, and observability.
MCP in Apigee offers features for tool discovery, security, and governance. These features help you manage how agentic applications interact with your services.
You can discover available MCP endpoints for Apigee services using a directory service accessible over a
REST interface. Each MCP endpoint also supports the MCP tools/list method, which lets MCP
clients discover the tools available in that endpoint.
Additionally, MCP integrates with Apigee API hub. When an MCP Discovery Proxy is deployed, API hub automatically ingests its OpenAPI specification, assigns it the MCP API style, and maps API operations to individual MCP tools. This allows developers to easily filter for MCP-enabled APIs in API hub and use Semantic Search with natural language queries to find relevant tools for their agentic applications.
MCP in Apigee includes multiple layers of security to protect your services. You can control access using authentication, authorization, network boundaries, and content scanning.
Apigee hosted MCP endpoints support OAuth 2.1 and OpenID Connect (OIDC) for authentication. This ensures that only agents, MCP clients, and end-users with established identities can access your MCP endpoints and call MCP tools. Protected Resource Metadata lets clients discover the OAuth authorization servers.
You can restrict access to your MCP tools based on OAuth client identities. For example, you can configure a policy in your MCP Discovery proxy to specify that only designated agents with known client identities can access an MCP tool for a payments service.
For Apigee hosted endpoints, you can use Apigee Analytics to view detailed usage information for your MCP tools.
Analytics allows you to segment MCP-specific traffic from standard API traffic and view metrics
at the individual tool level, such as the volume of tools/list (discovery) versus
tools/call (execution) requests. Performance metrics also help you distinguish
between proxy overhead and target response time, allowing you
to pinpoint bottlenecks more effectively.
To improve troubleshooting and provide more visibility into the deployment process, Apigee surfaces specific infrastructure and configuration errors in the UI. If a deployment fails due to an invalid OpenAPI specification or an infrastructure issue like a load balancer capacity stockout in a specific region, the UI will provide actionable feedback to help you resolve the issue without requiring support intervention.
You can expose your existing Apigee APIs as MCP tools and make them accessible through MCP endpoints.
These endpoints can be configured at either a per-host or environment group level. For example, if your cymbal organization has
eight hostnames (e.g., api.cymbal.com, partners.cymbal.com), each associated with a different environment group,
you can host a dedicated MCP server for each hostname.
A managed target endpoint (ORG_NAME.mcp.apigee.internal) is deployed using a specialized MCP Discovery proxy in your Apigee organization, where your MCP servers are made available.
The following table shows an example of how customers, including the fictional cymbal organization, can configure multiple MCP endpoints using Apigee.
| Customer | Hostname and MCP basepath | MCP server target endpoint | API proxy | Environment / Environment group |
|---|---|---|---|---|
| cymbal | api.cymbal.com/mcp |
cymbal.mcp.apigee.internal(cymbal org's tenant project) |
mcp-api-proxy1 |
prod / prod-env-group |
api-internal.cymbal.com/mcp |
cymbal.mcp.apigee.internal(cymbal org's tenant project) |
mcp-api-proxy2 |
internal / internal-env-group |
|
api-service.cymbal.com/mcp |
cymbal.mcp.apigee.internal(cymbal org's tenant project) |
mcp-api-proxy3 |
dev / dev-env-group |
The following limitations apply to MCP in Apigee:
asia-east2asia-northeast3asia-southeast2australia-southeast1europe-central2europe-west12europe-west9me-central2us-central2If you see an error related to load balancer provisioning failure, or the provisioning status never changes to Deployed, it might be due to temporary infrastructure capacity limits in the selected region. Try deploying the proxy to an environment in a different region.
405 error, as the MCP server currently does not support Server-Sent Events (SSE) streams.Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2026-06-09 UTC.