> ## Documentation Index
> Fetch the complete documentation index at: https://docs.obiguard.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Remote MCP

> Obiguard's AI gateway has MCP server support that many foundational model providers offer.

[Model Context Protocol (MCP)](https://modelcontextprotocol.io/introduction) is an open standard that defines how applications can provide tools and context to LLMs.
The MCP tool in the Responses API enables developers to grant models access to tools hosted on Remote MCP servers. These servers are managed by developers and organizations across the internet and make tools available to MCP clients, such as the Responses API.

Obiguard supports using MCP servers through the Responses API.
Making a request to a remote MCP server with the Responses API is simple.
For instance, you can use the DeepWiki MCP server to query nearly any public GitHub repository.

## Example MCP Request

A Responses API request to OpenAI with MCP tools enabled.

<Tabs>
  <Tab title="Python SDK">
    ```python theme={null}
    from obiguard import Obiguard

    client = Obiguard(
      obiguard_api_key="sk-obg-***",  # Your Obiguard API key here
    )

    resp = client.responses.create(
      model="gpt-4.1",
      tools=[
        {
          "type": "mcp",
          "server_label": "deepwiki",
          "server_url": "https://mcp.deepwiki.com/mcp",
          "require_approval": "never",
        },
      ],
      input="What transport protocols are supported in the 2025-03-26 version of the MCP spec?",
    )
    print(resp.output_text)
    ```
  </Tab>

  <Tab title="OpenAI Python">
    ```python theme={null}
    from openai import OpenAI
    from obiguard import OBIGUARD_GATEWAY_URL, createHeaders

    client = OpenAI(
      api_key="dummy",  # Not used when using virtual keys
      base_url=OBIGUARD_GATEWAY_URL,
      default_headers=createHeaders(
        obiguard_api_key="vk_obg-***",  # Your Obiguard virtual key here
      )
    )

    resp = client.responses.create(
      model="gpt-4.1",
      tools=[
        {
          "type": "mcp",
          "server_label": "deepwiki",
          "server_url": "https://mcp.deepwiki.com/mcp",
          "require_approval": "never",
        },
      ],
      input="What transport protocols are supported in the 2025-03-26 version of the MCP spec?",
    )

    print(resp.output_text)
    ```
  </Tab>

  <Tab title="cURL">
    ```curl theme={null}
      curl https://gateway.obiguard.ai/v1/responses \
        -H "Content-Type: application/json" \
        -H "x-obiguard-api-key: vk-obg***" \  # Your Obiguard API key here
        -d '{
          "model": "gpt-4.1",
          "tools": [
            {
              "type": "mcp",
              "server_label": "deepwiki",
              "server_url": "https://mcp.deepwiki.com/mcp",
              "require_approval": "never"
            }
          ],
          "input": "What transport protocols are supported in the 2025-03-26 version of the MCP spec?"
      }'
    ```
  </Tab>
</Tabs>

## MCP Server Authentication

While the DeepWiki MCP server does not require authentication, most other MCP servers do.
The MCP tool in the Responses API allows you to specify custom headers for requests to remote MCP servers.
These headers can include API keys, OAuth tokens, or any other authentication method supported by the server.

The most commonly used header for authentication is the Authorization header.
Here is an example of how to include it:

Using the Stripe MCP tool

<Tabs>
  <Tab title="Python SDK">
    ```python theme={null}
    from obiguard import Obiguard

    client = Obiguard(
      obiguard_api_key="sk-obg***",  # Your Obiguard API key here
    )

    resp = client.responses.create(
      model="gpt-4.1",
      input="Create a payment link for $20",
      tools=[
        {
          "type": "mcp",
          "server_label": "stripe",
          "server_url": "https://mcp.stripe.com",
          "headers": {
             "Authorization": "Bearer $STRIPE_API_KEY"
          }
        }
      ]
    )

    print(resp.output_text)
    ```
  </Tab>

  <Tab title="OpenAI Python">
    ```python theme={null}
    from openai import OpenAI
    from obiguard import OBIGUARD_GATEWAY_URL, createHeaders

    client = OpenAI(
      api_key="dummy",  # Not used when using virtual keys
      base_url=OBIGUARD_GATEWAY_URL,
      default_headers=createHeaders(
        obiguard_api_key="vk_obg-***",  # Your Obiguard virtual key here
      )
    )

    resp = client.responses.create(
      model="gpt-4.1",
      tools=[
        {
          "type": "mcp",
          "server_label": "stripe",
          "server_url": "https://mcp.stripe.com",
          "headers": {
            "Authorization": "Bearer $STRIPE_API_KEY"
          }
        },
      ],
      input="What transport protocols are supported in the 2025-03-26 version of the MCP spec?",
    )

    print(resp.output_text)
    ```
  </Tab>

  <Tab title="cURL">
    ```curl theme={null}
    curl https://gateway.obiguard.ai/v1/responses \
      -H "Content-Type: application/json" \
      -H "x-obiguard-api-key: vk-obg***" \  # Your Obiguard API key here
      -d '{
      "model": "gpt-4.1",
      "input": "Create a payment link for $20",
      "tools": [
        {
          "type": "mcp",
          "server_label": "stripe",
          "server_url": "https://mcp.stripe.com",
          "headers": {
            "Authorization": "Bearer $STRIPE_API_KEY"
          }
        }
      ]
    }'
    ```
  </Tab>
</Tabs>

To ensure sensitive keys remain secure, the Responses API does not store any string values provided in the `headers` object.
These values are also excluded from the created Response object.

Additionally, since some remote MCP servers generate authenticated URLs,
the path portion of the `server_url` is removed in responses (e.g., `example.com/mcp` becomes `example.com`).
As a result, you must include the full `server_url` path and any necessary `headers` in every Responses API creation request.