Creates typed async functions from JSON schemas and generates proper function signatures for tool validation
MCP Server with Dynamic Per-User Tool Generation
A Model Context Protocol (MCP) server implementation using FastMCP that dynamically generates tools based on user permissions from an external API.
Features
- Dynamic Tool Generation: Tools are generated at runtime based on user-specific schemas from an external API 
- Per-User Permissions: Each authenticated user receives tools tailored to their permissions 
- Intelligent Caching: Both API schemas and generated tools are cached with TTL for performance 
- Graceful Degradation: Falls back to static tools if API is unavailable 
- Comprehensive Logging: Detailed logging at INFO, DEBUG, WARNING, and ERROR levels 
- Thread-Safe: Concurrent requests from multiple users are handled safely 
Architecture
Components
- mcp_server.py- Main server entry point- Initializes FastMCP server 
- Registers static tools (add, echo, multiply) 
- Sets up dynamic tool middleware 
 
- api_client.py- External API integration- FormSchemaClient: Fetches and parses schemas from external API
- FormSchemaCache: Caches API responses with TTL
- Converts API field definitions to JSON Schema format 
 
- dynamic_tool_manager.py- Tool lifecycle management- DynamicToolManager: Manages per-user tool storage
- Thread-safe caching with TTL 
- Cache statistics and invalidation 
 
- tool_function_factory.py- Dynamic function generation- Creates typed async functions from JSON schemas 
- Generates proper - inspect.Signaturefor FastMCP validation
- Maps JSON Schema types to Python types 
 
- tool_execution_handler.py- Tool execution backend- ToolExecutionRouter: Routes tool calls to appropriate handlers
- Specialized handlers for different tool types 
- Structured error responses 
 
- dynamic_tool_middleware.py- FastMCP middleware- Intercepts - list/toolsrequests
- Extracts authentication tokens 
- Generates and caches user-specific tools 
- Returns combined static + dynamic tools 
 
Installation
- Install dependencies: pip install -r requirements.txt
- Configure the API URL: Edit - mcp_server.pyand set the- FORM_SCHEMA_API_URLto your external API endpoint:FORM_SCHEMA_API_URL = "http://172.16.11.131/api/module/request/form"
Usage
Starting the Server
The server will start on http://127.0.0.1:9092/mcp
Authentication
The server expects authentication via HTTP Authorization header:
The token is used to:
- Fetch user-specific schema from the external API 
- Generate tools with fields the user has permission to access 
- Cache tools for subsequent requests 
Available Tools
Static Tools (Always Available)
- add(a: int, b: int) -> int- Adds two numbers
- echo(message: str) -> str- Echoes a message
- multiply(a: int, b: int) -> int- Multiplies two numbers
Dynamic Tools (User-Specific)
- create_request(...)- Creates a request with fields based on user permissions- Parameters are dynamically generated from the external API schema 
- Each user sees different parameters based on their permissions 
- Required fields, enums, and types are enforced 
 
How It Works
Request Flow
- Client sends with - Authorization: Bearer <token>
- Middleware intercepts the request: - Extracts auth token from header 
- Checks if tools are cached for this user 
- If cached: Returns cached tools 
- If not cached: Proceeds to generation 
 
- Tool Generation: - Fetches schema from external API with user's token 
- Parses API response into JSON Schema 
- Creates typed async function with proper signature 
- Converts function to FastMCP - Toolobject
- Caches the tool for future requests 
 
- Response: - Returns list of static tools + dynamic tools 
- Client sees tools specific to their permissions 
 
Tool Execution Flow
- Client calls with arguments 
- FastMCP validates arguments against the generated function signature 
- Tool execution handler: - Receives validated arguments 
- Processes the request 
- Returns structured response with ID, timestamp, status 
 
Configuration
Cache TTL
Both schema cache and tool cache use 5-minute TTL by default. To change:
Logging Level
To change logging verbosity:
Testing
See TEST_SCENARIOS.md for comprehensive test scenarios including:
- User-specific tool generation 
- Caching behavior 
- Tool execution 
- Error handling 
- Validation enforcement 
API Schema Format
The external API should return a response with this structure:
Supported field types:
- TextFieldRest→- string
- NumberFieldRest→- number
- DropDownFieldRest→- stringwith enum
- MultiSelectDropDownFieldRest→- arrayof strings
- And more (see - api_client.pyfor full mapping)
Security Considerations
- Authentication tokens are truncated in logs and responses 
- Tokens are validated on each request 
- No token = static tools only (graceful degradation) 
- FastMCP validates all tool arguments before execution 
Troubleshooting
Server won't start
- Check that all dependencies are installed: - pip install -r requirements.txt
- Verify Python version is 3.12+ 
- Check logs for import errors 
Tools not appearing
- Verify - Authorizationheader is present and correctly formatted
- Check server logs for API fetch errors 
- Ensure external API is accessible 
- Verify user has permissions in the external system 
Cache not updating
- Default TTL is 5 minutes 
- Manually clear cache: Call - tool_manager.clear_all_tools()or restart server
- Check logs for cache hit/miss messages 
License
[Your License Here]
Contributing
[Your Contributing Guidelines Here]
This server cannot be installed
remote-capable server
The server can be hosted and run remotely because it primarily relies on remote services or has no dependency on the local environment.
Enables dynamic generation of tools based on user-specific permissions from an external API. Users receive personalized tools tailored to their access rights, with intelligent caching and graceful fallback to static tools.