Skip to main content
PATCH
/
api
/
v1
/
storage
/
sandboxes
/
{sandbox_id}
/
sources
/
{source_id}
/
user-mcp
Update a user_mcp source (config + optional credential rotation)
curl --request PATCH \
  --url https://api.copass.id/api/v1/storage/sandboxes/{sandbox_id}/sources/{source_id}/user-mcp \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "name": "<string>",
  "base_url": "<string>",
  "auth_kind": "<string>",
  "token": "<string>",
  "auth_header": "<string>",
  "app_namespace": "<string>",
  "allowed_tools": [
    "<string>"
  ],
  "rate_cap_per_minute": 123,
  "webhook_rate_cap_per_minute": 123
}
'
{
  "data_source_id": "<string>",
  "status": "<string>",
  "name": "<string>",
  "ingestion_mode": "<string>",
  "health_error": "<string>",
  "error": "<string>",
  "detail": "<string>"
}

Documentation Index

Fetch the complete documentation index at: https://docs.copass.com/llms.txt

Use this file to discover all available pages before exploring further.

Authorizations

Authorization
string
header
required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Headers

authorization
string | null
X-Encryption-Token
string | null
X-Encryption-Key
string | null

Path Parameters

source_id
string
required
sandbox_id
string
required

Body

application/json

Partial update for an existing user_mcp source.

name
string | null

Display / wiring name.

base_url
string | null

MCP server URL.

auth_kind
string | null

bearer | header_token | none.

token
string | null

When set, replaces the vault secret. Omit to keep the current credential.

auth_header
string | null

Required when setting auth_kind to header_token.

app_namespace
string | null

Tool prefix (≤64).

allowed_tools
string[] | null

Per-source tool allowlist.

rate_cap_per_minute
integer | null

Tool calls per minute cap (1–600).

webhook_rate_cap_per_minute
integer | null

Webhook events per minute cap (1–6000).

Response

Successful Response

Outcome shape for the three user_mcp lifecycle endpoints.

Mirrors the dict the service methods return verbatim (status, optional health_error, etc.) without re-shaping. error is populated on validation failure; data_source_id is populated on success.

data_source_id
string | null
status
string | null
name
string | null
ingestion_mode
string | null
health_error
string | null
error
string | null
detail
string | null