Configuration
The module is configured via DjangoMCPModuleConfig in your project’s config.py. Assign it to DjangoConfig.mcp.
Minimal setup
from django_cfg import DjangoConfig
from django_cfg.modules.django_mcp.__cfg__ import DjangoMCPModuleConfig
class MyConfig(DjangoConfig):
mcp = DjangoMCPModuleConfig(
enabled=True,
access_key="your-secret-key",
)When enabled=False (the default), the MCP endpoint exists but returns errors on every call. The admin chat renders in the admin UI but the stream endpoint will fail until the module is enabled.
Top-level fields
| Field | Type | Default | Description |
|---|---|---|---|
enabled | bool | False | Master switch. Must be True for any MCP functionality. |
endpoint_path | str | "/cfg/mcp/" | URL path for the JSON-RPC endpoint. |
llm_model | str | "openai/gpt-4.1-nano" | Default model for the admin chat agent (OpenRouter format). |
access_key | str | None | None | Static key for X-MCP-Access-Key header auth. Required for POST /cfg/mcp/ and POST /cfg/mcp/agent/. |
rate_limit | str | "100/minute" | Format: "N/period". Period is second, minute, hour, or day. |
protocol_version | str | "2025-03-26" | MCP protocol version reported in the initialize handshake. |
server_name | str | "django-cfg-mcp" | Server name reported in initialize. |
server_version | str | "1.0.0" | Server version reported in initialize. |
enable_streaming | bool | False | Reserved for future protocol-level streaming. Does not affect SSE admin chat. |
enable_audit_log | bool | True | Write every MCP operation to MCPAuditLog. |
introspection — IntrospectionConfig
Controls whether agents can discover the app’s structure through introspection tools.
| Field | Default | Description |
|---|---|---|
enabled | False | Allow list_apps and get_model_schema tools. |
expose_urls | False | Allow the list_urls tool — returns URL patterns. |
expose_code | False | Expose view source snippets. Development use only. |
max_depth | 3 | Max relationship traversal depth (1–10). |
from django_cfg.modules.django_mcp.__cfg__ import DjangoMCPModuleConfig, IntrospectionConfig
mcp = DjangoMCPModuleConfig(
enabled=True,
introspection=IntrospectionConfig(
enabled=True,
expose_urls=True,
),
)When introspection.enabled = False, the introspection tools exist in the registry but return permission-denied responses.
exposed_apps — Dict[str, AppMCPConfig]
Controls which Django app models are accessible via query_model and get_object. Apps not listed here are not accessible to any MCP tool.
from django_cfg.modules.django_mcp.__cfg__ import (
DjangoMCPModuleConfig,
AppMCPConfig,
ModelMCPConfig,
)
mcp = DjangoMCPModuleConfig(
enabled=True,
exposed_apps={
"auth": AppMCPConfig(
enabled=True,
models={
"user": ModelMCPConfig(
enabled=True,
read_only=True,
hidden_fields=["password", "last_login"],
max_results=50,
allowed_operations=["list", "retrieve"],
),
},
),
},
)AppMCPConfig fields
| Field | Default | Description |
|---|---|---|
enabled | False | App-level switch. All models are inaccessible when False. |
models | {} | Per-model config, keyed by lowercase model name. |
max_results | 100 | Default max_results applied to all models in this app. |
ModelMCPConfig fields
| Field | Default | Description |
|---|---|---|
enabled | False | Model-level switch. |
read_only | True | If True, only list and retrieve operations are permitted. |
hidden_fields | [] | Fields stripped from all responses for this model. |
max_results | 100 | Max rows returned per query (1–1000). |
allowed_operations | ["list", "retrieve"] | Permitted operations. Subset of: list, retrieve, create, update, delete. |
commands — CommandMCPConfig
Controls the execute_command tool that runs Django management commands.
| Field | Default | Description |
|---|---|---|
enabled | False | Allow management command execution. |
allowed_commands | [] | Whitelist of command names. Commands not listed are rejected outright. |
timeout_seconds | 30 | Max execution time per command (1–300 seconds). |
from django_cfg.modules.django_mcp.__cfg__ import CommandMCPConfig
mcp = DjangoMCPModuleConfig(
enabled=True,
commands=CommandMCPConfig(
enabled=True,
allowed_commands=["check", "migrate_all", "shell"],
timeout_seconds=60,
),
)Be conservative with allowed_commands. Management commands like flush, migrate, or shell can have destructive effects. Only whitelist commands you are comfortable with an AI agent running autonomously.
redaction — RedactionConfig
Automatic PII redaction applied to tool results before they are returned to the agent.
| Field | Default | Description |
|---|---|---|
enabled | True | Enable redaction processing. |
mode | "REDACT" | NONE / REDACT / BLOCK — see below. |
custom_patterns | {} | Extra regex patterns as {"label": "pattern"}. |
Modes:
NONE— results pass through unchanged.REDACT— text matching any pattern is replaced with[REDACTED].BLOCK— if any match is found, the entire result is rejected with an error.
Built-in patterns detect: email addresses, phone numbers, credit card numbers, and US Social Security Numbers.
from django_cfg.modules.django_mcp.__cfg__ import RedactionConfig
mcp = DjangoMCPModuleConfig(
enabled=True,
redaction=RedactionConfig(
mode="REDACT",
custom_patterns={
"api_key": r"sk-[a-zA-Z0-9]{32,}",
"internal_id": r"INT-[0-9]{8}",
},
),
)Helper methods
DjangoMCPModuleConfig exposes convenience methods used internally by tools:
config.is_model_exposed("auth", "user") # → bool
config.get_model_config("auth", "user") # → ModelMCPConfig | None
config.is_command_allowed("migrate_all") # → boolThese are available in your custom tool implementations via the MCPContext object passed to execute().