Skip to Content
FeaturesModulesMCP (AI Agents)Configuration

Configuration

The module is configured via DjangoMCPModuleConfig in your project’s config.py. Assign it to DjangoConfig.mcp.

Minimal setup

from django_cfg import DjangoConfig from django_cfg.modules.django_mcp.__cfg__ import DjangoMCPModuleConfig class MyConfig(DjangoConfig): mcp = DjangoMCPModuleConfig( enabled=True, access_key="your-secret-key", )

When enabled=False (the default), the MCP endpoint exists but returns errors on every call. The admin chat renders in the admin UI but the stream endpoint will fail until the module is enabled.

Top-level fields

FieldTypeDefaultDescription
enabledboolFalseMaster switch. Must be True for any MCP functionality.
endpoint_pathstr"/cfg/mcp/"URL path for the JSON-RPC endpoint.
llm_modelstr"openai/gpt-4.1-nano"Default model for the admin chat agent (OpenRouter format).
access_keystr | NoneNoneStatic key for X-MCP-Access-Key header auth. Required for POST /cfg/mcp/ and POST /cfg/mcp/agent/.
rate_limitstr"100/minute"Format: "N/period". Period is second, minute, hour, or day.
protocol_versionstr"2025-03-26"MCP protocol version reported in the initialize handshake.
server_namestr"django-cfg-mcp"Server name reported in initialize.
server_versionstr"1.0.0"Server version reported in initialize.
enable_streamingboolFalseReserved for future protocol-level streaming. Does not affect SSE admin chat.
enable_audit_logboolTrueWrite every MCP operation to MCPAuditLog.

introspectionIntrospectionConfig

Controls whether agents can discover the app’s structure through introspection tools.

FieldDefaultDescription
enabledFalseAllow list_apps and get_model_schema tools.
expose_urlsFalseAllow the list_urls tool — returns URL patterns.
expose_codeFalseExpose view source snippets. Development use only.
max_depth3Max relationship traversal depth (1–10).
from django_cfg.modules.django_mcp.__cfg__ import DjangoMCPModuleConfig, IntrospectionConfig mcp = DjangoMCPModuleConfig( enabled=True, introspection=IntrospectionConfig( enabled=True, expose_urls=True, ), )

When introspection.enabled = False, the introspection tools exist in the registry but return permission-denied responses.

exposed_appsDict[str, AppMCPConfig]

Controls which Django app models are accessible via query_model and get_object. Apps not listed here are not accessible to any MCP tool.

from django_cfg.modules.django_mcp.__cfg__ import ( DjangoMCPModuleConfig, AppMCPConfig, ModelMCPConfig, ) mcp = DjangoMCPModuleConfig( enabled=True, exposed_apps={ "auth": AppMCPConfig( enabled=True, models={ "user": ModelMCPConfig( enabled=True, read_only=True, hidden_fields=["password", "last_login"], max_results=50, allowed_operations=["list", "retrieve"], ), }, ), }, )

AppMCPConfig fields

FieldDefaultDescription
enabledFalseApp-level switch. All models are inaccessible when False.
models{}Per-model config, keyed by lowercase model name.
max_results100Default max_results applied to all models in this app.

ModelMCPConfig fields

FieldDefaultDescription
enabledFalseModel-level switch.
read_onlyTrueIf True, only list and retrieve operations are permitted.
hidden_fields[]Fields stripped from all responses for this model.
max_results100Max rows returned per query (1–1000).
allowed_operations["list", "retrieve"]Permitted operations. Subset of: list, retrieve, create, update, delete.

commandsCommandMCPConfig

Controls the execute_command tool that runs Django management commands.

FieldDefaultDescription
enabledFalseAllow management command execution.
allowed_commands[]Whitelist of command names. Commands not listed are rejected outright.
timeout_seconds30Max execution time per command (1–300 seconds).
from django_cfg.modules.django_mcp.__cfg__ import CommandMCPConfig mcp = DjangoMCPModuleConfig( enabled=True, commands=CommandMCPConfig( enabled=True, allowed_commands=["check", "migrate_all", "shell"], timeout_seconds=60, ), )

Be conservative with allowed_commands. Management commands like flush, migrate, or shell can have destructive effects. Only whitelist commands you are comfortable with an AI agent running autonomously.

redactionRedactionConfig

Automatic PII redaction applied to tool results before they are returned to the agent.

FieldDefaultDescription
enabledTrueEnable redaction processing.
mode"REDACT"NONE / REDACT / BLOCK — see below.
custom_patterns{}Extra regex patterns as {"label": "pattern"}.

Modes:

  • NONE — results pass through unchanged.
  • REDACT — text matching any pattern is replaced with [REDACTED].
  • BLOCK — if any match is found, the entire result is rejected with an error.

Built-in patterns detect: email addresses, phone numbers, credit card numbers, and US Social Security Numbers.

from django_cfg.modules.django_mcp.__cfg__ import RedactionConfig mcp = DjangoMCPModuleConfig( enabled=True, redaction=RedactionConfig( mode="REDACT", custom_patterns={ "api_key": r"sk-[a-zA-Z0-9]{32,}", "internal_id": r"INT-[0-9]{8}", }, ), )

Helper methods

DjangoMCPModuleConfig exposes convenience methods used internally by tools:

config.is_model_exposed("auth", "user") # → bool config.get_model_config("auth", "user") # → ModelMCPConfig | None config.is_command_allowed("migrate_all") # → bool

These are available in your custom tool implementations via the MCPContext object passed to execute().

Last updated on