Trying to wrap convex functions as MCP tools
Hi team,
I'm building an agentic ERP system using Convex and want to expose it via the Model Context Protocol (MCP) to AI agents like ChatGPT and Claude.
Context:
- MCP's HTTP+SSE transport requires returning streaming responses from POST endpoints
- Each POST can return either JSON or a text/event-stream response
- Connections may stay open for several minutes during long operations
- External AI agents (not app users) need to authenticate and call Convex functions
Questions:
1. Authentication Pattern: What's the recommended way to authenticate external services (AI
agents) calling Convex HTTP Actions?
- These aren't app users with JWTs from Convex Auth
- I'm thinking custom API keys stored in Convex DB (hashed)
- Need to validate on each request and tie to user roles/permissions
2. Security Middleware: MCP requires Origin header validation to prevent DNS rebinding attacks.
What's the best way to implement security checks (Origin validation, rate limiting, CORS) for
HTTP Actions?
- Can I compose middleware-like patterns in Convex?
- Or should I handle these manually in each HTTP Action?
3. Long-lived Connections: What are the timeout limits for Convex HTTP Actions with streaming
responses? MCP connections might stay open for 2-5 minutes during complex operations.
4. Concurrent Connections: Are there limits on concurrent open streaming connections per
deployment?
My Architecture Goal:
AI Agent (ChatGPT/Claude)
↓ HTTP POST with API key
Convex HTTP Action
├─ Validate API key
├─ Check permissions (role-based)
├─ Handle MCP protocol (JSON-RPC 2.0)
├─ Return SSE stream if needed
└─ Route to Convex mutations/queries via ctx.runMutation()
Would love your guidance on the authentication and security middleware patterns specifically -
what's the Convex-native way to handle this?
I'm building an agentic ERP system using Convex and want to expose it via the Model Context Protocol (MCP) to AI agents like ChatGPT and Claude.
Context:
- MCP's HTTP+SSE transport requires returning streaming responses from POST endpoints
- Each POST can return either JSON or a text/event-stream response
- Connections may stay open for several minutes during long operations
- External AI agents (not app users) need to authenticate and call Convex functions
Questions:
1. Authentication Pattern: What's the recommended way to authenticate external services (AI
agents) calling Convex HTTP Actions?
- These aren't app users with JWTs from Convex Auth
- I'm thinking custom API keys stored in Convex DB (hashed)
- Need to validate on each request and tie to user roles/permissions
2. Security Middleware: MCP requires Origin header validation to prevent DNS rebinding attacks.
What's the best way to implement security checks (Origin validation, rate limiting, CORS) for
HTTP Actions?
- Can I compose middleware-like patterns in Convex?
- Or should I handle these manually in each HTTP Action?
3. Long-lived Connections: What are the timeout limits for Convex HTTP Actions with streaming
responses? MCP connections might stay open for 2-5 minutes during complex operations.
4. Concurrent Connections: Are there limits on concurrent open streaming connections per
deployment?
My Architecture Goal:
AI Agent (ChatGPT/Claude)
↓ HTTP POST with API key
Convex HTTP Action
├─ Validate API key
├─ Check permissions (role-based)
├─ Handle MCP protocol (JSON-RPC 2.0)
├─ Return SSE stream if needed
└─ Route to Convex mutations/queries via ctx.runMutation()
Would love your guidance on the authentication and security middleware patterns specifically -
what's the Convex-native way to handle this?
