MCP (Model Control Protocol) & Experimental ToolRouter
Composio now introduces comprehensive MCP (Model Control Protocol) support and an experimental ToolRouter for creating isolated, scoped sessions with advanced toolkit management. These features enable seamless integration with modern AI frameworks and provide powerful session-based tool routing capabilities.
Why Use MCP & ToolRouter?
- Framework Integration: Native MCP support for Vercel AI, Mastra, OpenAI Agents, and LangChain
- Session Isolation: Create isolated sessions with specific toolkit configurations
- Advanced Authentication: Flexible auth config management per toolkit
- Scoped Access: Control which tools are available within each session
- Multi-Service Workflows: Route tool calls efficiently across different services
- Development & Testing: Perfect for testing and development with scoped MCP server access
TypeScript SDK (v0.1.53)
Added: MCP API
Core MCP Features:
- MCP Server Creation: Create and manage MCP server configurations
- User-Specific URLs: Generate unique MCP server URLs for individual users
- Toolkit Configuration: Support for multiple toolkits with custom auth configs
- Tool Filtering: Specify allowed tools per configuration
- Connection Management: Choose between manual and automatic account management
Basic Usage:
Framework Integration Examples:
Added: Experimental ToolRouter
Core ToolRouter Features:
- Session-Based Routing: Create isolated sessions for specific users and toolkit combinations
- Dynamic Configuration: Configure toolkits and auth configs per session
- MCP Server URLs: Each session gets a unique MCP server endpoint
- Flexible Toolkit Management: Support for string names or detailed toolkit configurations
- Connection Control: Manual or automatic connection management per session
Basic Usage:
Advanced Multi-Service Integration:
Framework-Specific Examples:
Python SDK (v0.8.17)
Added: MCP Support
Core MCP Features:
- Server Configuration: Create and manage MCP server configurations
- Toolkit Management: Support for both simple toolkit names and detailed configurations
- Authentication Control: Per-toolkit auth config specification
- Tool Filtering: Specify allowed tools across all toolkits
- User Instance Generation: Generate user-specific MCP server instances
Basic Usage:
Simple Toolkit Usage:
LangChain Integration:
Added: Experimental ToolRouter
Core ToolRouter Features:
- Session Management: Create isolated tool routing sessions for users
- Toolkit Configuration: Support for both simple toolkit names and detailed configurations
- Session Isolation: Each session gets its own MCP URL and session ID
- Flexible Authentication: Per-session auth config management
- Scoped Tool Access: Control which tools are available within each session
Basic Usage:
Advanced Configuration:
Integration with AI Frameworks:
Migration Guide
TypeScript SDK: Migrating to New MCP API
The new MCP API provides enhanced functionality and better integration patterns. Here’s how to migrate from the previous MCP implementation:
Before (Legacy MCP)
After (New MCP API)
Key Migration Changes
-
Two-Step Process:
- Before: Single step server creation
- After: Create configuration, then generate user instances
-
Enhanced Configuration:
- Before: Simple toolkit names only
- After: Detailed toolkit configs with auth, tool filtering, connection management
-
User-Specific URLs:
- Before: Single server URL for all users
- After: Unique URLs per user for better isolation
-
Backward Compatibility:
- Legacy Access: Old MCP functionality remains available via
composio.deprecated.mcp
- Gradual Migration: Migrate at your own pace without breaking existing implementations
- Legacy Access: Old MCP functionality remains available via
Migration Benefits
- Better Security: User-specific sessions with isolated access
- Enhanced Control: Fine-grained toolkit and tool management
- Framework Integration: Native support for modern AI frameworks
- Scalability: Better resource management and user isolation
Migration Timeline
- Phase 1: New MCP API available alongside legacy implementation
- Phase 2: Legacy MCP accessible via
deprecated.mcp
namespace - Phase 3: Full deprecation (timeline to be announced)
Recommendation: Start new projects with the new MCP API and gradually migrate existing implementations to benefit from enhanced features and better framework integration.
Key Benefits & Use Cases
Development & Testing
- Isolated Environments: Test different toolkit combinations without affecting production
- Scoped Access: Limit tool access for security and testing purposes
- Framework Flexibility: Works with any MCP-compatible client or framework
Production Workflows
- Multi-Service Integration: Seamlessly combine tools from different services
- User-Specific Sessions: Each user gets their own isolated session with appropriate permissions
- Authentication Management: Fine-grained control over authentication per toolkit
Framework Compatibility
- Vercel AI: Native integration with Vercel AI SDK
- Mastra: Full support for Mastra agents and workflows
- OpenAI Agents: Direct integration with OpenAI’s agent framework
- LangChain: Complete LangGraph and LangChain compatibility
- Custom Clients: Works with any MCP-compatible client
Enterprise Features
- Session Management: Track and manage multiple user sessions
- Resource Control: Limit concurrent sessions and resource usage
- Audit Trail: Full logging and monitoring of tool usage
- Security: Isolated sessions prevent cross-user data access
Migration & Compatibility
Both MCP and ToolRouter features are designed to complement existing Composio functionality:
The experimental ToolRouter API provides a preview of advanced session management capabilities, while the MCP API offers production-ready Model Control Protocol support for modern AI frameworks.
Bug Fixes
Fixed: ToolRouter Dependency Issue
Python SDK (v0.8.19)
Issue Fixed:
- ToolRouter Functionality: Fixed ToolRouter tests that were failing due to missing
tool_router
attribute in HttpClient - Dependency Update: Updated
composio-client
dependency from version 1.9.1 to 1.10.0+ to include ToolRouter functionality - Version Compatibility: Resolved compatibility issues between ToolRouter implementation and client library
Details:
ToolRouter functionality was briefly broken in versions 0.8.15 to 0.8.18 due to a dependency version mismatch. The composio-client
library version 1.9.1 did not include the tool_router
attribute, causing all ToolRouter integration tests to fail with AttributeError: 'HttpClient' object has no attribute 'tool_router'
.
This has been fixed in version 0.8.19 by:
- Updating the
composio-client
dependency to version 1.10.0+ - Ensuring all ToolRouter functionality is now available
- All ToolRouter integration tests now pass successfully
Previous Issue:
Fixed in 0.8.19:
Fixed: Missing Descriptions in Auth Config Fields
Python SDK (v0.8.17) & TypeScript SDK (v0.1.53)
Issue Fixed:
- Auth Config Connection Fields: Added missing descriptions to toolkit auth configuration connection fields
- Auth Config Creation Fields: Added missing descriptions to toolkit auth configuration creation fields
- Field Documentation: Improved field documentation and help text for better developer experience
Details: Previously, when developers were setting up auth configurations for toolkits, many fields lacked proper descriptions, making it difficult to understand what information was required. This fix ensures all auth config fields now include:
- Clear, descriptive field labels
- Helpful placeholder text where appropriate
- Detailed explanations of field requirements
This improvement affects all toolkits and makes the authentication setup process more intuitive and error-free.
Toolkit Versioning in SDKs
Composio Toolkit Versioning provides granular control over tool versions across all your integrations. Instead of always using the latest version of tools, developers can now specify exact toolkit versions, ensuring consistent behavior and controlled updates in production environments.
Why Use Toolkit Versioning?
- Version Stability: Pin specific toolkit versions to avoid unexpected changes in production
- Controlled Updates: Test new toolkit versions before deploying to production
- Environment Consistency: Ensure the same toolkit versions across development, staging, and production
- Rollback Capability: Easily revert to previous toolkit versions if issues arise
- Fine-grained Control: Set different versions for different toolkits based on your needs
Python SDK (v0.8.11)
Added
- Toolkit Versioning Support: New
toolkit_versions
parameter for controlling tool versions- Added
toolkit_versions
parameter toComposio
class initialization - Support for global version setting (e.g.,
'latest'
) - Support for per-toolkit version mapping (e.g.,
{'github': '20250902_00', 'slack': '20250902_00'}
) - Environment variable support with
COMPOSIO_TOOLKIT_VERSION_<TOOLKIT_NAME>
pattern - New
toolkit_version.py
utility module for version resolution logic
- Added
Examples:
TypeScript SDK (v0.1.52)
Added
- Toolkit Versioning Support: Added
toolkitVersions
configuration option- New
toolkitVersions
parameter inComposio
class constructor - Support for global version string or per-toolkit version mapping
- Environment variable parsing with
getToolkitVersionsFromEnv()
utility - Enhanced
getRawComposioToolBySlug()
method for version-specific tool retrieval - Version-aware tool filtering and search capabilities
- New
Examples:
Key Benefits
- Environment Variables: Set
COMPOSIO_TOOLKIT_VERSION_<TOOLKIT_NAME>=<VERSION>
for automatic version resolution - Flexible Configuration: Choose between global versions or per-toolkit version mapping
- Backward Compatibility: Existing code works unchanged - versioning is opt-in
- Version Fallback: Automatically falls back to ‘latest’ when no version is specified
- Cross-Platform Consistency: Identical developer experience across Python and TypeScript
Version Format
Toolkit versions follow the format: YYYYMMDD_NN
(e.g., 20250902_00
) or use 'latest'
for the most recent version only supported at global scope and not individual toolkit level.
Environment Variables
Migration Note
This feature is fully backward compatible. Existing code will continue to work without changes, using the latest versions by default. To enable versioning, simply add the toolkit_versions
parameter during SDK initialization.
Additional Updates
- Package Updates: Bumped all Python provider packages to v0.8.10
- Documentation: Enhanced API documentation with versioning examples
- Testing: Added comprehensive test coverage (400+ new test cases) for versioning functionality
- Examples: New versioning examples demonstrating practical usage patterns
Introducing Composio Auth Links
Composio Auth Links provide a hosted authentication solution that eliminates the need for developers to build custom authentication forms. Instead of manually rendering OAuth consent screens, API key input forms, or custom authentication fields, developers can simply redirect users to a Composio-hosted URL that handles the entire authentication process automatically.
Why Use Auth Links?
- Zero UI Development: No need to build forms for OAuth, API keys, or custom fields like subdomains
- Universal Authentication: Works seamlessly across all supported third-party services
- Reduced Complexity: Replace complex OAuth flows with a simple redirect
- Better UX: Professional, consistent authentication experience for end users
- Faster Integration: Get authentication working in minutes, not hours
Python SDK (v0.8.11)
Added
- Composio Connect Link Support: New
link()
method for creating external authentication links- Added
link()
method toConnectedAccounts
class for generating user authentication links - Support for callback URL redirection after authentication
- Enhanced user experience with external link-based authentication flow
- No manual form rendering required - Composio handles all authentication UI
- Added
Examples:
TypeScript SDK (v0.1.51)
Added
- Composio Connect Links: Added support for composio connect links
- New
link()
method inConnectedAccounts
class for generating authentication URLs - Support for callback URL redirection with
CreateConnectedAccountLinkOptions
- Comprehensive TypeScript types and validation for link creation options
- Eliminates need for custom authentication forms - just redirect users to the link
- New
Examples:
Key Benefits
- No Form Building: Composio handles OAuth consent, API key collection, and custom field inputs
- Hosted Authentication Flow: Professional UI that works across all supported services
- Callback URL Support: Control where users return after successful authentication
- Connection Waiting: Built-in polling to detect when authentication completes
- Cross-Platform Consistency: Identical developer experience across Python and TypeScript
Customisation
You can customise the app logo and name showed in the authentication page via the dashboard. Head over your project via platform.composio.dev
and choose Settings → Auth Links to upload a new logo and change the name.
Migration Note
This feature replaces manual authentication form development with a simple redirect-based approach, significantly reducing integration time and complexity while providing a better user experience. Auth links are drop in replacement for composio.connectedAccounts.initate
, you can safely swap this to composio.connectedAccounts.link