# MCP

<Message variant="yellow" title="Warning">
  Be aware that when enabled, this endpoint does not require any authentication. Tools can be called by anyone. However, GraphQL requests still go through any configured authentication & authorization. All the headers passed by the MCP client will be forwarded to the Gateway, and handled like the headers on any other GraphQL request, including for authentication and authorization purposes. See the [authentication](/docs/gateway/security/authentication) section of the docs for more information on how to implement MCP spec compliant authentication with [OAuth 2.0 protected resource metadata](https://datatracker.ietf.org/doc/html/rfc9728).
</Message>

The gateway can start an MCP server endpoint with:

```toml
[mcp]
enabled = true # defaults to false
# Path at which to expose the MCP service
path = "/mcp"
# Whether mutations can be executed
execute_mutations = false
# Either "http-streaming" or "sse". The default is "http-streaming".
transport = "http-streaming"
```