Skip to main content
POST
/
api
/
servers
Create a new MCP server
curl --request POST \
  --url https://mcp.runalloy.com/api/servers \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "name": "Production Server",
  "description": "Main production MCP server with restricted access",
  "tokenExpiresInDays": 90,
  "restrictions": {
    "connectors": {
      "mode": "allowlist",
      "allowedIds": [
        "slack",
        "notion",
        "hubspot"
      ]
    }
  }
}
'
import requests

url = "https://mcp.runalloy.com/api/servers"

payload = {
"name": "Production Server",
"description": "Main production MCP server with restricted access",
"tokenExpiresInDays": 90,
"restrictions": { "connectors": {
"mode": "allowlist",
"allowedIds": ["slack", "notion", "hubspot"]
} }
}
headers = {
"Authorization": "Bearer <token>",
"Content-Type": "application/json"
}

response = requests.post(url, json=payload, headers=headers)

print(response.text)
const options = {
method: 'POST',
headers: {Authorization: 'Bearer <token>', 'Content-Type': 'application/json'},
body: JSON.stringify({
name: 'Production Server',
description: 'Main production MCP server with restricted access',
tokenExpiresInDays: 90,
restrictions: {connectors: {mode: 'allowlist', allowedIds: ['slack', 'notion', 'hubspot']}}
})
};

fetch('https://mcp.runalloy.com/api/servers', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));
<?php

$curl = curl_init();

curl_setopt_array($curl, [
CURLOPT_URL => "https://mcp.runalloy.com/api/servers",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => json_encode([
'name' => 'Production Server',
'description' => 'Main production MCP server with restricted access',
'tokenExpiresInDays' => 90,
'restrictions' => [
'connectors' => [
'mode' => 'allowlist',
'allowedIds' => [
'slack',
'notion',
'hubspot'
]
]
]
]),
CURLOPT_HTTPHEADER => [
"Authorization: Bearer <token>",
"Content-Type: application/json"
],
]);

$response = curl_exec($curl);
$err = curl_error($curl);

curl_close($curl);

if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}
package main

import (
"fmt"
"strings"
"net/http"
"io"
)

func main() {

url := "https://mcp.runalloy.com/api/servers"

payload := strings.NewReader("{\n \"name\": \"Production Server\",\n \"description\": \"Main production MCP server with restricted access\",\n \"tokenExpiresInDays\": 90,\n \"restrictions\": {\n \"connectors\": {\n \"mode\": \"allowlist\",\n \"allowedIds\": [\n \"slack\",\n \"notion\",\n \"hubspot\"\n ]\n }\n }\n}")

req, _ := http.NewRequest("POST", url, payload)

req.Header.Add("Authorization", "Bearer <token>")
req.Header.Add("Content-Type", "application/json")

res, _ := http.DefaultClient.Do(req)

defer res.Body.Close()
body, _ := io.ReadAll(res.Body)

fmt.Println(string(body))

}
HttpResponse<String> response = Unirest.post("https://mcp.runalloy.com/api/servers")
.header("Authorization", "Bearer <token>")
.header("Content-Type", "application/json")
.body("{\n \"name\": \"Production Server\",\n \"description\": \"Main production MCP server with restricted access\",\n \"tokenExpiresInDays\": 90,\n \"restrictions\": {\n \"connectors\": {\n \"mode\": \"allowlist\",\n \"allowedIds\": [\n \"slack\",\n \"notion\",\n \"hubspot\"\n ]\n }\n }\n}")
.asString();
require 'uri'
require 'net/http'

url = URI("https://mcp.runalloy.com/api/servers")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Post.new(url)
request["Authorization"] = 'Bearer <token>'
request["Content-Type"] = 'application/json'
request.body = "{\n \"name\": \"Production Server\",\n \"description\": \"Main production MCP server with restricted access\",\n \"tokenExpiresInDays\": 90,\n \"restrictions\": {\n \"connectors\": {\n \"mode\": \"allowlist\",\n \"allowedIds\": [\n \"slack\",\n \"notion\",\n \"hubspot\"\n ]\n }\n }\n}"

response = http.request(request)
puts response.read_body
{
  "serverId": "production-server-a1b2c3d4",
  "name": "Production Server",
  "description": "Main production MCP server",
  "url": "https://mcp.runalloy.com/mcp/production-server-a1b2c3d4",
  "accessUrl": "https://mcp.runalloy.com/mcp/production-server-a1b2c3d4/mcp_token_xyz789",
  "accessToken": "mcp_token_xyz789",
  "restrictions": {
    "connectors": {
      "mode": "allowlist",
      "allowedIds": [
        "slack",
        "notion",
        "hubspot"
      ]
    }
  },
  "createdAt": "2024-01-01T00:00:00Z",
  "updatedAt": "2024-01-01T00:00:00Z"
}
{
"error": "Invalid payload"
}

Authorizations

Authorization
string
header
required

Use either an Alloy API key or JWT token

Headers

x-alloy-userid
string

User ID for server ownership (optional with API key)

Body

application/json
name
string
required

Server name (1-100 characters)

Required string length: 1 - 100
description
string

Server description

customInstructions
string

Custom instructions for AI assistants (beta)

tokenExpiresInDays
integer

Token expiration in days (1-365)

Required range: 1 <= x <= 365
restrictions
object

Response

Server created successfully

serverId
string

Unique server identifier

name
string

Server name

description
string

Server description

url
string

Base URL for API-authenticated access

accessUrl
string

Self-sufficient URL with embedded token

restrictions
object
hasRestrictions
boolean

Whether server has active restrictions

createdAt
string<date-time>
updatedAt
string<date-time>
accessToken
string

Access token (only returned on creation)