> ## Documentation Index > Fetch the complete documentation index at: https://docs.runalloy.com/llms.txt > Use this file to discover all available pages before exploring further. # Create a new MCP server > Creates a new MCP server with specified configuration and restrictions ## OpenAPI ````yaml post /api/servers openapi: 3.0.1 info: title: MCP Server API description: > The Alloy MCP Server API enables you to create and manage MCP (Model Context Protocol) servers that provide secure, controlled access to platform integrations for AI assistants. ## Key Features - Dynamic tool discovery and execution - Fine-grained access restrictions - JWT-based user isolation - Self-sufficient token URLs - Support for 21+ platform connectors version: '2.0' contact: name: Alloy Support email: support@runalloy.com url: https://runalloy.com servers: - url: https://mcp.runalloy.com description: Production server - url: http://localhost:3000 description: Local development server security: - bearerAuth: [] tags: - name: Server Management description: Create and manage MCP servers - name: MCP Protocol description: Execute MCP protocol operations - name: Tools description: Discover and execute tools - name: Resources description: Access server resources - name: Prompts description: Access prompt templates paths: /api/servers: post: tags: - Server Management summary: Create a new MCP server description: Creates a new MCP server with specified configuration and restrictions operationId: create-server parameters: - name: x-alloy-userid in: header description: User ID for server ownership (optional with API key) schema: type: string requestBody: required: true content: application/json: schema: type: object required: - name properties: name: type: string description: Server name (1-100 characters) minLength: 1 maxLength: 100 description: type: string description: Server description customInstructions: type: string description: Custom instructions for AI assistants (beta) tokenExpiresInDays: type: integer description: Token expiration in days (1-365) minimum: 1 maximum: 365 restrictions: $ref: '#/components/schemas/ServerRestrictions' example: name: Production Server description: Main production MCP server with restricted access tokenExpiresInDays: 90 restrictions: connectors: mode: allowlist allowedIds: - slack - notion - hubspot responses: '201': description: Server created successfully content: application/json: schema: allOf: - $ref: '#/components/schemas/Server' - type: object properties: accessToken: type: string description: Access token (only returned on creation) example: serverId: production-server-a1b2c3d4 name: Production Server description: Main production MCP server url: https://mcp.runalloy.com/mcp/production-server-a1b2c3d4 accessUrl: >- https://mcp.runalloy.com/mcp/production-server-a1b2c3d4/mcp_token_xyz789 accessToken: mcp_token_xyz789 restrictions: connectors: mode: allowlist allowedIds: - slack - notion - hubspot createdAt: '2024-01-01T00:00:00Z' updatedAt: '2024-01-01T00:00:00Z' '400': description: Invalid request content: application/json: schema: type: object properties: error: type: string example: error: Invalid payload '401': description: Unauthorized '409': description: Server name already exists security: - bearerAuth: [] components: schemas: ServerRestrictions: type: object properties: connectors: type: object properties: mode: type: string enum: - allowlist - blocklist allowedIds: type: array items: type: string blockedIds: type: array items: type: string actions: type: object properties: mode: type: string enum: - allowlist - blocklist allowedActions: type: array items: type: string blockedActions: type: array items: type: string users: type: object properties: mode: type: string enum: - allowlist - blocklist allowedIds: type: array items: type: string blockedIds: type: array items: type: string Server: type: object properties: serverId: type: string description: Unique server identifier name: type: string description: Server name description: type: string description: Server description url: type: string description: Base URL for API-authenticated access accessUrl: type: string description: Self-sufficient URL with embedded token restrictions: $ref: '#/components/schemas/ServerRestrictions' hasRestrictions: type: boolean description: Whether server has active restrictions createdAt: type: string format: date-time updatedAt: type: string format: date-time securitySchemes: bearerAuth: type: http scheme: bearer bearerFormat: JWT or API Key description: Use either an Alloy API key or JWT token ````