Release date 2026/04/28
Bugfix
-
Fixed an issue where WWW-Authenticate: Bearer error=”insufficient_scope” header was not emitted.
AI MCP Proxy
AI License Required
Related Documentation
Made by
Kong Inc.
Supported Gateway Topologies
hybrid
db-less
traditional
Supported Konnect Deployments
hybrid
cloud-gateways
serverless
Compatible Protocols
grpc
grpcs
http
https
Minimum Version
Kong Gateway - 3.12
3.14.0.2
3.14.0.0
Release date 2026/04/07
Feature
-
Added support for ACL with OAuth claim.
-
Added support for session sharing and active notice when doing MCP conversion.
Bugfix
-
Fixed an issue where the latest 2025-11-25 spec defines the Authorization error codes which are different from ours.
-
Fixed an issue where ACL denial caused parsing body failure.
-
Fixed an issue where the ACL metric label value was incorrect.
-
Fixed an issue where
tools/listcould expose tools to consumers denied by tool ACL in listener mode. -
Fixed an issue where we didn’t keep the port after MCP conversion.
-
Fixed an issue where we have not reported metrics to konnect since 3.13.
-
Fixed an issue where PATCHing the tool caused an error.
Performance
-
reduced tool cache build time and avoided long blocking.
3.13.0.3
Release date 2026/04/08
Bugfix
-
Fixed an issue where the latest 2025-11-25 spec defines the Authorization error codes which are different from ours.
-
Fixed an issue where the ACL metric label value was incorrect.
-
Fixed an issue where we have not reported metrics to konnect since 3.13.
3.13.0.1
Release date 2026/02/01
Bugfix
-
Fixed an issue where
tools/listcould expose tools to consumers denied by tool ACL in listener mode. -
Fixed an issue where PATCHing the tool caused an error.
3.13.0.0
Release date 2025/12/18
Feature
-
Added support for MCP ACL control.
-
Added support for cookie in OpenAPI spec when doing MCP conversion.
-
Added support for structured output from MCP conversion.
Bugfix
-
Fixed an issue where path traversal can be done with path parameter.
-
Fixed an issue where MCP server could not call upstream when proxy protocol is used.
-
Fixed an issue where failing to fetch tools cache was not handled properly.
-
Fixed an issue where forwarding client headers to upstream could not be disabled.
-
Fixed an issue where trusted ip relative headers were forwarded upstream.
-
Fixed an issue where
tools/callcould accept malformed requests and generate wrong responses. -
Fixed an issue where path invalid error was not handled properly.
-
Fixed an issue where we could not override the upstream’s scheme when converting MCP tool to RESTful API.
-
Fixed an issue where MCP server could not call upstream when self-signed certificate is used in Kong.
-
Fixed an issue where mcp proxy is not parsing default values properly.
-
Fixed an issue when using passthrough-mode, tools without tool ACL do not apply default ACL.
3.12.0.3
Release date 2026/02/26
Bugfix
-
Fixed an issue where path traversal can be done with path parameter.
-
Fixed an issue where PATCHing the tool caused an error.
3.12.0.2
Release date 2025/12/10
Bugfix
-
Fixed an issue where failing to fetch tools cache was not handled properly.
-
Fixed an issue where trusted ip relative headers were forwarded upstream.
-
Fixed an issue where
tools/callcould accept malformed requests and generate wrong responses. -
Fixed an issue where path invalid error was not handled properly.
-
Fixed an issue where we could not override the upstream’s scheme when converting MCP tool to RESTful API.
3.12.0.1
Release date 2025/11/18
Bugfix
-
Fixed an issue where MCP server could not call upstream when proxy protocol is used.
-
Fixed an issue where forwarding client headers to upstream could not be disabled.
-
Fixed an issue where MCP server could not call upstream when self-signed certificate is used in Kong.