Appearance
Setup (remote)
The remote MCP server is a Streamable-HTTP endpoint behind Caddy, gated by a secret bearer token. Every request must present the token; without it, nothing is served.
The endpoint
POST https://mcp.astrixion.ai/mcp— the MCP endpoint. RequiresAuthorization: Bearer <token>. Missing or wrong token →401.GET https://mcp.astrixion.ai/health— unauthenticated liveness check.
You need the secret token
The token below is a placeholder. Get the real token from the dev team (from your team vault / ops channel — it isn't published anywhere, including here). The server refuses to start if no token is configured, so there is never an open endpoint.
One token, two variable names
There is a single secret value. You present it as Authorization: Bearer <value>. Operators set that value once in the deploy .env as MCP_AUTH_TOKEN, which Compose passes to the server as BBM_MCP_AUTH_TOKEN. Same secret — the two names are just the deploy-side vs. server-side variable. Rotate by changing MCP_AUTH_TOKEN and redeploying.
Client config
Point your MCP client at the endpoint and supply the token as a bearer header:
json
{
"mcpServers": {
"sonar": {
"url": "https://mcp.astrixion.ai/mcp",
"headers": { "Authorization": "Bearer <YOUR_MCP_AUTH_TOKEN>" }
}
}
}See Client plugin config for the local (stdio) alternative.
What the remote agent gets
The remote endpoint runs the pentest profile: read + scan tools only. It authenticates to the Sonar backend internally with its own credentials, but the agent only ever sees the pentest tool surface — destructive admin operations are simply not registered.
Environment (operators)
| Variable | Purpose |
|---|---|
BBM_MCP_AUTH_TOKEN | Required. The shared secret clients must present. No value → server won't start. |
BBM_MCP_PROFILE | Tool profile (pentest on the remote endpoint). |
BBM_BASE_URL | Sonar API base URL the server calls internally. |
BBM_MCP_HTTP_PORT | Listen port (default 3005). |
Rotate the secret by changing MCP_AUTH_TOKEN and redeploying.