Overview
The proxy endpoint forwards requests to OAuth provider APIs (e.g., Google) using the user’s stored OAuth credentials. This allows your application to access provider APIs without ever handling the user’s OAuth tokens directly. Supported Methods:GET, POST, PUT, PATCH, DELETE
Path Parameters
OAuth provider name. Currently supported:
googleThe API path to call on the provider. This is appended to the provider’s base URL.For Google, the base URL is
https://www.googleapis.com/, so:gmail/v1/users/me/messagesbecomeshttps://www.googleapis.com/gmail/v1/users/me/messagescalendar/v3/calendars/primary/eventsbecomeshttps://www.googleapis.com/calendar/v3/calendars/primary/events
Headers
Your MCP Rank API key
Bearer token. Format:
Bearer {mcp_identity_access_token}Request Body
ForPOST, PUT, and PATCH requests, the request body is forwarded as-is to the provider API. Use the appropriate Content-Type header (typically application/json).
Response
The response from the provider API is returned as-is, including:- Status code
- Response headers (except internal headers)
- Response body
Google API Examples
Gmail
Calendar
Drive
Error Responses
Security
- Your application never sees the user’s OAuth tokens
- Tokens are stored encrypted and managed by MCP Rank
- Tokens are automatically refreshed when they expire
- All proxy requests are logged for audit purposes