kagent-dev · syn-zhu · Mar 5, 2026 · Mar 5, 2026 · Mar 5, 2026
@@ -24,6 +24,7 @@ type HttpMcpServerConfig struct {
 	Tools           []string                       `json:"tools"`
 	AllowedHeaders  []string                       `json:"allowed_headers,omitempty"`
 	RequireApproval []string                       `json:"require_approval,omitempty"`
+	STSAudience     string                         `json:"sts_audience,omitempty"`
 }
 
 type SseConnectionParams struct {
@@ -42,6 +43,7 @@ type SseMcpServerConfig struct {
 	Tools           []string            `json:"tools"`
 	AllowedHeaders  []string            `json:"allowed_headers,omitempty"`
 	RequireApproval []string            `json:"require_approval,omitempty"`
+	STSAudience     string              `json:"sts_audience,omitempty"`
 }
 
 type Model interface {

@@ -10103,6 +10103,13 @@ spec:
                                 type: string
                               maxItems: 50
                               type: array
+                            stsAudience:
+                              description: |-
+                                STSAudience overrides the audience value for STS token exchange when
+                                calling this MCP tool server from this agent. If not set, falls back
+                                to the audience configured on the RemoteMCPServer. If neither is set,
+                                no audience is passed in the token exchange request.
+                              type: string
                             toolNames:
                               description: |-
                                 The names of the tools to be provided by the ToolServer

@@ -171,6 +171,13 @@ spec:
                 type: string
               sseReadTimeout:
                 type: string
+              stsAudience:
+                description: |-
+                  STSAudience specifies the audience value to include in STS token exchange
+                  requests when this MCP server is called. This scopes the issued token to
+                  this specific service. If not set, no audience is passed in the token
+                  exchange request. Can be overridden per-agent via McpServerTool.stsAudience.
+                type: string
               terminateOnClose:
                 default: true
                 type: boolean

@@ -413,6 +413,13 @@ type McpServerTool struct {
 	// Example: ["x-user-email", "x-tenant-id"]
 	// +optional
 	AllowedHeaders []string `json:"allowedHeaders,omitempty"`
+
+	// STSAudience overrides the audience value for STS token exchange when
+	// calling this MCP tool server from this agent. If not set, falls back
+	// to the audience configured on the RemoteMCPServer. If neither is set,
+	// no audience is passed in the token exchange request.
+	// +optional
+	STSAudience *string `json:"stsAudience,omitempty"`
 }
 
 type TypedLocalReference struct {

@@ -59,6 +59,13 @@ type RemoteMCPServerSpec struct {
 	// See: https://gateway-api.sigs.k8s.io/guides/multiple-ns/#cross-namespace-routing
 	// +optional
 	AllowedNamespaces *AllowedNamespaces `json:"allowedNamespaces,omitempty"`
+
+	// STSAudience specifies the audience value to include in STS token exchange
+	// requests when this MCP server is called. This scopes the issued token to
+	// this specific service. If not set, no audience is passed in the token
+	// exchange request. Can be overridden per-agent via McpServerTool.stsAudience.
+	// +optional
+	STSAudience *string `json:"stsAudience,omitempty"`
 }
 
 var _ sql.Scanner = (*RemoteMCPServerSpec)(nil)

@@ -1330,6 +1330,14 @@ func (a *adkApiTranslator) translateMCPServerTarget(ctx context.Context, agent *
 }
 
 func (a *adkApiTranslator) translateRemoteMCPServerTarget(ctx context.Context, agent *adk.AgentConfig, remoteMcpServer *v1alpha2.RemoteMCPServer, mcpServerTool *v1alpha2.McpServerTool, agentHeaders map[string]string, proxyURL string) error {
+	// Resolve STS audience: McpServerTool override > RemoteMCPServer default
+	stsAudience := ""
+	if mcpServerTool.STSAudience != nil && *mcpServerTool.STSAudience != "" {
+		stsAudience = *mcpServerTool.STSAudience
+	} else if remoteMcpServer.Spec.STSAudience != nil {
+		stsAudience = *remoteMcpServer.Spec.STSAudience
+	}
+
 	switch remoteMcpServer.Spec.Protocol {
 	case v1alpha2.RemoteMCPServerProtocolSse:
 		tool, err := a.translateSseHttpTool(ctx, remoteMcpServer, agentHeaders, proxyURL)
@@ -1341,6 +1349,7 @@ func (a *adkApiTranslator) translateRemoteMCPServerTarget(ctx context.Context, a
 			Tools:           mcpServerTool.ToolNames,
 			AllowedHeaders:  mcpServerTool.AllowedHeaders,
 			RequireApproval: mcpServerTool.RequireApproval,
+			STSAudience:     stsAudience,
 		})
 	default:
 		tool, err := a.translateStreamableHttpTool(ctx, remoteMcpServer, agentHeaders, proxyURL)
@@ -1352,6 +1361,7 @@ func (a *adkApiTranslator) translateRemoteMCPServerTarget(ctx context.Context, a
 			Tools:           mcpServerTool.ToolNames,
 			AllowedHeaders:  mcpServerTool.AllowedHeaders,
 			RequireApproval: mcpServerTool.RequireApproval,
+			STSAudience:     stsAudience,
 		})
 	}
 	return nil

@@ -0,0 +1,51 @@
+operation: translateAgent
+targetObject: agent
+namespace: test
+objects:
+  - apiVersion: v1
+    kind: Secret
+    metadata:
+      name: openai-secret
+      namespace: test
+    data:
+      api-key: c2stdGVzdC1hcGkta2V5  # base64 encoded "sk-test-api-key"
+  - apiVersion: kagent.dev/v1alpha2
+    kind: ModelConfig
+    metadata:
+      name: test-model
+      namespace: test
+    spec:
+      provider: OpenAI
+      model: gpt-4o
+      apiKeySecret: openai-secret
+      apiKeySecretKey: api-key
+  - apiVersion: kagent.dev/v1alpha2
+    kind: Agent
+    metadata:
+      name: agent
+      namespace: test
+    spec:
+      type: Declarative
+      declarative:
+        description: An agent with STS audience on RemoteMCPServer
+        systemMessage: You are a helpful assistant.
+        modelConfig: test-model
+        tools:
+          - type: McpServer
+            mcpServer:
+              name: toolserver
+              kind: RemoteMCPServer
+              apiGroup: kagent.dev
+              toolNames:
+                - tool1
+                - tool2
+  - apiVersion: kagent.dev/v1alpha2
+    kind: RemoteMCPServer
+    metadata:
+      name: toolserver
+      namespace: test
+    spec:
+      url: http://mcp-server.test:8080/mcp
+      description: "Test MCP Server with STS audience"
+      protocol: STREAMABLE_HTTP
+      stsAudience: "https://mcp-server.example.com"
@@ -0,0 +1,52 @@
+operation: translateAgent
+targetObject: agent
+namespace: test
+objects:
+  - apiVersion: v1
+    kind: Secret
+    metadata:
+      name: openai-secret
+      namespace: test
+    data:
+      api-key: c2stdGVzdC1hcGkta2V5  # base64 encoded "sk-test-api-key"
+  - apiVersion: kagent.dev/v1alpha2
+    kind: ModelConfig
+    metadata:
+      name: test-model
+      namespace: test
+    spec:
+      provider: OpenAI
+      model: gpt-4o
+      apiKeySecret: openai-secret
+      apiKeySecretKey: api-key
+  - apiVersion: kagent.dev/v1alpha2
+    kind: Agent
+    metadata:
+      name: agent
+      namespace: test
+    spec:
+      type: Declarative
+      declarative:
+        description: An agent with STS audience override on McpServerTool
+        systemMessage: You are a helpful assistant.
+        modelConfig: test-model
+        tools:
+          - type: McpServer
+            mcpServer:
+              name: toolserver
+              kind: RemoteMCPServer
+              apiGroup: kagent.dev
+              toolNames:
+                - tool1
+                - tool2
+              stsAudience: "https://agent-specific-audience.example.com"
+  - apiVersion: kagent.dev/v1alpha2
+    kind: RemoteMCPServer
+    metadata:
+      name: toolserver
+      namespace: test
+    spec:
+      url: http://mcp-server.test:8080/mcp
+      description: "Test MCP Server with STS audience that gets overridden"
+      protocol: STREAMABLE_HTTP
+      stsAudience: "https://default-audience.example.com"