Validate MCP server or API source manifests without publishing them.
POST /v1/registry/validate-manifest
POST
/v1/registry/validate-manifest
Authorizations
Section titled “Authorizations ”Request Body required
Section titled “Request Body required ”object
manifest
required
object
schema_version
required
server_id
required
string
name
required
string
tenant_id
required
string
owner
required
object
team
required
string
user_id
required
string
escalation_contact
required
string
oncall_rotation
required
string
environment_id
required
string
endpoint
string format: uri
version
required
string
registration_status
required
credential_mode
required
requested_approval_status
required
docs_url
required
string format: uri
tools
required
Array<object>
object
tool_id
required
string
name
required
string
description
required
string
risk_tier
required
gateway_status
required
denied_reason
string
input_schema_ref
required
string
input_schema
Sanitized MCP tool input schema preserved in the approved snapshot and runtime projection.
object
policy_refs
required
Array<string>
schemaRef
string
Responses
Section titled “ Responses ”Manifest validation result. Semantic validation failures, including policy ref failures, return 200 with valid=false and errors[].
object
valid
required
boolean
schema_ref
required
string
rejects_arbitrary_api_exposure
required
boolean
secrets_redacted
required
boolean
errors
required
Array<object>
object
reason_code
required
string
field
required
string
message
required
string
Type set in Geist, Source Serif 4, and Departure Mono.