FlowFuse
Interact with MCP servers in FlowFuse UI
Epic
No response
Description
As a FlowFuse user using MCP
I want to interact with my MCP servers in the FlowFuse UI
So that I can more easily manage my MCP resources in a single place
At present, a user who uses our MCP nodes to create an MCP server must manage this in VSCode or another tool. Our own demo shows the user in VSCode: https://youtu.be/troUvaF8V68?si=d0vUus6RZCJVpLE4&t=132
We want the user to be able to do the following in FlowFuse:
- Create an MCP server (already enabled in Node-RED using MCP nodes)
- Connect to that MCP server in the FF UI (accomplished in VSCode in the demo)
- Interact with MCP resources using the chat functionality provided by FlowFuse Expert (accomplished in VSCode in the demo)
Dependent upon: https://github.com/FlowFuse/flowfuse/issues/6207
Which customers would this be available to
Everyone - CE/Starter/Team/Enterprise
Acceptance Criteria
- [ ] criteria 1
- [ ] criteria 2
- [ ] criteria 3
- ...
Have you provided an initial effort estimate for this issue?
I have provided an initial effort estimate
@gstout52 here is an overview of the various MCP types we can have and to which we can cater the FlowFuse expert. Afaik for this issue we are talking about last type, the MCPs that the user configured within their Node-RED instances to control external things. This is the yellow type in the diagram below:
flowchart LR
Agent[FF Expert AI Agent]
Agent --> FFMCP[FlowFuse MCP]
Agent --> NRMCP[Node-RED Instance MCPs]
FFMCP --> FFControl[Control FlowFuse Platform]
FFMCP --> FFRead[Read FlowFuse Data]
NRMCP --> NR1[Node-RED Instance 1]
NRMCP --> NR2[Node-RED Instance 2]
NRMCP --> NR3[Node-RED Instance N]
NR1 --> NR1Control[Control Instance 1]
NR1 --> NR1MCP[Instance 1 Custom MCPs]
NR2 --> NR2Control[Control Instance 2]
NR2 --> NR2MCP[Instance 2 Custom MCPs]
NR3 --> NR3Control[Control Instance N]
NR3 --> NR3MCP[Instance N Custom MCPs]
NR1MCP --> Device1[IoT Devices]
NR1MCP --> API1[External APIs]
NR1MCP --> DB1[Databases]
NR2MCP --> Device2[Home Automation]
NR2MCP --> API2[Cloud Services]
NR3MCP --> Custom[Custom Integrations]
style Agent fill:#4A90E2,stroke:#2E5C8A,stroke-width:3px,color:#fff
style FFMCP fill:#E8F4F8,stroke:#4A90E2,stroke-width:2px
style NRMCP fill:#E8F4F8,stroke:#4A90E2,stroke-width:2px
style NR1MCP fill:#FFF4E6,stroke:#F39C12,stroke-width:2px
style NR2MCP fill:#FFF4E6,stroke:#F39C12,stroke-width:2px
style NR3MCP fill:#FFF4E6,stroke:#F39C12,stroke-width:2px
Related to this issue will be how we are going to make the user aware what capabilities or rather what MCPs in this case the user has access to do things with through the FlowFuse expert.
In a recent slack conversation at https://flowforgeworkspace.slack.com/archives/C09SAAU81PV/p1762965258287649 I surfaced the UI that Notion is currently using to display what access its inner workspace AI agent has:
Putting this here for inspiration. Not sure if this scales for the usecases we need yet.
For this issue I think its worthwhile to post the screenshot of an initial throw at what a potential UI could look like for this kind of workspace FlowFuse expert agent within FlowFuse that has access to these various MCPs. Take the following screenshot which is from a prototype within Figma with a lot of salt, still I think it shows a couple of interesting things:
- It shows a dedicated sidebar position for AI related Automations (workflows using AI to do things across the FlowFuse workspace and/or perhaps configured in an instance)
- It shows a dedicated sidebar position for AI related conversations: an interface in which any AI conversations with the FlowFuse expert are accessible across FlowFuse workspace members
- FlowFuse Expert prompt directly on page
- Conversations are owned (cannot be edited by anyone but the owner), but can be inspected and shared
- AI resources are made apparent. This is similar to the notion screenshot above, but done in a way where it is more dedicated to the type of environment FlowFuse has. I think interesting here is the fact that instances can be offline/not accessible.
- I think especially the situation of a non-internet connected usecase might be interesting to take into mind at some point where specific instances might be holding the AI Model so everything is processed locally.
Link: https://www.figma.com/make/Hia9xmPnEg7kCCtrBZJglV/AI-LLM-Vierew?t=uZQZvNJWNlZi1aMG-0 (you can adjust it yourself using the Figma Make prompt)
PS: AI output is non deterministic
Looks great, @dimitrieh . And yes, we're talking just about the yellow MCP servers, as you diagrammed them. I like the idea of a team-level UI for this. For a first iteration, I think we should make all conversations available to all team owners, as we'll need a separate issue to introduce the concept of conversation-level RBAC, wherein a conversation owner sets permissions for conversation access, separately from permissions set for teams and applications.
For a first iteration, I think we should make all conversations available to all team owners, as we'll need a separate issue to introduce the concept of conversation-level RBAC, wherein a conversation owner sets permissions for conversation access, separately from permissions set for teams and applications.
@gstout52 that sounds good. Still, it is a deviation of what seems like the purpose of this issue, which is enabling MCP access to FlowFuse expert users.
Afaik, I see multiple JTBDs right now:
- As a user of FlowFuse expert, I want to know what I have talked about before with the FlowFuse expert in previous sessions, so that I can more easily continue where I left of or retrieve information I know I have talked about with the FlowFuse expert before.
- As a user of FlowFuse expert, I want to be able to use the MCPs I build in my Node-RED instances from a single point of access, so that I can more easily control the resources that I care for.
- As a user of FlowFuse expert, I want to know what MCP servers are available to me through the FlowFuse expert so that I know what I can accomplish ahead of using the FlowFuse expert.
- As a user of FlowFuse expert, I want to know how I can use the MCP servers that are available to me through the FlowFuse expert so that I know what I can accomplish ahead of using the FlowFuse expert.
- As a user of FlowFuse expert, I want to know when I have used a resource effectively using the FlowFuse expert and its available MCP servers so that I am validated and reassured in my approach to manage my resources this way.
How is this going for this release? I'm looking to include this in our Demo for ProveIt.
As a FlowFuse user using MCP I want to interact with my MCP servers in the FlowFuse UI So that I can more easily manage my MCP resources in a single place
As this story has a general purpose JTBD and is basically focused on adding a feature/functionality rather than supporting the journey of a specific persona,
I am putting this under:
- https://github.com/FlowFuse/flowfuse/issues/6386 Which is the first part of:
- https://github.com/FlowFuse/flowfuse/issues/6385 (Dedicated to supporting a specific user journey of a specific persona)
In the next comment, I'll define what we want from a functional perspective to be available/possible.
@Steve-Mcl @cstns For the current iteration, from a UI and UX perspective, we will implement the following:
- New mode switcher for existing FlowFuse expert contexts. Current FlowFuse expert will be
support, new moderesearch - When switching modes, a new context is always created. We switch BE end point and essentially get a different agent with different more general capabilities that can call tools from MCPs. No continuation of context is possible when switching modes for now.
- If possible, we will retain the session context per mode, so that the user can switch back and forth and not lose their previous context.
- Resource selection will essentially represent an Node-RED MCP server. No selection per tool. Mental model of an MCP server maps to a PLC or facility, with individual tools being there sensors and metric end points.
- Resources can be selected in a dropdown menu witch checkboxes. It shows the title of the MCP server and the amount of tools available within it.
- Resource selection dropdown button includes counter for active selection and is positioned floating on top of chat area
- Tool calls have a new primitive within the FlowFuse chat interface
- Tool calls show the tool name, and a timer counting up. This gives feedback to the user that tool calls have their individual process time.
- For now, we do not render the output yet of tool calls (we can look into this though if easy to do)
| Main context | Subcontext | |
|---|---|---|
| Starting a research context + Resource selection | ||
| Tool call in progress after prompt | ||
| Subsequent tool call in progress, plus scrolled up |
We are dabbling aside from that, of updating the dashboard-role FlowFuse environment to have a dedicated FlowFuse expert that only has the "MCP mode". We're leaving this for a follow up iteration however.
This is for now deferred to a follow-up iteration. I am working out the various iterations in subsequent updates in https://github.com/FlowFuse/flowfuse/issues/6385 (TBD)
cc: @knolleary @gstout52
Notes from sync meeting between @Steve-Mcl @cstns and me:
- Ability to release this internally first, then publicly is a good idea regardless of end-decision. This way we can separate concerns and leave this decision separate from development/merging.
- Need: Feature flag will be implemented to be able to whitelist who has access to this feature, or to make it available to everyone.
- Expected bug reports from users if released publicly:
- Time-out/cache-busting/AWS timeouts
- Context window loaded up too far due to included resources/tools/tool results/prompts without proper feedback to the user
- Getting wrong results from MCPs, but user not informed
- Misconfigurations MCP giving errors, but user not informed
- Proper MCP loop has a lot of moving parts, this might give problems we don't know yet
- Current MCP implementation does NOT yet have auth, instead it depends on the Node-RED instance authentication of being public or not.
- Problem: Currently, when Node-RED instance authentication is turned on in FlowFuse, the FlowFuse expert will not be able to connect with the MCP end points defined in that Node-RED instance.
- Follow up: Make it possible to authenticate with FlowFuse authentication protected Node-RED MCP servers.
- MCP server registry table does not show the auth token for "FlowFuse user authentication"
- When user uses "research" mode, they are already logged in to FlowFuse. We can use that ID for auth from FlowFuse Expert to Node-RED MCP servers.
- Follow up: Create an Opt-Out "FlowFuse expert" option in MCP server node to allow users to exclude MCP servers from FlowFuse expert.
- Follow up: Make it possible to authenticate with FlowFuse authentication protected Node-RED MCP servers.
- Discovered that currently we do not adequately inform users of end points being public or not from Node-RED. This is a Node-RED issue.
- Resource selection
- Resource selection will cater to MCP servers for now, and not also detail MCP tools/resources/prompts
- For Resource selection dropdown we will instead feature MCP server and title on the same line and have a description field on a secondary line if provided see: mockup
- Follow up: Placement resource selection is not yet considered ideal, but will do for a first iteration
- Follow up: Add the following fields to the MCP server node:
DescriptionandVersion number. This can populate the resource selection for better serving the user
- What if no MCP selected?
- Need: Disable SEND button & prompt user to select at least one MCP server.
- Otherwise: It would just be a free gen purpose LLM open to users to abuse. We can consider look towards supporting this in the future if it makes sense.
Technical overview
- User switches to "operator chat" mode in FE - which does a background call to the endpoint to retrieve MCP server summaries
- FE calls to ME v4/mcp/summary
- ME gets MCP servers from DB, checks instances are running, passes URL for each MCP server to BE
- BE generates an MCP Client for each MCP server URL & calls listTools, listPrompts, listResources, listResourceTemplates on each MCP Client
- BE returns summary of MCP server capabilities to ME --> FE At this point, FE has:
[
{"team":"yeONmjGYBj","instance":"ba1feeea-12c3-42a8-bfa3-eb3132051ac8","instanceType":"instance","instanceName":"enchanting-dunlin-1493","name":"Acme Facilities MCP Server","capabilities":{"logging":{},"completions":{},"prompts":{"listChanged":true},"resources":{"listChanged":true},"tools":{"listChanged":true}},"tools":[{"name":"get_oee","title":"Get OEE for a facility","description":"Gets the OEE for a given facility ID","inputSchema":{"type":"object","properties":{"facility_id":{"type":"string","description":"The facility_id of production line"}},"required":["facility_id"],"additionalProperties":false,"$schema":"http://json-schema.org/draft-07/schema#"},"execution":{"taskSupport":"forbidden"}}],"prompts":[],"resources":[{"name":"facilities","title":"Production Lines","uri":"db://facilities","description":"Provides a list of production facilities","mimeType":"application/json"}],"resourceTemplates":[],"mcpProtocol":"http"},
{...},
{...},
...
]
- FE can display the list of MCP servers with suitable titles/descriptions & allow user to select which MCP servers to include in the chat query context.
- FE user selects which MCP servers to include in the chat query context & user enters/sends query
- FE calls v4/operator-chat with selected MCP servers (key? details?) and query
- ME passes MCP servers info to BE
- Q: Should ME do any verification of selected MCP servers against user/team permissions at this point?
- BE generates MultiMCPClient thing for selected MCP servers & uses them to build tools/resources for LangChain LLM chat agent (binds to LLM)
- DE returns LLM chat response to ME --> FE
Closing this issue as https://github.com/FlowFuse/flowfuse/pull/6436 has been merged