How to integrate Control d MCP with Pydantic AI

BOOK A CALLGET STARTED FOR FREE
Framework Integration Gradient
Control d Logo
Pydantic AI Logo
divider

Introduction

This guide walks you through connecting Control d to Pydantic AI using the Composio tool router. By the end, you'll have a working Control d agent that can list all devices connected to my account, remove a device by its id, show known access ips for my network, delete a custom dns rule from a profile through natural language commands.

This guide will help you understand how to give your Pydantic AI agent real control over a Control d account through Composio's Control d MCP server.

Before we dive in, let's take a quick look at the key ideas and tools involved.

TL;DR

Here's what you'll learn:
  • How to set up your Composio API key and User ID
  • How to create a Composio Tool Router session for Control d
  • How to attach an MCP Server to a Pydantic AI agent
  • How to stream responses and maintain chat history
  • How to build a simple REPL-style chat interface to test your Control d workflows

What is Pydantic AI?

Pydantic AI is a Python framework for building AI agents with strong typing and validation. It leverages Pydantic's data validation capabilities to create robust, type-safe AI applications.

Key features include:

  • Type Safety: Built on Pydantic for automatic data validation
  • MCP Support: Native support for Model Context Protocol servers
  • Streaming: Built-in support for streaming responses
  • Async First: Designed for async/await patterns

What is the Control d MCP server, and what's possible with it?

The Control d MCP server is an implementation of the Model Context Protocol that connects your AI agent and assistants like Claude, Cursor, etc directly to your Control d account. It provides structured and secure access to your DNS filtering and device management environment, so your agent can perform actions like managing devices, enforcing policies, retrieving analytics, and monitoring network access on your behalf.

  • Device inventory management: Easily list all devices on your account or remove specific devices by their identifier for streamlined device control.
  • Profile and rule administration: Direct your agent to delete profiles, custom rules, or schedules—helping you maintain and enforce up-to-date network policies.
  • Network access monitoring: Retrieve a list of known access IPs to keep tabs on which endpoints are connecting to your network infrastructure.
  • Analytics endpoints discovery: Quickly fetch available analytics storage regions and endpoints so you can integrate and analyze DNS traffic data efficiently.
  • Organization details access: Have the agent fetch and present your organization's account details for easy reference and auditing.

Supported Tools & Triggers

Tools
Delete Device by IDTool to delete a Control-D device.
Delete Profile by IDTool to delete a profile.
Delete Profile Rule by HostnameTool to delete a specific custom rule by hostname from a profile.
Delete Profile Rule by Rule IDTool to delete a specific custom rule by its ID within a profile.
Delete Profile Rule in FolderTool to delete a specific custom rule within a folder.
Delete Profile ScheduleTool to delete a specific schedule within a profile.
List Known Access IPsTool to list known IPs associated with the account.
Get Analytics EndpointsTool to list analytics storage regions and their endpoints.
Get DevicesTool to list all devices associated with the account.
Get Organization DetailsTool to view the authenticated organization's details.
Get ProfilesTool to list all profiles associated with the authenticated account.
Get Profile OptionsTool to get all available profile options.
Get Profile by IDTool to retrieve details of a specific profile by its ID.
Get Profile AnalyticsTool to retrieve analytics data for a specific profile.
Get Profile Analytics LogsTool to list analytics log entries for a given profile.
Get Analytics Log EntryTool to retrieve a specific analytics log entry by its ID.
Get Profile Analytics SummaryTool to fetch a summary of analytics data for a given profile.
Get Profile Analytics Top DomainsTool to fetch top domains accessed within a specific profile.
Get Profile Top ServicesTool to fetch top services accessed within a profile.
Get Profile FiltersTool to list native filters associated with a specific profile.
List External Filters for ProfileTool to list third-party filters for a specific profile.
Get Profile FoldersTool to list rule folders (groups) within a profile.
List Custom Rules for ProfileTool to retrieve custom rules associated with a specific profile.
List Custom Rules in FolderTool to retrieve custom rules in a specific folder of a profile.
Get Custom Rule by Rule IDTool to retrieve details of a specific custom rule by its ID.
Get Specific Rule in FolderTool to retrieve a specific rule within a folder by its ID.
Get Profile SchedulesTool to list schedules associated with a specific profile.
Get Profile ScheduleTool to retrieve a specific schedule by its ID within a profile.
Get Profile ServicesTool to list services associated with a specific profile.
Get Service CategoriesTool to list all service categories.
List Services by CategoryTool to list all services within a specific category.
Get UsersTool to retrieve user account data.
Create DeviceTool to create a new device.
Create ProfileTool to create a new blank profile or clone an existing one.
Create Custom Rules for ProfileTool to create custom rules for a profile.
Create Custom Rules in Profile FolderTool to create custom rules within a specific folder for a profile.
Create Profile ScheduleTool to create a new schedule within a specific profile.
Modify DeviceTool to modify an existing device.
Modify OrganizationTool to modify organization settings and limits.
Update Profile by IDTool to modify an existing profile by ID.
Bulk Update Profile FiltersTool to bulk update filters on a specific profile.
Update External Filters for ProfileTool to update external filters for a specific profile.
Modify Profile FilterTool to modify the enabled state of a specific filter on a profile.
Modify Custom Rules for ProfileTool to modify existing custom rule(s) for a profile.
Update Custom Rule by Rule IDTool to update an existing custom rule by its ID.
Move Profile Rule to FolderTool to move a specific custom rule into a different folder.
Update Profile ScheduleTool to update a specific schedule within a profile.
Modify Service for ProfileTool to modify a specific service rule for a profile.

What is the Composio tool router, and how does it fit here?

What is Tool Router?

Composio's Tool Router helps agents find the right tools for a task at runtime. You can plug in multiple toolkits (like Gmail, HubSpot, and GitHub), and the agent will identify the relevant app and action to complete multi-step workflows. This can reduce token usage and improve the reliability of tool calls. Read more here: Getting started with Tool Router

The tool router generates a secure MCP URL that your agents can access to perform actions.

How the Tool Router works

The Tool Router follows a three-phase workflow:

  1. Discovery: Searches for tools matching your task and returns relevant toolkits with their details.
  2. Authentication: Checks for active connections. If missing, creates an auth config and returns a connection URL via Auth Link.
  3. Execution: Executes the action using the authenticated connection.

Step-by-step Guide

Prerequisites

Before starting, make sure you have:
  • Python 3.9 or higher
  • A Composio account with an active API key
  • Basic familiarity with Python and async programming

Getting API Keys for OpenAI and Composio

OpenAI API Key
  • Go to the OpenAI dashboard and create an API key. You'll need credits to use the models, or you can connect to another model provider.
  • Keep the API key safe.
Composio API Key
  • Log in to the Composio dashboard.
  • Navigate to your API settings and generate a new API key.
  • Store this key securely as you'll need it for authentication.

Install dependencies

bash
pip install composio pydantic-ai python-dotenv

Install the required libraries.

What's happening:

  • composio connects your agent to external SaaS tools like Control d
  • pydantic-ai lets you create structured AI agents with tool support
  • python-dotenv loads your environment variables securely from a .env file

Set up environment variables

bash
COMPOSIO_API_KEY=your_composio_api_key_here
USER_ID=your_user_id_here
OPENAI_API_KEY=your_openai_api_key

Create a .env file in your project root.

What's happening:

  • COMPOSIO_API_KEY authenticates your agent to Composio's API
  • USER_ID associates your session with your account for secure tool access
  • OPENAI_API_KEY to access OpenAI LLMs

Import dependencies

python
import asyncio
import os
from dotenv import load_dotenv
from composio import Composio
from pydantic_ai import Agent
from pydantic_ai.mcp import MCPServerStreamableHTTP

load_dotenv()
What's happening:
  • We load environment variables and import required modules
  • Composio manages connections to Control d
  • MCPServerStreamableHTTP connects to the Control d MCP server endpoint
  • Agent from Pydantic AI lets you define and run the AI assistant

Create a Tool Router Session

python
async def main():
    api_key = os.getenv("COMPOSIO_API_KEY")
    user_id = os.getenv("USER_ID")
    if not api_key or not user_id:
        raise RuntimeError("Set COMPOSIO_API_KEY and USER_ID in your environment")

    # Create a Composio Tool Router session for Control d
    composio = Composio(api_key=api_key)
    session = composio.create(
        user_id=user_id,
        toolkits=["control_d"],
    )
    url = session.mcp.url
    if not url:
        raise ValueError("Composio session did not return an MCP URL")
What's happening:
  • We're creating a Tool Router session that gives your agent access to Control d tools
  • The create method takes the user ID and specifies which toolkits should be available
  • The returned session.mcp.url is the MCP server URL that your agent will use

Initialize the Pydantic AI Agent

python
# Attach the MCP server to a Pydantic AI Agent
control_d_mcp = MCPServerStreamableHTTP(url, headers={"x-api-key": COMPOSIO_API_KEY})
agent = Agent(
    "openai:gpt-5",
    toolsets=[control_d_mcp],
    instructions=(
        "You are a Control d assistant. Use Control d tools to help users "
        "with their requests. Ask clarifying questions when needed."
    ),
)
What's happening:
  • The MCP client connects to the Control d endpoint
  • The agent uses GPT-5 to interpret user commands and perform Control d operations
  • The instructions field defines the agent's role and behavior

Build the chat interface

python
# Simple REPL with message history
history = []
print("Chat started! Type 'exit' or 'quit' to end.\n")
print("Try asking the agent to help you with Control d.\n")

while True:
    user_input = input("You: ").strip()
    if user_input.lower() in {"exit", "quit", "bye"}:
        print("\nGoodbye!")
        break
    if not user_input:
        continue

    print("\nAgent is thinking...\n", flush=True)

    async with agent.run_stream(user_input, message_history=history) as stream_result:
        collected_text = ""
        async for chunk in stream_result.stream_output():
            text_piece = None
            if isinstance(chunk, str):
                text_piece = chunk
            elif hasattr(chunk, "delta") and isinstance(chunk.delta, str):
                text_piece = chunk.delta
            elif hasattr(chunk, "text"):
                text_piece = chunk.text
            if text_piece:
                collected_text += text_piece
        result = stream_result

    print(f"Agent: {collected_text}\n")
    history = result.all_messages()
What's happening:
  • The agent reads input from the terminal and streams its response
  • Control d API calls happen automatically under the hood
  • The model keeps conversation history to maintain context across turns

Run the application

python
if __name__ == "__main__":
    asyncio.run(main())
What's happening:
  • The asyncio loop launches the agent and keeps it running until you exit

Complete Code

Here's the complete code to get you started with Control d and Pydantic AI:

python
import asyncio
import os
from dotenv import load_dotenv
from composio import Composio
from pydantic_ai import Agent
from pydantic_ai.mcp import MCPServerStreamableHTTP

load_dotenv()

async def main():
    api_key = os.getenv("COMPOSIO_API_KEY")
    user_id = os.getenv("USER_ID")
    if not api_key or not user_id:
        raise RuntimeError("Set COMPOSIO_API_KEY and USER_ID in your environment")

    # Create a Composio Tool Router session for Control d
    composio = Composio(api_key=api_key)
    session = composio.create(
        user_id=user_id,
        toolkits=["control_d"],
    )
    url = session.mcp.url
    if not url:
        raise ValueError("Composio session did not return an MCP URL")

    # Attach the MCP server to a Pydantic AI Agent
    control_d_mcp = MCPServerStreamableHTTP(url, headers={"x-api-key": COMPOSIO_API_KEY})
    agent = Agent(
        "openai:gpt-5",
        toolsets=[control_d_mcp],
        instructions=(
            "You are a Control d assistant. Use Control d tools to help users "
            "with their requests. Ask clarifying questions when needed."
        ),
    )

    # Simple REPL with message history
    history = []
    print("Chat started! Type 'exit' or 'quit' to end.\n")
    print("Try asking the agent to help you with Control d.\n")

    while True:
        user_input = input("You: ").strip()
        if user_input.lower() in {"exit", "quit", "bye"}:
            print("\nGoodbye!")
            break
        if not user_input:
            continue

        print("\nAgent is thinking...\n", flush=True)

        async with agent.run_stream(user_input, message_history=history) as stream_result:
            collected_text = ""
            async for chunk in stream_result.stream_output():
                text_piece = None
                if isinstance(chunk, str):
                    text_piece = chunk
                elif hasattr(chunk, "delta") and isinstance(chunk.delta, str):
                    text_piece = chunk.delta
                elif hasattr(chunk, "text"):
                    text_piece = chunk.text
                if text_piece:
                    collected_text += text_piece
            result = stream_result

        print(f"Agent: {collected_text}\n")
        history = result.all_messages()

if __name__ == "__main__":
    asyncio.run(main())

Conclusion

You've built a Pydantic AI agent that can interact with Control d through Composio's Tool Router. With this setup, your agent can perform real Control d actions through natural language. You can extend this further by:
  • Adding other toolkits like Gmail, HubSpot, or Salesforce
  • Building a web-based chat interface around this agent
  • Using multiple MCP endpoints to enable cross-app workflows (for example, Gmail + Control d for workflow automation)
This architecture makes your AI agent "agent-native", able to securely use APIs in a unified, composable way without custom integrations.

How to build Control d MCP Agent with another framework

OpenAI Agents SDK

OpenAI Agents SDK

Use Control d MCP with OpenAI Agents SDK

Claude Agent SDK

Claude Agent SDK

Use Control d MCP with Claude Agent SDK

Google ADK

Google ADK

Use Control d MCP with Google ADK

LangChain

LangChain

Use Control d MCP with LangChain

Vercel AI SDK

Vercel AI SDK

Use Control d MCP with Vercel AI SDK

Mastra AI

Mastra AI

Use Control d MCP with Mastra AI

LlamaIndex

LlamaIndex

Use Control d MCP with LlamaIndex

CrewAI

CrewAI

Use Control d MCP with CrewAI

FAQ

What are the differences in Tool Router MCP and Control d MCP?

With a standalone Control d MCP server, the agents and LLMs can only access a fixed set of Control d tools tied to that server. However, with the Composio Tool Router, agents can dynamically load tools from Control d and many other apps based on the task at hand, all through a single MCP endpoint.

Can I use Tool Router MCP with Pydantic AI?

Yes, you can. Pydantic AI fully supports MCP integration. You get structured tool calling, message history handling, and model orchestration while Tool Router takes care of discovering and serving the right Control d tools.

Can I manage the permissions and scopes for Control d while using Tool Router?

Yes, absolutely. You can configure which Control d scopes and actions are allowed when connecting your account to Composio. You can also bring your own OAuth credentials or API configuration so you keep full control over what the agent can do.

How safe is my data with Composio Tool Router?

All sensitive data such as tokens, keys, and configuration is fully encrypted at rest and in transit. Composio is SOC 2 Type 2 compliant and follows strict security practices so your Control d data and credentials are handled as safely as possible.

Used by agents from

Context
ASU
Letta
glean
HubSpot
Agent.ai
Altera
DataStax
Entelligence
Rolai
Context
ASU
Letta
glean
HubSpot
Agent.ai
Altera
DataStax
Entelligence
Rolai
Context
ASU
Letta
glean
HubSpot
Agent.ai
Altera
DataStax
Entelligence
Rolai

Never worry about agent reliability

We handle tool reliability, observability, and security so you never have to second-guess an agent action.

Book a call↗Get started for free