How to integrate Ngrok MCP with Autogen

BOOK A CALLGET STARTED FOR FREE
Framework Integration Gradient
Ngrok Logo
AutoGen Logo
divider

Introduction

This guide walks you through connecting Ngrok to AutoGen using the Composio tool router. By the end, you'll have a working Ngrok agent that can list all active tunnels and endpoints, show https edges currently configured, list all api keys for my account, get details for a specific ip restriction through natural language commands.

This guide will help you understand how to give your AutoGen agent real control over a Ngrok account through Composio's Ngrok MCP server.

Before we dive in, let's take a quick look at the key ideas and tools involved.

TL;DR

Here's what you'll learn:
  • Get and set up your OpenAI and Composio API keys
  • Install the required dependencies for Autogen and Composio
  • Initialize Composio and create a Tool Router session for Ngrok
  • Wire that MCP URL into Autogen using McpWorkbench and StreamableHttpServerParams
  • Configure an Autogen AssistantAgent that can call Ngrok tools
  • Run a live chat loop where you ask the agent to perform Ngrok operations

What is AutoGen?

Autogen is a framework for building multi-agent conversational AI systems from Microsoft. It enables you to create agents that can collaborate, use tools, and maintain complex workflows.

Key features include:

  • Multi-Agent Systems: Build collaborative agent workflows
  • MCP Workbench: Native support for Model Context Protocol tools
  • Streaming HTTP: Connect to external services through streamable HTTP
  • AssistantAgent: Pre-built agent class for tool-using assistants

What is the Ngrok MCP server, and what's possible with it?

The Ngrok MCP server is an implementation of the Model Context Protocol that connects your AI agent and assistants like Claude, Cursor, etc directly to your Ngrok account. It provides structured and secure access to your Ngrok tunnels and API keys, so your agent can perform actions like managing endpoints, listing tunnels, handling API keys, and auditing IP restrictions on your behalf.

  • Active tunnel and endpoint monitoring: Instantly list all active tunnels and endpoints in your Ngrok account, making it simple to track running services and public URLs.
  • API key management: Programmatically create, list, and delete API keys to securely manage who and what can access your Ngrok resources.
  • HTTPS edge configuration visibility: Retrieve a comprehensive list of all HTTPS edges to review and manage how Ngrok handles encrypted traffic.
  • IP restriction and policy auditing: List and inspect all IP restrictions and policy rules, helping you enforce access control and security best practices.
  • Detailed access audit trails: Fetch details about specific IP restrictions for security audits and compliance, ensuring you always know who can access your tunnels and APIs.

Supported Tools & Triggers

Tools
Create API KeyCreates a new api key for authenticating with the ngrok api.
Delete API KeyDelete an api key by its id.
Get IP Restriction DetailsThis tool retrieves detailed information about a specific ip restriction by its id.
List API KeysThis tool lists all api keys owned by the user.
List All EndpointsList all active endpoints on the ngrok account.
List HTTPS EdgesLists all https edges in your ngrok account.
List IP Policy RulesThis tool lists all ip policy rules associated with your ngrok account.
List IP RestrictionsThis tool retrieves a list of all ip restrictions configured on the ngrok account.
List Active TunnelsList all active tunnels in the ngrok account.

What is the Composio tool router, and how does it fit here?

What is Tool Router?

Composio's Tool Router helps agents find the right tools for a task at runtime. You can plug in multiple toolkits (like Gmail, HubSpot, and GitHub), and the agent will identify the relevant app and action to complete multi-step workflows. This can reduce token usage and improve the reliability of tool calls. Read more here: Getting started with Tool Router

The tool router generates a secure MCP URL that your agents can access to perform actions.

How the Tool Router works

The Tool Router follows a three-phase workflow:

  1. Discovery: Searches for tools matching your task and returns relevant toolkits with their details.
  2. Authentication: Checks for active connections. If missing, creates an auth config and returns a connection URL via Auth Link.
  3. Execution: Executes the action using the authenticated connection.

Step-by-step Guide

Prerequisites

You will need:

  • A Composio API key
  • An OpenAI API key (used by Autogen's OpenAIChatCompletionClient)
  • A Ngrok account you can connect to Composio
  • Some basic familiarity with Autogen and Python async

Getting API Keys for OpenAI and Composio

OpenAI API Key
  • Go to the OpenAI dashboard and create an API key. You'll need credits to use the models, or you can connect to another model provider.
  • Keep the API key safe.
Composio API Key
  • Log in to the Composio dashboard.
  • Navigate to your API settings and generate a new API key.
  • Store this key securely as you'll need it for authentication.

Install dependencies

bash
pip install composio python-dotenv
pip install autogen-agentchat autogen-ext-openai autogen-ext-tools

Install Composio, Autogen extensions, and dotenv.

What's happening:

  • composio connects your agent to Ngrok via MCP
  • autogen-agentchat provides the AssistantAgent class
  • autogen-ext-openai provides the OpenAI model client
  • autogen-ext-tools provides MCP workbench support

Set up environment variables

bash
COMPOSIO_API_KEY=your-composio-api-key
OPENAI_API_KEY=your-openai-api-key
USER_ID=your-user-identifier@example.com

Create a .env file in your project folder.

What's happening:

  • COMPOSIO_API_KEY is required to talk to Composio
  • OPENAI_API_KEY is used by Autogen's OpenAI client
  • USER_ID is how Composio identifies which user's Ngrok connections to use

Import dependencies and create Tool Router session

python
import asyncio
import os
from dotenv import load_dotenv
from composio import Composio

from autogen_agentchat.agents import AssistantAgent
from autogen_ext.models.openai import OpenAIChatCompletionClient
from autogen_ext.tools.mcp import McpWorkbench, StreamableHttpServerParams

load_dotenv()

async def main():
    # Initialize Composio and create a Ngrok session
    composio = Composio(api_key=os.getenv("COMPOSIO_API_KEY"))
    session = composio.create(
        user_id=os.getenv("USER_ID"),
        toolkits=["ngrok"]
    )
    url = session.mcp.url
What's happening:
  • load_dotenv() reads your .env file
  • Composio(api_key=...) initializes the SDK
  • create(...) creates a Tool Router session that exposes Ngrok tools
  • session.mcp.url is the MCP endpoint that Autogen will connect to

Configure MCP parameters for Autogen

python
# Configure MCP server parameters for Streamable HTTP
server_params = StreamableHttpServerParams(
    url=url,
    timeout=30.0,
    sse_read_timeout=300.0,
    terminate_on_close=True,
    headers={"x-api-key": os.getenv("COMPOSIO_API_KEY")}
)

Autogen expects parameters describing how to talk to the MCP server. That is what StreamableHttpServerParams is for.

What's happening:

  • url points to the Tool Router MCP endpoint from Composio
  • timeout is the HTTP timeout for requests
  • sse_read_timeout controls how long to wait when streaming responses
  • terminate_on_close=True cleans up the MCP server process when the workbench is closed

Create the model client and agent

python
# Create model client
model_client = OpenAIChatCompletionClient(
    model="gpt-5",
    api_key=os.getenv("OPENAI_API_KEY")
)

# Use McpWorkbench as context manager
async with McpWorkbench(server_params) as workbench:
    # Create Ngrok assistant agent with MCP tools
    agent = AssistantAgent(
        name="ngrok_assistant",
        description="An AI assistant that helps with Ngrok operations.",
        model_client=model_client,
        workbench=workbench,
        model_client_stream=True,
        max_tool_iterations=10
    )

What's happening:

  • OpenAIChatCompletionClient wraps the OpenAI model for Autogen
  • McpWorkbench connects the agent to the MCP tools
  • AssistantAgent is configured with the Ngrok tools from the workbench

Run the interactive chat loop

python
print("Chat started! Type 'exit' or 'quit' to end the conversation.\n")
print("Ask any Ngrok related question or task to the agent.\n")

# Conversation loop
while True:
    user_input = input("You: ").strip()

    if user_input.lower() in ["exit", "quit", "bye"]:
        print("\nGoodbye!")
        break

    if not user_input:
        continue

    print("\nAgent is thinking...\n")

    # Run the agent with streaming
    try:
        response_text = ""
        async for message in agent.run_stream(task=user_input):
            if hasattr(message, "content") and message.content:
                response_text = message.content

        # Print the final response
        if response_text:
            print(f"Agent: {response_text}\n")
        else:
            print("Agent: I encountered an issue processing your request.\n")

    except Exception as e:
        print(f"Agent: Sorry, I encountered an error: {str(e)}\n")
What's happening:
  • The script prompts you in a loop with You:
  • Autogen passes your input to the model, which decides which Ngrok tools to call via MCP
  • agent.run_stream(...) yields streaming messages as the agent thinks and calls tools
  • Typing exit, quit, or bye ends the loop

Complete Code

Here's the complete code to get you started with Ngrok and AutoGen:

import asyncio
import os
from dotenv import load_dotenv
from composio import Composio

from autogen_agentchat.agents import AssistantAgent
from autogen_ext.models.openai import OpenAIChatCompletionClient
from autogen_ext.tools.mcp import McpWorkbench, StreamableHttpServerParams

load_dotenv()

async def main():
    # Initialize Composio and create a Ngrok session
    composio = Composio(api_key=os.getenv("COMPOSIO_API_KEY"))
    session = composio.create(
        user_id=os.getenv("USER_ID"),
        toolkits=["ngrok"]
    )
    url = session.mcp.url

    # Configure MCP server parameters for Streamable HTTP
    server_params = StreamableHttpServerParams(
        url=url,
        timeout=30.0,
        sse_read_timeout=300.0,
        terminate_on_close=True,
        headers={"x-api-key": os.getenv("COMPOSIO_API_KEY")}
    )

    # Create model client
    model_client = OpenAIChatCompletionClient(
        model="gpt-5",
        api_key=os.getenv("OPENAI_API_KEY")
    )

    # Use McpWorkbench as context manager
    async with McpWorkbench(server_params) as workbench:
        # Create Ngrok assistant agent with MCP tools
        agent = AssistantAgent(
            name="ngrok_assistant",
            description="An AI assistant that helps with Ngrok operations.",
            model_client=model_client,
            workbench=workbench,
            model_client_stream=True,
            max_tool_iterations=10
        )

        print("Chat started! Type 'exit' or 'quit' to end the conversation.\n")
        print("Ask any Ngrok related question or task to the agent.\n")

        # Conversation loop
        while True:
            user_input = input("You: ").strip()

            if user_input.lower() in ['exit', 'quit', 'bye']:
                print("\nGoodbye!")
                break

            if not user_input:
                continue

            print("\nAgent is thinking...\n")

            # Run the agent with streaming
            try:
                response_text = ""
                async for message in agent.run_stream(task=user_input):
                    if hasattr(message, 'content') and message.content:
                        response_text = message.content

                # Print the final response
                if response_text:
                    print(f"Agent: {response_text}\n")
                else:
                    print("Agent: I encountered an issue processing your request.\n")

            except Exception as e:
                print(f"Agent: Sorry, I encountered an error: {str(e)}\n")

if __name__ == "__main__":
    asyncio.run(main())

Conclusion

You now have an Autogen assistant wired into Ngrok through Composio's Tool Router and MCP. From here you can:
  • Add more toolkits to the toolkits list, for example notion or hubspot
  • Refine the agent description to point it at specific workflows
  • Wrap this script behind a UI, Slack bot, or internal tool
Once the pattern is clear for Ngrok, you can reuse the same structure for other MCP-enabled apps with minimal code changes.

How to build Ngrok MCP Agent with another framework

OpenAI Agents SDK

OpenAI Agents SDK

Use Ngrok MCP with OpenAI Agents SDK

Claude Agent SDK

Claude Agent SDK

Use Ngrok MCP with Claude Agent SDK

Google ADK

Google ADK

Use Ngrok MCP with Google ADK

LangChain

LangChain

Use Ngrok MCP with LangChain

Vercel AI SDK

Vercel AI SDK

Use Ngrok MCP with Vercel AI SDK

Mastra AI

Mastra AI

Use Ngrok MCP with Mastra AI

LlamaIndex

LlamaIndex

Use Ngrok MCP with LlamaIndex

CrewAI

CrewAI

Use Ngrok MCP with CrewAI

FAQ

What are the differences in Tool Router MCP and Ngrok MCP?

With a standalone Ngrok MCP server, the agents and LLMs can only access a fixed set of Ngrok tools tied to that server. However, with the Composio Tool Router, agents can dynamically load tools from Ngrok and many other apps based on the task at hand, all through a single MCP endpoint.

Can I use Tool Router MCP with Autogen?

Yes, you can. Autogen fully supports MCP integration. You get structured tool calling, message history handling, and model orchestration while Tool Router takes care of discovering and serving the right Ngrok tools.

Can I manage the permissions and scopes for Ngrok while using Tool Router?

Yes, absolutely. You can configure which Ngrok scopes and actions are allowed when connecting your account to Composio. You can also bring your own OAuth credentials or API configuration so you keep full control over what the agent can do.

How safe is my data with Composio Tool Router?

All sensitive data such as tokens, keys, and configuration is fully encrypted at rest and in transit. Composio is SOC 2 Type 2 compliant and follows strict security practices so your Ngrok data and credentials are handled as safely as possible.

Used by agents from

Context
Letta
glean
HubSpot
Agent.ai
Altera
DataStax
Entelligence
Rolai
Context
Letta
glean
HubSpot
Agent.ai
Altera
DataStax
Entelligence
Rolai
Context
Letta
glean
HubSpot
Agent.ai
Altera
DataStax
Entelligence
Rolai

Never worry about agent reliability

We handle tool reliability, observability, and security so you never have to second-guess an agent action.

Book a call↗Get started for free