Python SDK for interacting with the Toolbox service with LangChain
Project description
MCP Toolbox LangChain SDK
This SDK allows you to seamlessly integrate the functionalities of Toolbox into your LangChain LLM applications, enabling advanced orchestration and interaction with GenAI models.
Table of Contents
- Installation
- Quickstart
- Usage
- Transport Protocols
- Loading Tools
- Use with LangChain
- Use with LangGraph
- Manual usage
- Client to Server Authentication
- Authenticating Tools
- Binding Parameter Values
- Asynchronous Usage
Installation
pip install toolbox-langchain
Quickstart
Here's a minimal example to get you started using LangGraph:
from toolbox_langchain import ToolboxClient
from langchain_google_vertexai import ChatVertexAI
from langgraph.prebuilt import create_react_agent
async with ToolboxClient("http://127.0.0.1:5000") as toolbox:
tools = toolbox.load_toolset()
model = ChatVertexAI(model="gemini-2.0-flash-001")
agent = create_react_agent(model, tools)
prompt = "How's the weather today?"
for s in agent.stream({"messages": [("user", prompt)]}, stream_mode="values"):
message = s["messages"][-1]
if isinstance(message, tuple):
print(message)
else:
message.pretty_print()
[!TIP] For a complete, end-to-end example including setting up the service and using an SDK, see the full tutorial: Toolbox Quickstart Tutorial
Usage
Import and initialize the toolbox client.
from toolbox_langchain import ToolboxClient
# Replace with your Toolbox service's URL
async with ToolboxClient("http://127.0.0.1:5000") as toolbox:
Transport Protocols
The SDK supports multiple transport protocols for communicating with the Toolbox server. By default, the client uses the latest supported version of the Model Context Protocol (MCP).
You can explicitly select a protocol using the protocol option during client initialization. This is useful if you need to use the native Toolbox HTTP protocol or pin the client to a specific legacy version of MCP.
[!NOTE]
- Native Toolbox Transport: This uses the service's native REST over HTTP API.
- MCP Transports: These options use the Model Context Protocol over HTTP.
Supported Protocols
| Constant | Description |
|---|---|
Protocol.MCP |
(Default) Alias for the default MCP version (currently 2025-06-18). |
Protocol.TOOLBOX |
DEPRECATED: The native Toolbox HTTP protocol. Will be removed on March 4, 2026. |
Protocol.MCP_v20251125 |
MCP Protocol version 2025-11-25. |
Protocol.MCP_v20250618 |
MCP Protocol version 2025-06-18. |
Protocol.MCP_v20250326 |
MCP Protocol version 2025-03-26. |
Protocol.MCP_v20241105 |
MCP Protocol version 2024-11-05. |
[!WARNING] The Native Toolbox Protocol (
Protocol.TOOLBOX) is deprecated and will be removed on March 4, 2026. Please migrate to using the MCP Protocol (Protocol.MCP), which is the default.
Example
If you wish to use the native Toolbox protocol:
from toolbox_langchain import ToolboxClient
from toolbox_core.protocol import Protocol
async with ToolboxClient("http://127.0.0.1:5000", protocol=Protocol.TOOLBOX) as toolbox:
# Use client
pass
If you want to pin the MCP Version 2025-03-26:
from toolbox_langchain import ToolboxClient
from toolbox_core.protocol import Protocol
async with ToolboxClient("http://127.0.0.1:5000", protocol=Protocol.MCP_v20250326) as toolbox:
# Use client
pass
Loading Tools
Load a toolset
A toolset is a collection of related tools. You can load all tools in a toolset or a specific one:
# Load all tools
tools = toolbox.load_toolset()
# Load a specific toolset
tools = toolbox.load_toolset("my-toolset")
Load a single tool
tool = toolbox.load_tool("my-tool")
Loading individual tools gives you finer-grained control over which tools are available to your LLM agent.
Use with LangChain
LangChain's agents can dynamically choose and execute tools based on the user input. Include tools loaded from the Toolbox SDK in the agent's toolkit:
from langchain_google_vertexai import ChatVertexAI
model = ChatVertexAI(model="gemini-2.0-flash-001")
# Initialize agent with tools
agent = model.bind_tools(tools)
# Run the agent
result = agent.invoke("Do something with the tools")
Use with LangGraph
Integrate the Toolbox SDK with LangGraph to use Toolbox service tools within a graph-based workflow. Follow the official guide with minimal changes.
Represent Tools as Nodes
Represent each tool as a LangGraph node, encapsulating the tool's execution within the node's functionality:
from toolbox_langchain import ToolboxClient
from langgraph.graph import StateGraph, MessagesState
from langgraph.prebuilt import ToolNode
# Define the function that calls the model
def call_model(state: MessagesState):
messages = state['messages']
response = model.invoke(messages)
return {"messages": [response]} # Return a list to add to existing messages
model = ChatVertexAI(model="gemini-2.0-flash-001")
builder = StateGraph(MessagesState)
tool_node = ToolNode(tools)
builder.add_node("agent", call_model)
builder.add_node("tools", tool_node)
Connect Tools with LLM
Connect tool nodes with LLM nodes. The LLM decides which tool to use based on input or context. Tool output can be fed back into the LLM:
from typing import Literal
from langgraph.graph import END, START
from langchain_core.messages import HumanMessage
# Define the function that determines whether to continue or not
def should_continue(state: MessagesState) -> Literal["tools", END]:
messages = state['messages']
last_message = messages[-1]
if last_message.tool_calls:
return "tools" # Route to "tools" node if LLM makes a tool call
return END # Otherwise, stop
builder.add_edge(START, "agent")
builder.add_conditional_edges("agent", should_continue)
builder.add_edge("tools", 'agent')
graph = builder.compile()
graph.invoke({"messages": [HumanMessage(content="Do something with the tools")]})
Manual usage
Execute a tool manually using the invoke method:
result = tools[0].invoke({"name": "Alice", "age": 30})
This is useful for testing tools or when you need precise control over tool execution outside of an agent framework.
Client to Server Authentication
This section describes how to authenticate the ToolboxClient itself when connecting to a Toolbox server instance that requires authentication. This is crucial for securing your Toolbox server endpoint, especially when deployed on platforms like Cloud Run, GKE, or any environment where unauthenticated access is restricted.
This client-to-server authentication ensures that the Toolbox server can verify the identity of the client making the request before any tool is loaded or called. It is different from Authenticating Tools, which deals with providing credentials for specific tools within an already connected Toolbox session.
When is Client-to-Server Authentication Needed?
You'll need this type of authentication if your Toolbox server is configured to deny unauthenticated requests. For example:
- Your Toolbox server is deployed on Cloud Run and configured to "Require authentication."
- Your server is behind an Identity-Aware Proxy (IAP) or a similar authentication layer.
- You have custom authentication middleware on your self-hosted Toolbox server.
Without proper client authentication in these scenarios, attempts to connect or
make calls (like load_tool) will likely fail with Unauthorized errors.
How it works
The ToolboxClient allows you to specify functions (or coroutines for the async
client) that dynamically generate HTTP headers for every request sent to the
Toolbox server. The most common use case is to add an Authorization header with
a bearer token (e.g., a Google ID token).
These header-generating functions are called just before each request, ensuring that fresh credentials or header values can be used.
Configuration
You can configure these dynamic headers as follows:
from toolbox_langchain import ToolboxClient
async with ToolboxClient(
"toolbox-url",
client_headers={"header1": header1_getter, "header2": header2_getter, ...}
) as client:
Authenticating with Google Cloud Servers
For Toolbox servers hosted on Google Cloud (e.g., Cloud Run) and requiring
Google ID token authentication, the helper module
auth_methods provides utility functions.
Step by Step Guide for Cloud Run
-
Configure Permissions: Grant the
roles/run.invokerIAM role on the Cloud Run service to the principal. This could be youruser account emailor aservice account. -
Configure Credentials
- Local Development: Set up ADC.
- Google Cloud Environments: When running within Google Cloud (e.g., Compute Engine, GKE, another Cloud Run service, Cloud Functions), ADC is typically configured automatically, using the environment's default service account.
-
Connect to the Toolbox Server
from toolbox_langchain import ToolboxClient from toolbox_core import auth_methods auth_token_provider = auth_methods.aget_google_id_token(URL) # can also use sync method async with ToolboxClient( URL, client_headers={"Authorization": auth_token_provider}, ) as client: tools = client.load_toolset() # Now, you can use the client as usual.
Authenticating Tools
[!WARNING] Always use HTTPS to connect your application with the Toolbox service, especially when using tools with authentication configured. Using HTTP exposes your application to serious security risks.
Some tools require user authentication to access sensitive data.
Supported Authentication Mechanisms
Toolbox currently supports authentication using the OIDC protocol with ID tokens (not access tokens) for Google OAuth 2.0.
Configure Tools
Refer to these instructions on configuring tools for authenticated parameters.
Configure SDK
You need a method to retrieve an ID token from your authentication service:
async def get_auth_token():
# ... Logic to retrieve ID token (e.g., from local storage, OAuth flow)
# This example just returns a placeholder. Replace with your actual token retrieval.
return "YOUR_ID_TOKEN" # Placeholder
Add Authentication to a Tool
async with ToolboxClient("http://127.0.0.1:5000") as toolbox:
tools = toolbox.load_toolset()
auth_tool = tools[0].add_auth_token_getter("my_auth", get_auth_token) # Single token
multi_auth_tool = tools[0].add_auth_token_getters({"auth_1": get_auth_1}, {"auth_2": get_auth_2}) # Multiple tokens
# OR
auth_tools = [tool.add_auth_token_getter("my_auth", get_auth_token) for tool in tools]
Add Authentication While Loading
auth_tool = toolbox.load_tool(auth_token_getters={"my_auth": get_auth_token})
auth_tools = toolbox.load_toolset(auth_token_getters={"my_auth": get_auth_token})
[!NOTE] Adding auth tokens during loading only affect the tools loaded within that call.
Complete Example
import asyncio
from toolbox_langchain import ToolboxClient
async def get_auth_token():
# ... Logic to retrieve ID token (e.g., from local storage, OAuth flow)
# This example just returns a placeholder. Replace with your actual token retrieval.
return "YOUR_ID_TOKEN" # Placeholder
async with ToolboxClient("http://127.0.0.1:5000") as toolbox:
tool = toolbox.load_tool("my-tool")
auth_tool = tool.add_auth_token_getter("my_auth", get_auth_token)
result = auth_tool.invoke({"input": "some input"})
print(result)
Binding Parameter Values
Predetermine values for tool parameters using the SDK. These values won't be modified by the LLM. This is useful for:
- Protecting sensitive information: API keys, secrets, etc.
- Enforcing consistency: Ensuring specific values for certain parameters.
- Pre-filling known data: Providing defaults or context.
Binding Parameters to a Tool
async with ToolboxClient("http://127.0.0.1:5000") as toolbox:
tools = toolbox.load_toolset()
bound_tool = tool[0].bind_param("param", "value") # Single param
multi_bound_tool = tools[0].bind_params({"param1": "value1", "param2": "value2"}) # Multiple params
# OR
bound_tools = [tool.bind_param("param", "value") for tool in tools]
Binding Parameters While Loading
bound_tool = toolbox.load_tool("my-tool", bound_params={"param": "value"})
bound_tools = toolbox.load_toolset(bound_params={"param": "value"})
[!NOTE] Bound values during loading only affect the tools loaded in that call.
Binding Dynamic Values
Use a function to bind dynamic values:
def get_dynamic_value():
# Logic to determine the value
return "dynamic_value"
dynamic_bound_tool = tool.bind_param("param", get_dynamic_value)
[!IMPORTANT] You don't need to modify tool configurations to bind parameter values.
Asynchronous Usage
For better performance through cooperative
multitasking, you can
use the asynchronous interfaces of the ToolboxClient.
[!Note] Asynchronous interfaces like
aload_toolandaload_toolsetrequire an asynchronous environment. For guidance on running asynchronous Python programs, see asyncio documentation.
import asyncio
from toolbox_langchain import ToolboxClient
async def main():
async with ToolboxClient("http://127.0.0.1:5000") as toolbox:
tool = await client.aload_tool("my-tool")
tools = await client.aload_toolset()
response = await tool.ainvoke()
if __name__ == "__main__":
asyncio.run(main())
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file toolbox_langchain-0.5.9.tar.gz.
File metadata
- Download URL: toolbox_langchain-0.5.9.tar.gz
- Upload date:
- Size: 27.1 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.2.0 CPython/3.11.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
def2cbafcaad9388680b64c7e54da0a766ad5cff3aeaa8d8060a28dd2efff85f
|
|
| MD5 |
e66778154d83a5436608074f12e0827c
|
|
| BLAKE2b-256 |
3fcdd5e2b267f9c3e03c1e4e3ff37c83e7fcb586cd95d4684a3907df92ee179e
|
Provenance
The following attestation bundles were made for toolbox_langchain-0.5.9.tar.gz:
Publisher:
google-cloud-sdk-py@oss-exit-gate-prod.iam.gserviceaccount.com
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
toolbox_langchain-0.5.9.tar.gz -
Subject digest:
def2cbafcaad9388680b64c7e54da0a766ad5cff3aeaa8d8060a28dd2efff85f - Sigstore transparency entry: 954838646
- Sigstore integration time:
-
Token Issuer:
https://accounts.google.com -
Service Account:
google-cloud-sdk-py@oss-exit-gate-prod.iam.gserviceaccount.com
-
Statement type:
File details
Details for the file toolbox_langchain-0.5.9-py3-none-any.whl.
File metadata
- Download URL: toolbox_langchain-0.5.9-py3-none-any.whl
- Upload date:
- Size: 16.1 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.2.0 CPython/3.11.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
75a959596ac892a099a387e628dce65ebaa309f6692a51b82b573a888aa14326
|
|
| MD5 |
eedf1a88fad8d1947f6a0f5aa18ce312
|
|
| BLAKE2b-256 |
99693047709228d5ba1115428f7815557a94583a899dc40e3822952d23d3b111
|
Provenance
The following attestation bundles were made for toolbox_langchain-0.5.9-py3-none-any.whl:
Publisher:
google-cloud-sdk-py@oss-exit-gate-prod.iam.gserviceaccount.com
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
toolbox_langchain-0.5.9-py3-none-any.whl -
Subject digest:
75a959596ac892a099a387e628dce65ebaa309f6692a51b82b573a888aa14326 - Sigstore transparency entry: 954838641
- Sigstore integration time:
-
Token Issuer:
https://accounts.google.com -
Service Account:
google-cloud-sdk-py@oss-exit-gate-prod.iam.gserviceaccount.com
-
Statement type: