Update ToolHive reference docs for v0.1.3 (#40)

github-actions[bot] · web-flow · commit 3da127e57845 · 2025-07-08T11:45:08.000-04:00
Co-authored-by: github-actions[bot] &lt;41898282+github-actions[bot]@users.noreply.github.com&gt;
diff --git a/docs/toolhive/reference/cli/thv_proxy.md b/docs/toolhive/reference/cli/thv_proxy.md
@@ -69,6 +69,7 @@ thv proxy [flags] SERVER_NAME
       --oidc-client-id string                   OIDC client ID
       --oidc-issuer string                      OIDC issuer URL (e.g., https://accounts.google.com)
       --oidc-jwks-url string                    URL to fetch the JWKS from
+      --oidc-skip-opaque-token-validation       Allow skipping validation of opaque tokens
       --port int                                Port for the HTTP proxy to listen on (host port)
       --remote-auth                             Enable OAuth authentication to remote MCP server
       --remote-auth-callback-port int           Port for OAuth callback server during remote authentication (default: 8666) (default 8666)
diff --git a/docs/toolhive/reference/cli/thv_run.md b/docs/toolhive/reference/cli/thv_run.md
@@ -62,6 +62,7 @@ thv run [flags] SERVER_OR_IMAGE_OR_PROTOCOL [-- ARGS...]
       --oidc-client-id string                 OIDC client ID
       --oidc-issuer string                    OIDC issuer URL (e.g., https://accounts.google.com)
       --oidc-jwks-url string                  URL to fetch the JWKS from
+      --oidc-skip-opaque-token-validation     Allow skipping validation of opaque tokens
       --otel-enable-prometheus-metrics-path   Enable Prometheus-style /metrics endpoint on the main transport port
       --otel-endpoint string                  OpenTelemetry OTLP endpoint URL (e.g., https://api.honeycomb.io)
       --otel-env-vars stringArray             Environment variable names to include in OpenTelemetry spans (comma-separated: ENV1,ENV2)
@@ -71,6 +72,7 @@ thv run [flags] SERVER_OR_IMAGE_OR_PROTOCOL [-- ARGS...]
       --otel-service-name string              OpenTelemetry service name (defaults to toolhive-mcp-proxy)
       --permission-profile string             Permission profile to use (none, network, or path to JSON file) (default "network")
       --port int                              Port for the HTTP proxy to listen on (host port)
+      --proxy-mode string                     Proxy mode for stdio transport (sse or streamable-http) (default "sse")
       --secret stringArray                    Specify a secret to be fetched from the secrets manager and set as an environment variable (format: NAME,target=TARGET)
       --target-host string                    Host to forward traffic to (only applicable to SSE or Streamable HTTP transport) (default "127.0.0.1")
       --target-port int                       Port for the container to expose (only applicable to SSE or Streamable HTTP transport)
diff --git a/docs/toolhive/reference/cli/thv_serve.md b/docs/toolhive/reference/cli/thv_serve.md
@@ -23,15 +23,16 @@ thv serve [flags]
 ### Options
 
 ```
-  -h, --help                    help for serve
-      --host string             Host address to bind the server to (default "127.0.0.1")
-      --oidc-audience string    Expected audience for the token
-      --oidc-client-id string   OIDC client ID
-      --oidc-issuer string      OIDC issuer URL (e.g., https://accounts.google.com)
-      --oidc-jwks-url string    URL to fetch the JWKS from
-      --openapi                 Enable OpenAPI documentation endpoints (/api/openapi.json and /api/doc)
-      --port int                Port to bind the server to (default 8080)
-      --socket string           UNIX socket path to bind the server to (overrides host and port if provided)
+  -h, --help                                help for serve
+      --host string                         Host address to bind the server to (default "127.0.0.1")
+      --oidc-audience string                Expected audience for the token
+      --oidc-client-id string               OIDC client ID
+      --oidc-issuer string                  OIDC issuer URL (e.g., https://accounts.google.com)
+      --oidc-jwks-url string                URL to fetch the JWKS from
+      --oidc-skip-opaque-token-validation   Allow skipping validation of opaque tokens
+      --openapi                             Enable OpenAPI documentation endpoints (/api/openapi.json and /api/doc)
+      --port int                            Port to bind the server to (default 8080)
+      --socket string                       UNIX socket path to bind the server to (overrides host and port if provided)
 ```
 
 ### Options inherited from parent commands
diff --git a/static/api-specs/toolhive-api.yaml b/static/api-specs/toolhive-api.yaml
@@ -362,6 +362,9 @@ components:
         permission_profile:
           description: Permission profile to apply
           type: string
+        proxy_mode:
+          description: Proxy mode to use
+          type: string
         secrets:
           description: Secret parameters to inject
           items:
@@ -470,6 +473,9 @@ components:
     v1.oidcOptions:
       description: OIDC configuration options
       properties:
+        allow_opaque_tokens:
+          description: Allow opaque tokens (non-JWT) for OIDC validation
+          type: boolean
         audience:
           description: Expected audience
           type: string
