fresh installation check

- Add embedding model to mcp handlers
- Add integration tests

.ci/integration.cloudbuild.yaml

@@ -87,7 +87,7 @@ steps:
       - "CLOUD_SQL_POSTGRES_REGION=$_REGION"
       - "SERVICE_ACCOUNT_EMAIL=$SERVICE_ACCOUNT_EMAIL"
     secretEnv:
-      ["CLOUD_SQL_POSTGRES_USER", "CLOUD_SQL_POSTGRES_PASS", "CLIENT_ID"]
+      ["CLOUD_SQL_POSTGRES_USER", "CLOUD_SQL_POSTGRES_PASS", "CLIENT_ID", "API_KEY"]
     volumes:
       - name: "go"
         path: "/gopath"
@@ -134,7 +134,7 @@ steps:
       - "ALLOYDB_POSTGRES_DATABASE=$_DATABASE_NAME"
       - "ALLOYDB_POSTGRES_REGION=$_REGION"
       - "SERVICE_ACCOUNT_EMAIL=$SERVICE_ACCOUNT_EMAIL"
-    secretEnv: ["ALLOYDB_POSTGRES_USER", "ALLOYDB_POSTGRES_PASS", "CLIENT_ID"]
+    secretEnv: ["ALLOYDB_POSTGRES_USER", "ALLOYDB_POSTGRES_PASS", "CLIENT_ID", "API_KEY"]
     volumes:
       - name: "go"
         path: "/gopath"
@@ -293,7 +293,7 @@ steps:
         .ci/test_with_coverage.sh \
           "Cloud Healthcare API" \
           cloudhealthcare \
-          cloudhealthcare || echo "Integration tests failed."
+          cloudhealthcare
 
   - id: "postgres"
     name: golang:1
@@ -305,7 +305,7 @@ steps:
       - "POSTGRES_HOST=$_POSTGRES_HOST"
       - "POSTGRES_PORT=$_POSTGRES_PORT"
       - "SERVICE_ACCOUNT_EMAIL=$SERVICE_ACCOUNT_EMAIL"
-    secretEnv: ["POSTGRES_USER", "POSTGRES_PASS", "CLIENT_ID"]
+    secretEnv: ["POSTGRES_USER", "POSTGRES_PASS", "CLIENT_ID", "API_KEY"]
     volumes:
       - name: "go"
         path: "/gopath"
@@ -964,6 +964,13 @@ steps:
 
 availableSecrets:
   secretManager:
+    # Common secrets
+    - versionName: projects/$PROJECT_ID/secrets/client_id/versions/latest
+      env: CLIENT_ID
+    - versionName: projects/$PROJECT_ID/secrets/api_key/versions/latest
+      env: API_KEY
+
+    # Resource-specific secrets
     - versionName: projects/$PROJECT_ID/secrets/cloud_sql_pg_user/versions/latest
       env: CLOUD_SQL_POSTGRES_USER
     - versionName: projects/$PROJECT_ID/secrets/cloud_sql_pg_pass/versions/latest
@@ -980,8 +987,6 @@ availableSecrets:
       env: POSTGRES_USER
     - versionName: projects/$PROJECT_ID/secrets/postgres_pass/versions/latest
       env: POSTGRES_PASS
-    - versionName: projects/$PROJECT_ID/secrets/client_id/versions/latest
-      env: CLIENT_ID
     - versionName: projects/$PROJECT_ID/secrets/neo4j_user/versions/latest
       env: NEO4J_USER
     - versionName: projects/$PROJECT_ID/secrets/neo4j_pass/versions/latest

.ci/quickstart_test/run_js_tests.sh

@@ -77,11 +77,24 @@ run_orch_test() {
     setup_orch_table
 
     cd "$orch_dir"
+
+    echo "--- Debugging npm config for $orch_name ---"
+    npm config list
+
+    echo "--- Active Registry for $orch_name ---"
+    npm config get registry
+
+    echo "--- Inspecting .npmrc files ---"
+    [ -f ".npmrc" ] && echo "Local .npmrc content:" && cat .npmrc
+    [ -f "$HOME/.npmrc" ] && echo "Global .npmrc content:" && cat "$HOME/.npmrc"
+
+    export GPKG_DEBUG=1
+
     echo "Installing dependencies for $orch_name..."
     if [ -f "package-lock.json" ]; then
-      npm ci
+      npm ci --loglevel verbose
     else
-      npm install
+      npm install --loglevel verbose
     fi
 
     cd ..

cmd/root.go

@@ -98,6 +98,7 @@ import (
 	_ "github.com/googleapis/genai-toolbox/internal/tools/cloudsql/cloudsqlgetinstances"
 	_ "github.com/googleapis/genai-toolbox/internal/tools/cloudsql/cloudsqllistdatabases"
 	_ "github.com/googleapis/genai-toolbox/internal/tools/cloudsql/cloudsqllistinstances"
+	_ "github.com/googleapis/genai-toolbox/internal/tools/cloudsql/cloudsqlrestorebackup"
 	_ "github.com/googleapis/genai-toolbox/internal/tools/cloudsql/cloudsqlwaitforoperation"
 	_ "github.com/googleapis/genai-toolbox/internal/tools/cloudsqlmssql/cloudsqlmssqlcreateinstance"
 	_ "github.com/googleapis/genai-toolbox/internal/tools/cloudsqlmysql/cloudsqlmysqlcreateinstance"
@@ -385,6 +386,7 @@ func NewCommand(opts ...Option) *Command {
 	// TODO: Insecure by default. Might consider updating this for v1.0.0
 	flags.StringSliceVar(&cmd.cfg.AllowedOrigins, "allowed-origins", []string{"*"}, "Specifies a list of origins permitted to access this server. Defaults to '*'.")
 	flags.StringSliceVar(&cmd.cfg.AllowedHosts, "allowed-hosts", []string{"*"}, "Specifies a list of hosts permitted to access this server. Defaults to '*'.")
+	flags.StringSliceVar(&cmd.cfg.UserAgentMetadata, "user-agent-metadata", []string{}, "Appends additional metadata to the User-Agent.")
 
 	// wrap RunE command so that we have access to original Command object
 	cmd.RunE = func(*cobra.Command, []string) error { return run(cmd) }

cmd/root_test.go

@@ -70,6 +70,9 @@ func withDefaults(c server.ServerConfig) server.ServerConfig {
 	if c.AllowedHosts == nil {
 		c.AllowedHosts = []string{"*"}
 	}
+	if c.UserAgentMetadata == nil {
+		c.UserAgentMetadata = []string{}
+	}
 	return c
 }
 
@@ -230,6 +233,13 @@ func TestServerConfigFlags(t *testing.T) {
 				AllowedHosts: []string{"http://foo.com", "http://bar.com"},
 			}),
 		},
+		{
+			desc: "user agent metadata",
+			args: []string{"--user-agent-metadata", "foo,bar"},
+			want: withDefaults(server.ServerConfig{
+				UserAgentMetadata: []string{"foo", "bar"},
+			}),
+		},
 	}
 	for _, tc := range tcs {
 		t.Run(tc.desc, func(t *testing.T) {
@@ -1493,7 +1503,7 @@ func TestPrebuiltTools(t *testing.T) {
 			wantToolset: server.ToolsetConfigs{
 				"cloud_sql_postgres_admin_tools": tools.ToolsetConfig{
 					Name:      "cloud_sql_postgres_admin_tools",
-					ToolNames: []string{"create_instance", "get_instance", "list_instances", "create_database", "list_databases", "create_user", "wait_for_operation", "postgres_upgrade_precheck", "clone_instance", "create_backup"},
+					ToolNames: []string{"create_instance", "get_instance", "list_instances", "create_database", "list_databases", "create_user", "wait_for_operation", "postgres_upgrade_precheck", "clone_instance", "create_backup", "restore_backup"},
 				},
 			},
 		},
@@ -1503,7 +1513,7 @@ func TestPrebuiltTools(t *testing.T) {
 			wantToolset: server.ToolsetConfigs{
 				"cloud_sql_mysql_admin_tools": tools.ToolsetConfig{
 					Name:      "cloud_sql_mysql_admin_tools",
-					ToolNames: []string{"create_instance", "get_instance", "list_instances", "create_database", "list_databases", "create_user", "wait_for_operation", "clone_instance", "create_backup"},
+					ToolNames: []string{"create_instance", "get_instance", "list_instances", "create_database", "list_databases", "create_user", "wait_for_operation", "clone_instance", "create_backup", "restore_backup"},
 				},
 			},
 		},
@@ -1513,7 +1523,7 @@ func TestPrebuiltTools(t *testing.T) {
 			wantToolset: server.ToolsetConfigs{
 				"cloud_sql_mssql_admin_tools": tools.ToolsetConfig{
 					Name:      "cloud_sql_mssql_admin_tools",
-					ToolNames: []string{"create_instance", "get_instance", "list_instances", "create_database", "list_databases", "create_user", "wait_for_operation", "clone_instance", "create_backup"},
+					ToolNames: []string{"create_instance", "get_instance", "list_instances", "create_database", "list_databases", "create_user", "wait_for_operation", "clone_instance", "create_backup", "restore_backup"},
 				},
 			},
 		},

docs/en/getting-started/quickstart/js/adk/package.json

@@ -11,7 +11,7 @@
   "author": "",
   "license": "ISC",
   "dependencies": {
-    "@google/adk": "^0.1.3",
+    "@google/adk": "^0.2.4",
     "@toolbox-sdk/adk": "^0.1.5"
   }
 }

docs/en/getting-started/quickstart/js/llamaindex/package.json

@@ -11,7 +11,7 @@
   "author": "",
   "license": "ISC",
   "dependencies": {
-    "@llamaindex/google": "^0.3.20",
+    "@llamaindex/google": "^0.4.0",
     "@llamaindex/workflow": "^1.1.22",
     "@toolbox-sdk/core": "^0.1.2",
     "llamaindex": "^0.12.0"

docs/en/how-to/connect-ide/cloud_sql_mssql_admin_mcp.md

@@ -54,6 +54,7 @@ instance, database and users:
         * `create_instance`
         * `create_user`
         * `clone_instance`
+        * `restore_backup`
 
 ## Install MCP Toolbox
 
@@ -301,6 +302,7 @@ instances and interacting with your database:
 * **wait_for_operation**: Waits for a Cloud SQL operation to complete.
 * **clone_instance**: Creates a clone of an existing Cloud SQL for SQL Server instance.
 * **create_backup**: Creates a backup on a Cloud SQL instance.
+* **restore_backup**: Restores a backup of a Cloud SQL instance.
 
 {{< notice note >}}
 Prebuilt tools are pre-1.0, so expect some tool changes between versions. LLMs

docs/en/how-to/connect-ide/cloud_sql_mysql_admin_mcp.md

@@ -54,6 +54,7 @@ database and users:
         * `create_instance`
         * `create_user`
         * `clone_instance`
+        * `restore_backup`
 
 ## Install MCP Toolbox
 
@@ -301,6 +302,7 @@ instances and interacting with your database:
 * **wait_for_operation**: Waits for a Cloud SQL operation to complete.
 * **clone_instance**: Creates a clone of an existing Cloud SQL for MySQL instance.
 * **create_backup**: Creates a backup on a Cloud SQL instance.
+* **restore_backup**: Restores a backup of a Cloud SQL instance.
 
 {{< notice note >}}
 Prebuilt tools are pre-1.0, so expect some tool changes between versions. LLMs

docs/en/how-to/connect-ide/cloud_sql_pg_admin_mcp.md

@@ -54,6 +54,7 @@ instance, database and users:
         * `create_instance`
         * `create_user`
         * `clone_instance`
+        * `restore_backup`
 
 ## Install MCP Toolbox
 
@@ -301,6 +302,7 @@ instances and interacting with your database:
 * **wait_for_operation**: Waits for a Cloud SQL operation to complete.
 * **clone_instance**: Creates a clone of an existing Cloud SQL for PostgreSQL instance.
 * **create_backup**: Creates a backup on a Cloud SQL instance.
+* **restore_backup**: Restores a backup of a Cloud SQL instance.
 
 {{< notice note >}}
 Prebuilt tools are pre-1.0, so expect some tool changes between versions. LLMs

docs/en/how-to/deploy_toolbox.md

@@ -207,6 +207,7 @@ You can connect to Toolbox Cloud Run instances directly through the SDK.
 {{< tab header="Python" lang="python" >}}
 import asyncio
 from toolbox_core import ToolboxClient, auth_methods
+from toolbox_core.protocol import Protocol
 
 # Replace with the Cloud Run service URL generated in the previous step
 URL = "https://cloud-run-url.app"
@@ -217,6 +218,7 @@ async def main():
   async with ToolboxClient(
       URL,
       client_headers={"Authorization": auth_token_provider},
+      protocol=Protocol.TOOLBOX,
   ) as toolbox:
     toolset = await toolbox.load_toolset()
     # ...
@@ -281,3 +283,5 @@ contain the specific error message needed to diagnose the problem.
   Manager, it means the Toolbox service account is missing permissions.
   - Ensure the `toolbox-identity` service account has the **Secret Manager
       Secret Accessor** (`roles/secretmanager.secretAccessor`) IAM role.
+
+- **Cloud Run Connections via IAP:** Currently we do not support Cloud Run connections via [IAP](https://docs.cloud.google.com/iap/docs/concepts-overview). Please disable IAP if you are using it.

docs/en/reference/cli.md

@@ -27,6 +27,7 @@ description: >
 |              | `--ui`                     | Launches the Toolbox UI web server.                                                                                                                                              |             |
 |              | `--allowed-origins`        | Specifies a list of origins permitted to access this server for CORs access.                                                                                                     | `*`         |
 |              | `--allowed-hosts`          | Specifies a list of hosts permitted to access this server to prevent DNS rebinding attacks.                                                                                      | `*`         |
+|              | `--user-agent-extra`       | Appends additional metadata to the User-Agent.                                                                                                                                   |             |
 | `-v`         | `--version`                | version for toolbox                                                                                                                                                              |             |
 
 ## Examples

docs/en/reference/prebuilt-tools.md

@@ -194,6 +194,7 @@ See [Usage Examples](../reference/cli.md#examples).
         * `create_instance`
         * `create_user`
         * `clone_instance`
+        * `restore_backup`
 
 *   **Tools:**
     *   `create_instance`: Creates a new Cloud SQL for MySQL instance.
@@ -205,6 +206,7 @@ See [Usage Examples](../reference/cli.md#examples).
     *   `wait_for_operation`: Waits for a Cloud SQL operation to complete.
     *   `clone_instance`: Creates a clone for an existing Cloud SQL for MySQL instance.
     *   `create_backup`: Creates a backup on a Cloud SQL instance.
+    *   `restore_backup`: Restores a backup of a Cloud SQL instance.
 
 ## Cloud SQL for PostgreSQL
 
@@ -284,6 +286,7 @@ See [Usage Examples](../reference/cli.md#examples).
         * `create_instance`
         * `create_user`
         * `clone_instance`
+        * `restore_backup`
 *   **Tools:**
     *   `create_instance`: Creates a new Cloud SQL for PostgreSQL instance.
     *   `get_instance`: Gets information about a Cloud SQL instance.
@@ -294,6 +297,7 @@ See [Usage Examples](../reference/cli.md#examples).
     *   `wait_for_operation`: Waits for a Cloud SQL operation to complete.
     *   `clone_instance`: Creates a clone for an existing Cloud SQL for PostgreSQL instance.
     *   `create_backup`: Creates a backup on a Cloud SQL instance.
+    *   `restore_backup`: Restores a backup of a Cloud SQL instance.
 
 ## Cloud SQL for SQL Server
 
@@ -347,6 +351,7 @@ See [Usage Examples](../reference/cli.md#examples).
         * `create_instance`
         * `create_user`
         * `clone_instance`
+        * `restore_backup`
 *   **Tools:**
     *   `create_instance`: Creates a new Cloud SQL for SQL Server instance.
     *   `get_instance`: Gets information about a Cloud SQL instance.
@@ -357,6 +362,7 @@ See [Usage Examples](../reference/cli.md#examples).
     *   `wait_for_operation`: Waits for a Cloud SQL operation to complete.
     *   `clone_instance`: Creates a clone for an existing Cloud SQL for SQL Server instance.
     *   `create_backup`: Creates a backup on a Cloud SQL instance.
+    *   `restore_backup`: Restores a backup of a Cloud SQL instance.
 
 ## Dataplex
 

docs/en/resources/tools/cloudgda/cloud-gda-query.md

@@ -12,6 +12,9 @@ aliases:
 
 The `cloud-gemini-data-analytics-query` tool allows you to send natural language questions to the Gemini Data Analytics API and receive structured responses containing SQL queries, natural language answers, and explanations. For details on defining data agent context for database data sources, see the official [documentation](https://docs.cloud.google.com/gemini/docs/conversational-analytics-api/data-agent-authored-context-databases).
 
+> [!NOTE]
+> Only `alloydb`, `spannerReference`, and `cloudSqlReference` are supported as [datasource references](https://clouddocs.devsite.corp.google.com/gemini/docs/conversational-analytics-api/reference/rest/v1beta/projects.locations.dataAgents#DatasourceReferences).
+
 ## Example
 
 ```yaml

docs/en/resources/tools/cloudsql/cloudsqlrestorebackup.md

@@ -0,0 +1,53 @@
+---
+title: cloud-sql-restore-backup
+type: docs
+weight: 10
+description: "Restores a backup of a Cloud SQL instance."
+---
+
+The `cloud-sql-restore-backup` tool restores a backup on a Cloud SQL instance using the Cloud SQL Admin API.
+
+{{< notice info dd>}}
+This tool uses a `source` of kind `cloud-sql-admin`.
+{{< /notice >}}
+
+## Examples
+
+Basic backup restore
+
+```yaml
+tools:
+  backup-restore-basic:
+    kind: cloud-sql-restore-backup
+    source: cloud-sql-admin-source
+    description: "Restores a backup onto the given Cloud SQL instance."
+```
+
+## Reference
+
+### Tool Configuration
+| **field**      | **type** | **required** | **description**                                  |
+| -------------- | :------: | :----------: | ------------------------------------------------ |
+| kind           | string   | true         | Must be "cloud-sql-restore-backup".              |
+| source         | string   | true         | The name of the `cloud-sql-admin` source to use. |
+| description    | string   | false        | A description of the tool.                       |
+
+### Tool Inputs
+
+| **parameter**     | **type** | **required** | **description**                                                              |
+| ------------------| :------: | :----------: | -----------------------------------------------------------------------------|
+| target_project    | string   | true         | The project ID of the instance to restore the backup onto.                   |
+| target_instance   | string   | true         | The instance to restore the backup onto. Does not include the project ID.    |
+| backup_id         | string   | true         | The identifier of the backup being restored.                                 |
+| source_project    | string   | false        | (Optional) The project ID of the instance that the backup belongs to.        |
+| source_instance   | string   | false        | (Optional) Cloud SQL instance ID of the instance that the backup belongs to. |
+
+## Usage Notes
+
+- The `backup_id` field can be a BackupRun ID (which will be an int64), backup name, or BackupDR backup name.
+- If the `backup_id` field contains a BackupRun ID (i.e. an int64), the optional fields `source_project` and `source_instance` must also be provided.
+
+## See Also
+- [Cloud SQL Admin API documentation](https://cloud.google.com/sql/docs/mysql/admin-api)
+- [Toolbox Cloud SQL tools documentation](../cloudsql)
+- [Cloud SQL Restore API documentation](https://cloud.google.com/sql/docs/mysql/backup-recovery/restoring)

docs/en/resources/tools/redis/redis.md

@@ -30,6 +30,10 @@ following config for example:
     - name: userNames
       type: array
       description: The user names to be set.  
+      items:
+          name: userName # the item name doesn't matter but it has to exist
+          type: string 
+          description: username
 ```
 
 If the input is an array of strings `["Alice", "Sid", "Bob"]`,  The final command

internal/prebuiltconfigs/tools/cloud-sql-mssql-admin.yaml

@@ -46,6 +46,9 @@ tools:
   create_backup:
     kind: cloud-sql-create-backup
     source: cloud-sql-admin-source
+  restore_backup:
+    kind: cloud-sql-restore-backup
+    source: cloud-sql-admin-source
 
 toolsets:
   cloud_sql_mssql_admin_tools:
@@ -58,3 +61,4 @@ toolsets:
     - wait_for_operation
     - clone_instance
     - create_backup
+    - restore_backup

internal/prebuiltconfigs/tools/cloud-sql-mysql-admin.yaml

@@ -46,6 +46,9 @@ tools:
   create_backup:
     kind: cloud-sql-create-backup
     source: cloud-sql-admin-source
+  restore_backup:
+    kind: cloud-sql-restore-backup
+    source: cloud-sql-admin-source
 
 toolsets:
   cloud_sql_mysql_admin_tools:
@@ -58,3 +61,4 @@ toolsets:
     - wait_for_operation
     - clone_instance
     - create_backup
+    - restore_backup

internal/prebuiltconfigs/tools/cloud-sql-postgres-admin.yaml

@@ -49,6 +49,9 @@ tools:
   create_backup:
     kind: cloud-sql-create-backup
     source: cloud-sql-admin-source
+  restore_backup:
+    kind: cloud-sql-restore-backup
+    source: cloud-sql-admin-source
 
 toolsets:
   cloud_sql_postgres_admin_tools:
@@ -62,3 +65,4 @@ toolsets:
     - postgres_upgrade_precheck
     - clone_instance
     - create_backup
+    - restore_backup

internal/server/config.go

@@ -64,12 +64,14 @@ type ServerConfig struct {
 	Stdio bool
 	// DisableReload indicates if the user has disabled dynamic reloading for Toolbox.
 	DisableReload bool
-	// UI indicates if Toolbox UI endpoints (/ui) are available
+	// UI indicates if Toolbox UI endpoints (/ui) are available.
 	UI bool
 	// Specifies a list of origins permitted to access this server.
 	AllowedOrigins []string
-	// Specifies a list of hosts permitted to access this server
+	// Specifies a list of hosts permitted to access this server.
 	AllowedHosts []string
+	// UserAgentMetadata specifies additional metadata to append to the User-Agent string.
+	UserAgentMetadata []string
 }
 
 type logFormat string

internal/server/mcp/v20241105/method.go

@@ -183,6 +183,13 @@ func toolsCallHandler(ctx context.Context, id jsonrpc.RequestId, resourceMgr *re
 	}
 	logger.DebugContext(ctx, fmt.Sprintf("invocation params: %s", params))
 
+	embeddingModels := resourceMgr.GetEmbeddingModelMap()
+	params, err = tool.EmbedParams(ctx, params, embeddingModels)
+	if err != nil {
+		err = fmt.Errorf("error embedding parameters: %w", err)
+		return jsonrpc.NewError(id, jsonrpc.INVALID_PARAMS, err.Error(), nil), err
+	}
+
 	// run tool invocation and generate response.
 	results, err := tool.Invoke(ctx, resourceMgr, params, accessToken)
 	if err != nil {

internal/server/mcp/v20250326/method.go

@@ -183,6 +183,13 @@ func toolsCallHandler(ctx context.Context, id jsonrpc.RequestId, resourceMgr *re
 	}
 	logger.DebugContext(ctx, fmt.Sprintf("invocation params: %s", params))
 
+	embeddingModels := resourceMgr.GetEmbeddingModelMap()
+	params, err = tool.EmbedParams(ctx, params, embeddingModels)
+	if err != nil {
+		err = fmt.Errorf("error embedding parameters: %w", err)
+		return jsonrpc.NewError(id, jsonrpc.INVALID_PARAMS, err.Error(), nil), err
+	}
+
 	// run tool invocation and generate response.
 	results, err := tool.Invoke(ctx, resourceMgr, params, accessToken)
 	if err != nil {

internal/server/mcp/v20250618/method.go

@@ -176,6 +176,13 @@ func toolsCallHandler(ctx context.Context, id jsonrpc.RequestId, resourceMgr *re
 	}
 	logger.DebugContext(ctx, fmt.Sprintf("invocation params: %s", params))
 
+	embeddingModels := resourceMgr.GetEmbeddingModelMap()
+	params, err = tool.EmbedParams(ctx, params, embeddingModels)
+	if err != nil {
+		err = fmt.Errorf("error embedding parameters: %w", err)
+		return jsonrpc.NewError(id, jsonrpc.INVALID_PARAMS, err.Error(), nil), err
+	}
+
 	// run tool invocation and generate response.
 	results, err := tool.Invoke(ctx, resourceMgr, params, accessToken)
 	if err != nil {

internal/server/mcp/v20251125/method.go

@@ -176,6 +176,13 @@ func toolsCallHandler(ctx context.Context, id jsonrpc.RequestId, resourceMgr *re
 	}
 	logger.DebugContext(ctx, fmt.Sprintf("invocation params: %s", params))
 
+	embeddingModels := resourceMgr.GetEmbeddingModelMap()
+	params, err = tool.EmbedParams(ctx, params, embeddingModels)
+	if err != nil {
+		err = fmt.Errorf("error embedding parameters: %w", err)
+		return jsonrpc.NewError(id, jsonrpc.INVALID_PARAMS, err.Error(), nil), err
+	}
+
 	// run tool invocation and generate response.
 	results, err := tool.Invoke(ctx, resourceMgr, params, accessToken)
 	if err != nil {

internal/server/server.go

@@ -64,7 +64,11 @@ func InitializeConfigs(ctx context.Context, cfg ServerConfig) (
 	map[string]prompts.Promptset,
 	error,
 ) {
-	ctx = util.WithUserAgent(ctx, cfg.Version)
+	metadataStr := cfg.Version
+	if len(cfg.UserAgentMetadata) > 0 {
+		metadataStr += "+" + strings.Join(cfg.UserAgentMetadata, "+")
+	}
+	ctx = util.WithUserAgent(ctx, metadataStr)
 	instrumentation, err := util.InstrumentationFromContext(ctx)
 	if err != nil {
 		panic(err)

internal/sources/cloudsqladmin/cloud_sql_admin.go

@@ -19,6 +19,7 @@ import (
 	"fmt"
 	"net/http"
 	"regexp"
+	"strconv"
 	"strings"
 	"text/template"
 	"time"
@@ -36,7 +37,10 @@ import (
 
 const SourceKind string = "cloud-sql-admin"
 
-var targetLinkRegex = regexp.MustCompile(`/projects/([^/]+)/instances/([^/]+)/databases/([^/]+)`)
+var (
+	targetLinkRegex = regexp.MustCompile(`/projects/([^/]+)/instances/([^/]+)/databases/([^/]+)`)
+	backupDRRegex   = regexp.MustCompile(`^projects/([^/]+)/locations/([^/]+)/backupVaults/([^/]+)/dataSources/([^/]+)/backups/([^/]+)$`)
+)
 
 // validate interface
 var _ sources.SourceConfig = Config{}
@@ -374,6 +378,48 @@ func (s *Source) InsertBackupRun(ctx context.Context, project, instance, locatio
 	return resp, nil
 }
 
+func (s *Source) RestoreBackup(ctx context.Context, targetProject, targetInstance, sourceProject, sourceInstance, backupID, accessToken string) (any, error) {
+	request := &sqladmin.InstancesRestoreBackupRequest{}
+
+	// There are 3 scenarios for the backup identifier:
+	// 1. The identifier is an int64 containing the timestamp of the BackupRun.
+	//    This is used to restore standard backups, and the RestoreBackupContext
+	//    field should be populated with the backup ID and source instance info.
+	// 2. The identifier is a string of the format
+	//    'projects/{project-id}/locations/{location}/backupVaults/{backupvault}/dataSources/{datasource}/backups/{backup-uid}'.
+	//    This is used to restore BackupDR backups, and the BackupdrBackup field
+	//    should be populated.
+	// 3. The identifer is a string of the format
+	//    'projects/{project-id}/backups/{backup-uid}'. In this case, the Backup
+	//    field should be populated.
+	if backupRunID, err := strconv.ParseInt(backupID, 10, 64); err == nil {
+		if sourceProject == "" || targetInstance == "" {
+			return nil, fmt.Errorf("source project and instance are required when restoring via backup ID")
+		}
+		request.RestoreBackupContext = &sqladmin.RestoreBackupContext{
+			Project:     sourceProject,
+			InstanceId:  sourceInstance,
+			BackupRunId: backupRunID,
+		}
+	} else if backupDRRegex.MatchString(backupID) {
+		request.BackupdrBackup = backupID
+	} else {
+		request.Backup = backupID
+	}
+
+	service, err := s.GetService(ctx, string(accessToken))
+	if err != nil {
+		return nil, err
+	}
+
+	resp, err := service.Instances.RestoreBackup(targetProject, targetInstance, request).Do()
+	if err != nil {
+		return nil, fmt.Errorf("error restoring backup: %w", err)
+	}
+
+	return resp, nil
+}
+
 func generateCloudSQLConnectionMessage(ctx context.Context, source *Source, logger log.Logger, opResponse map[string]any, connectionMessageTemplate string) (string, bool) {
 	operationType, ok := opResponse["operationType"].(string)
 	if !ok || operationType != "CREATE_DATABASE" {

internal/tools/alloydb/alloydbcreatecluster/alloydbcreatecluster.go

@@ -198,7 +198,3 @@ func (t Tool) RequiresClientAuthorization(resourceMgr tools.SourceProvider) (boo
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.AllParams
-}

internal/tools/alloydb/alloydbcreateinstance/alloydbcreateinstance.go

@@ -204,7 +204,3 @@ func (t Tool) RequiresClientAuthorization(resourceMgr tools.SourceProvider) (boo
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.AllParams
-}

internal/tools/alloydb/alloydbcreateuser/alloydbcreateuser.go

@@ -209,7 +209,3 @@ func (t Tool) RequiresClientAuthorization(resourceMgr tools.SourceProvider) (boo
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.AllParams
-}

internal/tools/alloydb/alloydbgetcluster/alloydbgetcluster.go

@@ -180,7 +180,3 @@ func (t Tool) RequiresClientAuthorization(resourceMgr tools.SourceProvider) (boo
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.AllParams
-}

internal/tools/alloydb/alloydbgetinstance/alloydbgetinstance.go

@@ -184,7 +184,3 @@ func (t Tool) RequiresClientAuthorization(resourceMgr tools.SourceProvider) (boo
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.AllParams
-}

internal/tools/alloydb/alloydbgetuser/alloydbgetuser.go

@@ -184,7 +184,3 @@ func (t Tool) RequiresClientAuthorization(resourceMgr tools.SourceProvider) (boo
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.AllParams
-}

internal/tools/alloydb/alloydblistclusters/alloydblistclusters.go

@@ -174,7 +174,3 @@ func (t Tool) RequiresClientAuthorization(resourceMgr tools.SourceProvider) (boo
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.AllParams
-}

internal/tools/alloydb/alloydblistinstances/alloydblistinstances.go

@@ -179,7 +179,3 @@ func (t Tool) RequiresClientAuthorization(resourceMgr tools.SourceProvider) (boo
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.AllParams
-}

internal/tools/alloydb/alloydblistusers/alloydblistusers.go

@@ -179,7 +179,3 @@ func (t Tool) RequiresClientAuthorization(resourceMgr tools.SourceProvider) (boo
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.AllParams
-}

internal/tools/alloydb/alloydbwaitforoperation/alloydbwaitforoperation.go

@@ -303,7 +303,3 @@ func (t Tool) RequiresClientAuthorization(resourceMgr tools.SourceProvider) (boo
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.AllParams
-}

internal/tools/alloydbainl/alloydbainl.go

@@ -175,7 +175,3 @@ func (t Tool) RequiresClientAuthorization(resourceMgr tools.SourceProvider) (boo
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.Parameters
-}

internal/tools/cassandra/cassandracql/cassandracql.go

@@ -150,7 +150,3 @@ var _ tools.Tool = Tool{}
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.AllParams
-}

internal/tools/cloudgda/cloudgda.go

@@ -190,7 +190,3 @@ func (t Tool) RequiresClientAuthorization(resourceMgr tools.SourceProvider) (boo
 func (t Tool) GetAuthTokenHeaderName(_ tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.AllParams
-}

internal/tools/cloudhealthcare/cloudhealthcarefhirfetchpage/cloudhealthcarefhirfetchpage.go

@@ -103,10 +103,12 @@ func (t Tool) Invoke(ctx context.Context, resourceMgr tools.SourceProvider, para
 	if !ok {
 		return nil, fmt.Errorf("invalid or missing '%s' parameter; expected a string", pageURLKey)
 	}
-
-	tokenStr, err := accessToken.ParseBearerToken()
-	if err != nil {
-		return nil, fmt.Errorf("error parsing access token: %w", err)
+	var tokenStr string
+	if source.UseClientAuthorization() {
+		tokenStr, err = accessToken.ParseBearerToken()
+		if err != nil {
+			return nil, fmt.Errorf("error parsing access token: %w", err)
+		}
 	}
 	return source.FHIRFetchPage(ctx, url, tokenStr)
 }
@@ -142,7 +144,3 @@ func (t Tool) RequiresClientAuthorization(resourceMgr tools.SourceProvider) (boo
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.Parameters
-}

internal/tools/cloudhealthcare/cloudhealthcarefhirpatienteverything/cloudhealthcarefhirpatienteverything.go

@@ -131,9 +131,12 @@ func (t Tool) Invoke(ctx context.Context, resourceMgr tools.SourceProvider, para
 		return nil, fmt.Errorf("invalid or missing '%s' parameter; expected a string", patientIDKey)
 	}
 
-	tokenStr, err := accessToken.ParseBearerToken()
-	if err != nil {
-		return nil, fmt.Errorf("error parsing access token: %w", err)
+	var tokenStr string
+	if source.UseClientAuthorization() {
+		tokenStr, err = accessToken.ParseBearerToken()
+		if err != nil {
+			return nil, fmt.Errorf("error parsing access token: %w", err)
+		}
 	}
 
 	var opts []googleapi.CallOption
@@ -193,7 +196,3 @@ func (t Tool) RequiresClientAuthorization(resourceMgr tools.SourceProvider) (boo
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.Parameters
-}

internal/tools/cloudhealthcare/cloudhealthcarefhirpatientsearch/cloudhealthcarefhirpatientsearch.go

@@ -161,9 +161,12 @@ func (t Tool) Invoke(ctx context.Context, resourceMgr tools.SourceProvider, para
 		return nil, err
 	}
 
-	tokenStr, err := accessToken.ParseBearerToken()
-	if err != nil {
-		return nil, fmt.Errorf("error parsing access token: %w", err)
+	var tokenStr string
+	if source.UseClientAuthorization() {
+		tokenStr, err = accessToken.ParseBearerToken()
+		if err != nil {
+			return nil, fmt.Errorf("error parsing access token: %w", err)
+		}
 	}
 
 	var summary bool
@@ -266,7 +269,3 @@ func (t Tool) RequiresClientAuthorization(resourceMgr tools.SourceProvider) (boo
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.Parameters
-}

internal/tools/cloudhealthcare/cloudhealthcaregetdataset/cloudhealthcaregetdataset.go

@@ -95,9 +95,12 @@ func (t Tool) Invoke(ctx context.Context, resourceMgr tools.SourceProvider, para
 	if err != nil {
 		return nil, err
 	}
-	tokenStr, err := accessToken.ParseBearerToken()
-	if err != nil {
-		return nil, fmt.Errorf("error parsing access token: %w", err)
+	var tokenStr string
+	if source.UseClientAuthorization() {
+		tokenStr, err = accessToken.ParseBearerToken()
+		if err != nil {
+			return nil, fmt.Errorf("error parsing access token: %w", err)
+		}
 	}
 	return source.GetDataset(tokenStr)
 }
@@ -133,7 +136,3 @@ func (t Tool) RequiresClientAuthorization(resourceMgr tools.SourceProvider) (boo
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.Parameters
-}

internal/tools/cloudhealthcare/cloudhealthcaregetdicomstore/cloudhealthcaregetdicomstore.go

@@ -116,9 +116,12 @@ func (t Tool) Invoke(ctx context.Context, resourceMgr tools.SourceProvider, para
 	if err != nil {
 		return nil, err
 	}
-	tokenStr, err := accessToken.ParseBearerToken()
-	if err != nil {
-		return nil, fmt.Errorf("error parsing access token: %w", err)
+	var tokenStr string
+	if source.UseClientAuthorization() {
+		tokenStr, err = accessToken.ParseBearerToken()
+		if err != nil {
+			return nil, fmt.Errorf("error parsing access token: %w", err)
+		}
 	}
 	return source.GetDICOMStore(storeID, tokenStr)
 }
@@ -154,7 +157,3 @@ func (t Tool) RequiresClientAuthorization(resourceMgr tools.SourceProvider) (boo
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.Parameters
-}

internal/tools/cloudhealthcare/cloudhealthcaregetdicomstoremetrics/cloudhealthcaregetdicomstoremetrics.go

@@ -116,9 +116,12 @@ func (t Tool) Invoke(ctx context.Context, resourceMgr tools.SourceProvider, para
 	if err != nil {
 		return nil, err
 	}
-	tokenStr, err := accessToken.ParseBearerToken()
-	if err != nil {
-		return nil, fmt.Errorf("error parsing access token: %w", err)
+	var tokenStr string
+	if source.UseClientAuthorization() {
+		tokenStr, err = accessToken.ParseBearerToken()
+		if err != nil {
+			return nil, fmt.Errorf("error parsing access token: %w", err)
+		}
 	}
 	return source.GetDICOMStoreMetrics(storeID, tokenStr)
 }
@@ -154,7 +157,3 @@ func (t Tool) RequiresClientAuthorization(resourceMgr tools.SourceProvider) (boo
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.Parameters
-}

internal/tools/cloudhealthcare/cloudhealthcaregetfhirresource/cloudhealthcaregetfhirresource.go

@@ -130,9 +130,12 @@ func (t Tool) Invoke(ctx context.Context, resourceMgr tools.SourceProvider, para
 	if !ok {
 		return nil, fmt.Errorf("invalid or missing '%s' parameter; expected a string", idKey)
 	}
-	tokenStr, err := accessToken.ParseBearerToken()
-	if err != nil {
-		return nil, fmt.Errorf("error parsing access token: %w", err)
+	var tokenStr string
+	if source.UseClientAuthorization() {
+		tokenStr, err = accessToken.ParseBearerToken()
+		if err != nil {
+			return nil, fmt.Errorf("error parsing access token: %w", err)
+		}
 	}
 	return source.GetFHIRResource(storeID, resType, resID, tokenStr)
 }
@@ -168,7 +171,3 @@ func (t Tool) RequiresClientAuthorization(resourceMgr tools.SourceProvider) (boo
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.Parameters
-}

internal/tools/cloudhealthcare/cloudhealthcaregetfhirstore/cloudhealthcaregetfhirstore.go

@@ -116,9 +116,12 @@ func (t Tool) Invoke(ctx context.Context, resourceMgr tools.SourceProvider, para
 	if err != nil {
 		return nil, err
 	}
-	tokenStr, err := accessToken.ParseBearerToken()
-	if err != nil {
-		return nil, fmt.Errorf("error parsing access token: %w", err)
+	var tokenStr string
+	if source.UseClientAuthorization() {
+		tokenStr, err = accessToken.ParseBearerToken()
+		if err != nil {
+			return nil, fmt.Errorf("error parsing access token: %w", err)
+		}
 	}
 	return source.GetFHIRStore(storeID, tokenStr)
 }
@@ -154,7 +157,3 @@ func (t Tool) RequiresClientAuthorization(resourceMgr tools.SourceProvider) (boo
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.Parameters
-}

internal/tools/cloudhealthcare/cloudhealthcaregetfhirstoremetrics/cloudhealthcaregetfhirstoremetrics.go

@@ -116,9 +116,12 @@ func (t Tool) Invoke(ctx context.Context, resourceMgr tools.SourceProvider, para
 	if err != nil {
 		return nil, err
 	}
-	tokenStr, err := accessToken.ParseBearerToken()
-	if err != nil {
-		return nil, fmt.Errorf("error parsing access token: %w", err)
+	var tokenStr string
+	if source.UseClientAuthorization() {
+		tokenStr, err = accessToken.ParseBearerToken()
+		if err != nil {
+			return nil, fmt.Errorf("error parsing access token: %w", err)
+		}
 	}
 	return source.GetFHIRStoreMetrics(storeID, tokenStr)
 }
@@ -154,7 +157,3 @@ func (t Tool) RequiresClientAuthorization(resourceMgr tools.SourceProvider) (boo
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.Parameters
-}

internal/tools/cloudhealthcare/cloudhealthcarelistdicomstores/cloudhealthcarelistdicomstores.go

@@ -95,9 +95,12 @@ func (t Tool) Invoke(ctx context.Context, resourceMgr tools.SourceProvider, para
 	if err != nil {
 		return nil, err
 	}
-	tokenStr, err := accessToken.ParseBearerToken()
-	if err != nil {
-		return nil, fmt.Errorf("error parsing access token: %w", err)
+	var tokenStr string
+	if source.UseClientAuthorization() {
+		tokenStr, err = accessToken.ParseBearerToken()
+		if err != nil {
+			return nil, fmt.Errorf("error parsing access token: %w", err)
+		}
 	}
 	return source.ListDICOMStores(tokenStr)
 }

internal/tools/cloudhealthcare/cloudhealthcarelistfhirstores/cloudhealthcarelistfhirstores.go

@@ -95,9 +95,12 @@ func (t Tool) Invoke(ctx context.Context, resourceMgr tools.SourceProvider, para
 	if err != nil {
 		return nil, err
 	}
-	tokenStr, err := accessToken.ParseBearerToken()
-	if err != nil {
-		return nil, fmt.Errorf("error parsing access token: %w", err)
+	var tokenStr string
+	if source.UseClientAuthorization() {
+		tokenStr, err = accessToken.ParseBearerToken()
+		if err != nil {
+			return nil, fmt.Errorf("error parsing access token: %w", err)
+		}
 	}
 	return source.ListFHIRStores(tokenStr)
 }
@@ -133,7 +136,3 @@ func (t Tool) RequiresClientAuthorization(resourceMgr tools.SourceProvider) (boo
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.Parameters
-}

internal/tools/cloudhealthcare/cloudhealthcareretrieverendereddicominstance/cloudhealthcareretrieverendereddicominstance.go

@@ -127,9 +127,12 @@ func (t Tool) Invoke(ctx context.Context, resourceMgr tools.SourceProvider, para
 	if err != nil {
 		return nil, err
 	}
-	tokenStr, err := accessToken.ParseBearerToken()
-	if err != nil {
-		return nil, fmt.Errorf("error parsing access token: %w", err)
+	var tokenStr string
+	if source.UseClientAuthorization() {
+		tokenStr, err = accessToken.ParseBearerToken()
+		if err != nil {
+			return nil, fmt.Errorf("error parsing access token: %w", err)
+		}
 	}
 	study, ok := params.AsMap()[studyInstanceUIDKey].(string)
 	if !ok {
@@ -181,7 +184,3 @@ func (t Tool) RequiresClientAuthorization(resourceMgr tools.SourceProvider) (boo
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.Parameters
-}

internal/tools/cloudhealthcare/cloudhealthcaresearchdicominstances/cloudhealthcaresearchdicominstances.go

@@ -140,9 +140,12 @@ func (t Tool) Invoke(ctx context.Context, resourceMgr tools.SourceProvider, para
 	if err != nil {
 		return nil, err
 	}
-	tokenStr, err := accessToken.ParseBearerToken()
-	if err != nil {
-		return nil, fmt.Errorf("error parsing access token: %w", err)
+	var tokenStr string
+	if source.UseClientAuthorization() {
+		tokenStr, err = accessToken.ParseBearerToken()
+		if err != nil {
+			return nil, fmt.Errorf("error parsing access token: %w", err)
+		}
 	}
 
 	opts, err := common.ParseDICOMSearchParameters(params, []string{sopInstanceUIDKey, patientNameKey, patientIDKey, accessionNumberKey, referringPhysicianNameKey, studyDateKey, modalityKey})
@@ -207,7 +210,3 @@ func (t Tool) RequiresClientAuthorization(resourceMgr tools.SourceProvider) (boo
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.Parameters
-}

internal/tools/cloudhealthcare/cloudhealthcaresearchdicomseries/cloudhealthcaresearchdicomseries.go

@@ -138,9 +138,12 @@ func (t Tool) Invoke(ctx context.Context, resourceMgr tools.SourceProvider, para
 	if err != nil {
 		return nil, err
 	}
-	tokenStr, err := accessToken.ParseBearerToken()
-	if err != nil {
-		return nil, fmt.Errorf("error parsing access token: %w", err)
+	var tokenStr string
+	if source.UseClientAuthorization() {
+		tokenStr, err = accessToken.ParseBearerToken()
+		if err != nil {
+			return nil, fmt.Errorf("error parsing access token: %w", err)
+		}
 	}
 
 	opts, err := common.ParseDICOMSearchParameters(params, []string{seriesInstanceUIDKey, patientNameKey, patientIDKey, accessionNumberKey, referringPhysicianNameKey, studyDateKey, modalityKey})
@@ -192,7 +195,3 @@ func (t Tool) RequiresClientAuthorization(resourceMgr tools.SourceProvider) (boo
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.Parameters
-}

internal/tools/cloudhealthcare/cloudhealthcaresearchdicomstudies/cloudhealthcaresearchdicomstudies.go

@@ -133,9 +133,12 @@ func (t Tool) Invoke(ctx context.Context, resourceMgr tools.SourceProvider, para
 	if err != nil {
 		return nil, err
 	}
-	tokenStr, err := accessToken.ParseBearerToken()
-	if err != nil {
-		return nil, fmt.Errorf("error parsing access token: %w", err)
+	var tokenStr string
+	if source.UseClientAuthorization() {
+		tokenStr, err = accessToken.ParseBearerToken()
+		if err != nil {
+			return nil, fmt.Errorf("error parsing access token: %w", err)
+		}
 	}
 	opts, err := common.ParseDICOMSearchParameters(params, []string{studyInstanceUIDKey, patientNameKey, patientIDKey, accessionNumberKey, referringPhysicianNameKey, studyDateKey})
 	if err != nil {
@@ -176,7 +179,3 @@ func (t Tool) RequiresClientAuthorization(resourceMgr tools.SourceProvider) (boo
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.Parameters
-}

internal/tools/cloudsql/cloudsqlcloneinstance/cloudsqlcloneinstance.go

@@ -187,7 +187,3 @@ func (t Tool) RequiresClientAuthorization(resourceMgr tools.SourceProvider) (boo
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.AllParams
-}

internal/tools/cloudsql/cloudsqlcreatebackup/cloudsqlcreatebackup.go

@@ -178,7 +178,3 @@ func (t Tool) RequiresClientAuthorization(resourceMgr tools.SourceProvider) (boo
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.AllParams
-}

internal/tools/cloudsql/cloudsqlcreatedatabase/cloudsqlcreatedatabase.go

@@ -175,7 +175,3 @@ func (t Tool) RequiresClientAuthorization(resourceMgr tools.SourceProvider) (boo
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.AllParams
-}

internal/tools/cloudsql/cloudsqlcreateusers/cloudsqlcreateusers.go

@@ -180,7 +180,3 @@ func (t Tool) RequiresClientAuthorization(resourceMgr tools.SourceProvider) (boo
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.AllParams
-}

internal/tools/cloudsql/cloudsqlgetinstances/cloudsqlgetinstances.go

@@ -171,7 +171,3 @@ func (t Tool) RequiresClientAuthorization(resourceMgr tools.SourceProvider) (boo
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.AllParams
-}

internal/tools/cloudsql/cloudsqllistdatabases/cloudsqllistdatabases.go

@@ -170,7 +170,3 @@ func (t Tool) RequiresClientAuthorization(resourceMgr tools.SourceProvider) (boo
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.AllParams
-}

internal/tools/cloudsql/cloudsqllistinstances/cloudsqllistinstances.go

@@ -165,7 +165,3 @@ func (t Tool) RequiresClientAuthorization(resourceMgr tools.SourceProvider) (boo
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.AllParams
-}

internal/tools/cloudsql/cloudsqlrestorebackup/cloudsqlrestorebackup.go

@@ -0,0 +1,183 @@
+// Copyright 2026 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package cloudsqlrestorebackup
+
+import (
+	"context"
+	"fmt"
+
+	"github.com/goccy/go-yaml"
+	"github.com/googleapis/genai-toolbox/internal/embeddingmodels"
+	"github.com/googleapis/genai-toolbox/internal/sources"
+	"github.com/googleapis/genai-toolbox/internal/tools"
+	"github.com/googleapis/genai-toolbox/internal/util/parameters"
+	"google.golang.org/api/sqladmin/v1"
+)
+
+const kind string = "cloud-sql-restore-backup"
+
+var _ tools.ToolConfig = Config{}
+
+type compatibleSource interface {
+	GetDefaultProject() string
+	GetService(context.Context, string) (*sqladmin.Service, error)
+	UseClientAuthorization() bool
+	RestoreBackup(ctx context.Context, targetProject, targetInstance, sourceProject, sourceInstance, backupID, accessToken string) (any, error)
+}
+
+// Config defines the configuration for the restore-backup tool.
+type Config struct {
+	Name         string   `yaml:"name" validate:"required"`
+	Kind         string   `yaml:"kind" validate:"required"`
+	Description  string   `yaml:"description"`
+	Source       string   `yaml:"source" validate:"required"`
+	AuthRequired []string `yaml:"authRequired"`
+}
+
+func init() {
+	if !tools.Register(kind, newConfig) {
+		panic(fmt.Sprintf("tool kind %q already registered", kind))
+	}
+}
+
+func newConfig(ctx context.Context, name string, decoder *yaml.Decoder) (tools.ToolConfig, error) {
+	actual := Config{Name: name}
+	if err := decoder.DecodeContext(ctx, &actual); err != nil {
+		return nil, err
+	}
+	return actual, nil
+}
+
+// ToolConfigKind returns the kind of the tool.
+func (cfg Config) ToolConfigKind() string {
+	return kind
+}
+
+// Initialize initializes the tool from the configuration.
+func (cfg Config) Initialize(srcs map[string]sources.Source) (tools.Tool, error) {
+	rawS, ok := srcs[cfg.Source]
+	if !ok {
+		return nil, fmt.Errorf("no source named %q configured", cfg.Source)
+	}
+	s, ok := rawS.(compatibleSource)
+	if !ok {
+		return nil, fmt.Errorf("invalid source for %q tool: source %q not compatible", kind, cfg.Source)
+	}
+
+	project := s.GetDefaultProject()
+	var targetProjectParam parameters.Parameter
+	if project != "" {
+		targetProjectParam = parameters.NewStringParameterWithDefault("target_project", project, "The GCP project ID. This is pre-configured; do not ask for it unless the user explicitly provides a different one.")
+	} else {
+		targetProjectParam = parameters.NewStringParameter("target_project", "The project ID")
+	}
+
+	allParameters := parameters.Parameters{
+		targetProjectParam,
+		parameters.NewStringParameter("target_instance", "Cloud SQL instance ID of the target instance. This does not include the project ID."),
+		parameters.NewStringParameter("backup_id", "Identifier of the backup being restored. Can be a BackupRun ID, backup name, or BackupDR backup name. Use the full backup ID as provided, do not try to parse it"),
+		parameters.NewStringParameterWithRequired("source_project", "GCP project ID of the instance that the backup belongs to. Only required if the backup_id is a BackupRun ID.", false),
+		parameters.NewStringParameterWithRequired("source_instance", "Cloud SQL instance ID of the instance that the backup belongs to. Only required if the backup_id is a BackupRun ID.", false),
+	}
+	paramManifest := allParameters.Manifest()
+
+	description := cfg.Description
+	if description == "" {
+		description = "Restores a backup on a Cloud SQL instance."
+	}
+
+	mcpManifest := tools.GetMcpManifest(cfg.Name, description, cfg.AuthRequired, allParameters, nil)
+
+	return Tool{
+		Config:      cfg,
+		AllParams:   allParameters,
+		manifest:    tools.Manifest{Description: description, Parameters: paramManifest, AuthRequired: cfg.AuthRequired},
+		mcpManifest: mcpManifest,
+	}, nil
+}
+
+// Tool represents the restore-backup tool.
+type Tool struct {
+	Config
+	AllParams   parameters.Parameters `yaml:"allParams"`
+	manifest    tools.Manifest
+	mcpManifest tools.McpManifest
+}
+
+func (t Tool) ToConfig() tools.ToolConfig {
+	return t.Config
+}
+
+func (t Tool) Invoke(ctx context.Context, resourceMgr tools.SourceProvider, params parameters.ParamValues, accessToken tools.AccessToken) (any, error) {
+	source, err := tools.GetCompatibleSource[compatibleSource](resourceMgr, t.Source, t.Name, t.Kind)
+	if err != nil {
+		return nil, err
+	}
+	paramsMap := params.AsMap()
+
+	targetProject, ok := paramsMap["target_project"].(string)
+	if !ok {
+		return nil, fmt.Errorf("error casting 'target_project' parameter: %v", paramsMap["target_project"])
+	}
+	targetInstance, ok := paramsMap["target_instance"].(string)
+	if !ok {
+		return nil, fmt.Errorf("error casting 'target_instance' parameter: %v", paramsMap["target_instance"])
+	}
+	backupID, ok := paramsMap["backup_id"].(string)
+	if !ok {
+		return nil, fmt.Errorf("error casting 'backup_id' parameter: %v", paramsMap["backup_id"])
+	}
+	sourceProject, _ := paramsMap["source_project"].(string)
+	sourceInstance, _ := paramsMap["source_instance"].(string)
+
+	return source.RestoreBackup(ctx, targetProject, targetInstance, sourceProject, sourceInstance, backupID, string(accessToken))
+}
+
+// ParseParams parses the parameters for the tool.
+func (t Tool) ParseParams(data map[string]any, claims map[string]map[string]any) (parameters.ParamValues, error) {
+	return parameters.ParseParams(t.AllParams, data, claims)
+}
+
+func (t Tool) EmbedParams(ctx context.Context, paramValues parameters.ParamValues, embeddingModelsMap map[string]embeddingmodels.EmbeddingModel) (parameters.ParamValues, error) {
+	return parameters.EmbedParams(ctx, t.AllParams, paramValues, embeddingModelsMap, nil)
+}
+
+// Manifest returns the tool's manifest.
+func (t Tool) Manifest() tools.Manifest {
+	return t.manifest
+}
+
+// McpManifest returns the tool's MCP manifest.
+func (t Tool) McpManifest() tools.McpManifest {
+	return t.mcpManifest
+}
+
+// Authorized checks if the tool is authorized.
+func (t Tool) Authorized(verifiedAuthServices []string) bool {
+	return true
+}
+
+func (t Tool) RequiresClientAuthorization(resourceMgr tools.SourceProvider) (bool, error) {
+	source, err := tools.GetCompatibleSource[compatibleSource](resourceMgr, t.Source, t.Name, t.Kind)
+	if err != nil {
+		return false, err
+	}
+
+	return source.UseClientAuthorization(), nil
+}
+
+func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
+	return "Authorization", nil
+}

internal/tools/cloudsql/cloudsqlrestorebackup/cloudsqlrestorebackup_test.go

@@ -0,0 +1,71 @@
+// Copyright 2026 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package cloudsqlrestorebackup_test
+
+import (
+	"testing"
+
+	yaml "github.com/goccy/go-yaml"
+	"github.com/google/go-cmp/cmp"
+	"github.com/googleapis/genai-toolbox/internal/server"
+	"github.com/googleapis/genai-toolbox/internal/testutils"
+	"github.com/googleapis/genai-toolbox/internal/tools/cloudsql/cloudsqlrestorebackup"
+)
+
+func TestParseFromYaml(t *testing.T) {
+	ctx, err := testutils.ContextWithNewLogger()
+	if err != nil {
+		t.Fatalf("unexpected error: %s", err)
+	}
+	tcs := []struct {
+		desc string
+		in   string
+		want server.ToolConfigs
+	}{
+		{
+			desc: "basic example",
+			in: `
+			tools:
+			  restore-backup-tool:
+			    kind: cloud-sql-restore-backup
+			    description: a test description
+			    source: a-source
+			`,
+			want: server.ToolConfigs{
+				"restore-backup-tool": cloudsqlrestorebackup.Config{
+					Name:         "restore-backup-tool",
+					Kind:         "cloud-sql-restore-backup",
+					Description:  "a test description",
+					Source:       "a-source",
+					AuthRequired: []string{},
+				},
+			},
+		},
+	}
+	for _, tc := range tcs {
+		t.Run(tc.desc, func(t *testing.T) {
+			got := struct {
+				Tools server.ToolConfigs `yaml:"tools"`
+			}{}
+			err := yaml.UnmarshalContext(ctx, testutils.FormatYaml(tc.in), &got)
+			if err != nil {
+				t.Fatalf("unable to unmarshal: %s", err)
+			}
+			if diff := cmp.Diff(tc.want, got.Tools); diff != "" {
+				t.Fatalf("incorrect parse: diff %v", diff)
+			}
+		})
+	}
+}

internal/tools/cloudsql/cloudsqlwaitforoperation/cloudsqlwaitforoperation.go

@@ -300,7 +300,3 @@ func (t Tool) RequiresClientAuthorization(resourceMgr tools.SourceProvider) (boo
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.AllParams
-}

internal/tools/cloudsqlmssql/cloudsqlmssqlcreateinstance/cloudsqlmssqlcreateinstance.go

@@ -204,7 +204,3 @@ func (t Tool) RequiresClientAuthorization(resourceMgr tools.SourceProvider) (boo
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.AllParams
-}

internal/tools/cloudsqlmysql/cloudsqlmysqlcreateinstance/cloudsqlmysqlcreateinstance.go

@@ -206,7 +206,3 @@ func (t Tool) RequiresClientAuthorization(resourceMgr tools.SourceProvider) (boo
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.AllParams
-}

internal/tools/couchbase/couchbase.go

@@ -142,7 +142,3 @@ func (t Tool) RequiresClientAuthorization(resourceMgr tools.SourceProvider) (boo
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.AllParams
-}

internal/tools/dataform/dataformcompilelocal/dataformcompilelocal.go

@@ -130,7 +130,3 @@ func (t Tool) RequiresClientAuthorization(resourceMgr tools.SourceProvider) (boo
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.Parameters
-}

internal/tools/elasticsearch/elasticsearchesql/elasticsearchesql.go

@@ -153,7 +153,3 @@ func (t Tool) RequiresClientAuthorization(resourceMgr tools.SourceProvider) (boo
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.Parameters
-}

internal/tools/firebird/firebirdexecutesql/firebirdexecutesql.go

@@ -138,7 +138,3 @@ func (t Tool) RequiresClientAuthorization(resourceMgr tools.SourceProvider) (boo
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.Parameters
-}

internal/tools/firebird/firebirdsql/firebirdsql.go

@@ -157,7 +157,3 @@ func (t Tool) RequiresClientAuthorization(resourceMgr tools.SourceProvider) (boo
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.AllParams
-}

internal/tools/http/http.go

@@ -287,7 +287,3 @@ func (t Tool) RequiresClientAuthorization(resourceMgr tools.SourceProvider) (boo
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.AllParams
-}

internal/tools/mindsdb/mindsdbexecutesql/mindsdbexecutesql.go

@@ -139,7 +139,3 @@ func (t Tool) RequiresClientAuthorization(resourceMgr tools.SourceProvider) (boo
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.Parameters
-}

internal/tools/mindsdb/mindsdbsql/mindsdbsql.go

@@ -151,7 +151,3 @@ func (t Tool) ToConfig() tools.ToolConfig {
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.AllParams
-}

internal/tools/mongodb/mongodbaggregate/mongodbaggregate.go

@@ -147,7 +147,3 @@ func (t Tool) ToConfig() tools.ToolConfig {
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.AllParams
-}

internal/tools/mongodb/mongodbdeleteone/mongodbdeleteone.go

@@ -152,7 +152,3 @@ func (t Tool) ToConfig() tools.ToolConfig {
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.AllParams
-}

internal/tools/mongodb/mongodbfind/mongodbfind.go

@@ -206,7 +206,3 @@ func (t Tool) ToConfig() tools.ToolConfig {
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.AllParams
-}

internal/tools/mongodb/mongodbfindone/mongodbfindone.go

@@ -169,7 +169,3 @@ func (t Tool) ToConfig() tools.ToolConfig {
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.AllParams
-}

internal/tools/mongodb/mongodbinsertmany/mongodbinsertmany.go

@@ -150,7 +150,3 @@ func (t Tool) ToConfig() tools.ToolConfig {
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.PayloadParams
-}

internal/tools/mongodb/mongodbinsertone/mongodbinsertone.go

@@ -148,7 +148,3 @@ func (t Tool) ToConfig() tools.ToolConfig {
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.PayloadParams
-}

internal/tools/mongodb/mongodbupdatemany/mongodbupdatemany.go

@@ -158,7 +158,3 @@ func (t Tool) ToConfig() tools.ToolConfig {
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.AllParams
-}

internal/tools/mongodb/mongodbupdateone/mongodbupdateone.go

@@ -159,7 +159,3 @@ func (t Tool) ToConfig() tools.ToolConfig {
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.AllParams
-}

internal/tools/mssql/mssqlexecutesql/mssqlexecutesql.go

@@ -141,7 +141,3 @@ func (t Tool) ToConfig() tools.ToolConfig {
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.Parameters
-}

internal/tools/mssql/mssqllisttables/mssqllisttables.go

@@ -399,7 +399,3 @@ func (t Tool) ToConfig() tools.ToolConfig {
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.AllParams
-}

internal/tools/mssql/mssqlsql/mssqlsql.go

@@ -157,7 +157,3 @@ func (t Tool) ToConfig() tools.ToolConfig {
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.AllParams
-}

internal/tools/mysql/mysqlexecutesql/mysqlexecutesql.go

@@ -141,7 +141,3 @@ func (t Tool) ToConfig() tools.ToolConfig {
 func (t Tool) GetAuthTokenHeaderName(_ tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.Parameters
-}

internal/tools/mysql/mysqlgetqueryplan/mysqlgetqueryplan.go

@@ -166,7 +166,3 @@ func (t Tool) ToConfig() tools.ToolConfig {
 func (t Tool) GetAuthTokenHeaderName(_ tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.Parameters
-}

internal/tools/mysql/mysqllistactivequeries/mysqllistactivequeries.go

@@ -234,7 +234,3 @@ func (t Tool) ToConfig() tools.ToolConfig {
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.allParams
-}

internal/tools/mysql/mysqllisttablefragmentation/mysqllisttablefragmentation.go

@@ -180,7 +180,3 @@ func (t Tool) ToConfig() tools.ToolConfig {
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.allParams
-}

internal/tools/mysql/mysqllisttables/mysqllisttables.go

@@ -303,7 +303,3 @@ func (t Tool) ToConfig() tools.ToolConfig {
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.AllParams
-}

internal/tools/mysql/mysqllisttablesmissinguniqueindexes/mysqllisttablesmissinguniqueindexes.go

@@ -170,7 +170,3 @@ func (t Tool) ToConfig() tools.ToolConfig {
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.allParams
-}

internal/tools/mysql/mysqlsql/mysqlsql.go

@@ -145,7 +145,3 @@ func (t Tool) ToConfig() tools.ToolConfig {
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.AllParams
-}

internal/tools/postgres/postgresdatabaseoverview/postgresdatabaseoverview.go

@@ -153,7 +153,3 @@ func (t Tool) RequiresClientAuthorization(resourceMgr tools.SourceProvider) (boo
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.allParams
-}

internal/tools/postgres/postgresgetcolumncardinality/postgresgetcolumncardinality.go

@@ -165,7 +165,3 @@ func (t Tool) RequiresClientAuthorization(resourceMgr tools.SourceProvider) (boo
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.allParams
-}

internal/tools/postgres/postgreslistactivequeries/postgreslistactivequeries.go

@@ -166,7 +166,3 @@ func (t Tool) ToConfig() tools.ToolConfig {
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.allParams
-}

internal/tools/postgres/postgreslistavailableextensions/postgreslistavailableextensions.go

@@ -20,7 +20,7 @@ import (
 
 	yaml "github.com/goccy/go-yaml"
 	"github.com/googleapis/genai-toolbox/internal/embeddingmodels"
-	"github.comcom/googleapis/genai-toolbox/internal/sources"
+	"github.com/googleapis/genai-toolbox/internal/sources"
 	"github.com/googleapis/genai-toolbox/internal/tools"
 	"github.com/googleapis/genai-toolbox/internal/util/parameters"
 	"github.com/jackc/pgx/v5/pgxpool"
@@ -85,7 +85,6 @@ func (cfg Config) Initialize(srcs map[string]sources.Source) (tools.Tool, error)
 			AuthRequired: cfg.AuthRequired,
 		},
 		mcpManifest: mcpManifest,
-		Parameters:  params,
 	}
 	return t, nil
 }
@@ -97,7 +96,6 @@ type Tool struct {
 	Config
 	manifest    tools.Manifest
 	mcpManifest tools.McpManifest
-	Parameters  parameters.Parameters
 }
 
 func (t Tool) Invoke(ctx context.Context, resourceMgr tools.SourceProvider, params parameters.ParamValues, accessToken tools.AccessToken) (any, error) {
@@ -109,11 +107,11 @@ func (t Tool) Invoke(ctx context.Context, resourceMgr tools.SourceProvider, para
 }
 
 func (t Tool) ParseParams(data map[string]any, claims map[string]map[string]any) (parameters.ParamValues, error) {
-	return parameters.ParseParams(t.Parameters, data, claims)
+	return parameters.ParamValues{}, nil
 }
 
 func (t Tool) EmbedParams(ctx context.Context, paramValues parameters.ParamValues, embeddingModelsMap map[string]embeddingmodels.EmbeddingModel) (parameters.ParamValues, error) {
-	return parameters.EmbedParams(ctx, t.Parameters, paramValues, embeddingModelsMap, nil)
+	return parameters.ParamValues{}, nil
 }
 
 func (t Tool) Manifest() tools.Manifest {
@@ -139,7 +137,3 @@ func (t Tool) ToConfig() tools.ToolConfig {
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.Parameters
-}

internal/tools/postgres/postgreslistdatabasestats/postgreslistdatabasestats.go

@@ -235,7 +235,3 @@ func (t Tool) ToConfig() tools.ToolConfig {
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.allParams
-}

internal/tools/postgres/postgreslistlocks/postgreslistlocks.go

@@ -164,7 +164,3 @@ func (t Tool) RequiresClientAuthorization(resourceMgr tools.SourceProvider) (boo
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.allParams
-}

internal/tools/postgres/postgreslistpgsettings/postgreslistpgsettings.go

@@ -161,7 +161,3 @@ func (t Tool) ToConfig() tools.ToolConfig {
 func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
 	return "Authorization", nil
 }
-
-func (t Tool) GetParameters() parameters.Parameters {
-	return t.allParams
-}