docs: add Orchestrate + ngrok setup guide

[nkanu17]

Note

Low Risk
Documentation-only change adding a new setup guide; no runtime code paths or data/security behavior are modified.

Overview
Adds a new docs/orchestrate-setup-guide.md walkthrough for exposing the local MCP agent memory server via ngrok and connecting it to IBM watsonx Orchestrate.

Includes required env vars, commands to start Redis/MCP server/ngrok, a curl-based tunnel verification step, Orchestrate configuration values (notably the required /sse suffix), plus restart and troubleshooting tips.

^{Reviewed by Cursor Bugbot for commit 4533cfc. Bugbot is set up for automated code reviews on this repo. Configure here.}

[jit-ci]

🛡️ Jit Security Scan Results

✅ No security findings were detected in this PR

---

^{Security scan by Jit}

[github-actions]

Review completed. No suggestions at this time.

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 4533cfc492

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

Use ngrok URL placeholder without duplicating scheme

Step 6 tells users to copy the full forwarding URL including https://, but the later command prepends https:// again (https://<YOUR_NGROK_URL>/sse), which yields a malformed URL when followed literally (for example https://https://...) and breaks tunnel verification and Orchestrate connection setup. Use either a host-only placeholder or the full URL consistently.

Useful? React with 👍 / 👎.

[Copilot]

Pull request overview

Adds a new documentation guide for running the Agent Memory Server MCP endpoint locally and connecting it to IBM watsonx Orchestrate through an ngrok tunnel.

Changes:

• Introduces a step-by-step Orchestrate + ngrok setup guide for MCP (SSE transport).
• Documents local Redis startup, environment variable setup, MCP server startup, and tunnel verification.
• Adds a quick restart + troubleshooting section for common local issues.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

This guide instructs users to set DISABLE_AUTH=true while also exposing the MCP server publicly via ngrok. That creates an unauthenticated, internet-reachable endpoint that can be abused. Add a prominent warning and recommend a safer alternative (e.g., keep auth enabled, use ngrok access control/basic auth, or restrict ingress) so users don’t run this configuration outside a controlled dev scenario.

[Copilot]

The SSE verification command may appear to “hang” or print nothing due to buffering, even when the tunnel works. Consider adding curl’s no-buffer flag and/or noting that --max-time 3 will intentionally terminate the stream (often with a timeout exit code) after emitting the first event.

[Copilot]

cd agent-memory-server is a hard-coded path that will fail if the repo directory is named differently or if the user is already in the repo root (as implied earlier in the guide). Consider changing this to a placeholder like cd <path-to-agent-memory-server> or removing it and explicitly stating the commands should be run from the repo root.

Suggested change

	# Terminal 2: MCP server
	cd agent-memory-server
	# Terminal 2: MCP server (run from the repo root)