Overview
The MCP (Model Context Protocol) Servers API allows you to manage server integrations that provide additional tools and capabilities to AI agents.
All MCP endpoints are prefixed with /api/mcp.
List MCP Servers
Retrieve accessible MCP servers:
GET /api/mcp/servers?limit=25&after=cursor_abc
Authorization: Bearer <token>
Query Parameters
Maximum number of servers to return
Search query for title/description
Response
{
"data": [
{
"name": "github-mcp",
"title": "GitHub MCP Server",
"description": "Access GitHub repositories and issues",
"command": "npx",
"args": ["-y", "@modelcontextprotocol/server-github"],
"env": {
"GITHUB_TOKEN": "${GITHUB_TOKEN}"
},
"author": "user123",
"createdAt": "2024-01-15T10:00:00Z"
}
],
"has_more": false
}
Get MCP Server
Retrieve a specific MCP server configuration:
GET /api/mcp/servers/:serverName
Authorization: Bearer <token>
Path Parameters
MCP server name/identifier
Response
Command to execute (e.g., node, python, npx)
Environment variables (values may reference user-provided vars)
OAuth configuration (if applicable)
{
"name": "github-mcp",
"title": "GitHub MCP Server",
"description": "Access GitHub repositories, issues, and pull requests",
"command": "npx",
"args": ["-y", "@modelcontextprotocol/server-github"],
"env": {
"GITHUB_TOKEN": "${GITHUB_TOKEN}"
},
"customUserVars": {
"GITHUB_TOKEN": "GitHub Personal Access Token"
},
"author": "user123",
"createdAt": "2024-01-15T10:00:00Z",
"updatedAt": "2024-01-16T09:00:00Z"
}
Create MCP Server
Create a new MCP server configuration:
POST /api/mcp/servers
Authorization: Bearer <token>
Content-Type: application/json
{
"name": "my-custom-mcp",
"title": "My Custom MCP",
"description": "Custom MCP server for special tools",
"command": "node",
"args": ["/path/to/server.js"],
"env": {
"API_KEY": "${MY_API_KEY}"
}
}
Request Body
Unique server identifier (lowercase, alphanumeric, hyphens)
Command to execute (e.g., node, python, npx)
Environment variables (can reference $)
User-provided variables with descriptions
Response
Returns the created MCP server configuration with HTTP status 201.
Update MCP Server
Update an existing MCP server:
PATCH /api/mcp/servers/:serverName
Authorization: Bearer <token>
Content-Type: application/json
{
"title": "Updated Title",
"description": "Updated description"
}
Path Parameters
Request Body
All fields are optional. Only include fields to update.
Requires EDIT permission on the MCP server.
Delete MCP Server
Delete an MCP server:
DELETE /api/mcp/servers/:serverName
Authorization: Bearer <token>
Path Parameters
MCP server identifier to delete
Response
{
"success": true,
"message": "MCP server deleted successfully"
}
GET /api/mcp/tools
Authorization: Bearer <token>
Response
Returns an array of tools from all connected MCP servers:
[
{
"name": "github_create_issue",
"description": "Create a new GitHub issue",
"inputSchema": {
"type": "object",
"properties": {
"repo": {"type": "string"},
"title": {"type": "string"},
"body": {"type": "string"}
},
"required": ["repo", "title"]
},
"serverName": "github-mcp"
}
]
Reinitialize MCP Server
Reconnect to an MCP server:
POST /api/mcp/:serverName/reinitialize
Authorization: Bearer <token>
Path Parameters
MCP server to reinitialize
Response
Whether reinitialization succeeded
Whether OAuth authentication is required
OAuth authorization URL (if required)
{
"success": true,
"message": "MCP server reinitialized successfully",
"serverName": "github-mcp",
"oauthRequired": false
}
{
"success": false,
"message": "OAuth authentication required",
"serverName": "github-mcp",
"oauthRequired": true,
"oauthUrl": "https://github.com/login/oauth/authorize?client_id=..."
}
Connection Status
Get connection status for all MCP servers:
GET /api/mcp/connection/status
Authorization: Bearer <token>
Response
{
"success": true,
"connectionStatus": {
"github-mcp": {
"connectionState": "connected",
"requiresOAuth": true,
"error": null
},
"filesystem-mcp": {
"connectionState": "disconnected",
"requiresOAuth": false,
"error": "Connection timeout"
}
}
}
Connection States
connected: Server is connected and readydisconnected: Server is not connectederror: Connection error occurredconnecting: Connection in progress
Get Single Server Status
Get connection status for a specific server:
GET /api/mcp/connection/status/:serverName
Authorization: Bearer <token>
Path Parameters
Response
{
"success": true,
"serverName": "github-mcp",
"connectionStatus": "connected",
"requiresOAuth": true
}
Check Auth Values
Check which authentication values are configured:
GET /api/mcp/:serverName/auth-values
Authorization: Bearer <token>
Path Parameters
Response
Returns boolean flags (not actual values):
{
"success": true,
"serverName": "github-mcp",
"authValueFlags": {
"GITHUB_TOKEN": true,
"GITHUB_ORG": false
}
}
OAuth Flow
Bind OAuth Flow
Set CSRF cookie before OAuth redirect:
POST /api/mcp/:serverName/oauth/bind
Authorization: Bearer <token>
Initiate OAuth
Start OAuth flow:
GET /api/mcp/:serverName/oauth/initiate?userId=user123&flowId=flow_abc
Authorization: Bearer <token>
OAuth Callback
OAuth callback endpoint (handled automatically):
GET /api/mcp/:serverName/oauth/callback?code=abc&state=xyz
Cancel OAuth
Cancel pending OAuth flow:
POST /api/mcp/oauth/cancel/:serverName
Authorization: Bearer <token>
Popular MCP Servers
GitHub
{
"name": "github",
"command": "npx",
"args": ["-y", "@modelcontextprotocol/server-github"],
"env": {
"GITHUB_TOKEN": "${GITHUB_TOKEN}"
}
}
Filesystem
{
"name": "filesystem",
"command": "npx",
"args": ["-y", "@modelcontextprotocol/server-filesystem", "/path/to/dir"],
"env": {}
}
Google Drive
{
"name": "gdrive",
"command": "npx",
"args": ["-y", "@modelcontextprotocol/server-gdrive"],
"oauth": {
"provider": "google",
"scopes": ["https://www.googleapis.com/auth/drive.readonly"]
}
}
Error Responses
Server Not Found
{
"error": "MCP server 'server-name' not found in configuration"
}
Connection Failed
{
"error": "Failed to connect to MCP server",
"serverName": "github-mcp",
"details": "Connection timeout"
}
OAuth Required
{
"error": "OAuth authentication required",
"oauthUrl": "https://..."
}
Permissions
MCP server access is controlled by permissions:
- VIEW: Can view server configuration
- EDIT: Can modify server configuration
- DELETE: Can delete server
- USE: Can use server tools in conversations
Best Practices
- Use environment variables for sensitive data (API keys, tokens)
- Test connections after creating/updating servers
- Monitor server status to detect connection issues
- Use OAuth when possible for better security
- Document custom variables with clear descriptions
- Set appropriate permissions to control server access
- Handle disconnections gracefully in your application