MCP setup

Connect an AI client to GrowFlux.

GrowFlux exposes an HTTP Model Context Protocol server for customer-owned AI Agents. Use a scoped workspace key, let the Agent discover real project capabilities, and keep cost, review, OAuth, and publishing actions explicit.

Connection details

SettingValue
Server URLhttps://mcp.growflux.io
TransportHTTP, JSON-RPC 2.0 over POST
Protocol version2025-06-18
AuthenticationAuthorization: Bearer gf_live_...

Client configuration

Create a workspace API key in GrowFlux, grant only the scopes your Agent needs, and add the connection to your MCP client. The full key is shown only once.

{
  "mcpServers": {
    "growflux": {
      "type": "http",
      "url": "https://mcp.growflux.io",
      "headers": {
        "Authorization": "Bearer gf_live_YOUR_KEY"
      }
    }
  }
}

Client configuration formats vary. Keep the endpoint and authorization header the same when adapting this example to Cursor, Trae, or another compatible client.

Choose least-privilege scopes

NeedTypical scopes
Discover projects and workflowsprojects:read
Run and observe workflowsruns:write, runs:read
Read or decide reviewsreview:read, optionally review:decide
Publish approved contentpublish:write
Read performance evidencemetrics:read

Do not grant write or publishing scopes to an Agent that only needs reporting and observation.

Available tool groups

  • Agent guide, project, workflow path, version, manifest, and delivery-route discovery.
  • Saved content routines and coordinated run-group operation.
  • Test & Tune quote, start, inspect, compare, and save-draft actions.
  • Approved production run start and status/event observation.
  • Review decisions, exports, publication metrics, and workflow validation.

Exact tool schemas are returned by MCP tools/list. Agents should discover them rather than relying on a copied static list.

Current boundary

MCP is currently an operating interface for existing GrowFlux projects. It does not yet create the first project or author a complete first workflow from zero. OAuth connections remain browser consent flows, and the MCP Worker acts as a protocol adapter rather than accessing the database directly.

Questions

Is the MCP endpoint public?

The server URL is public, but every workspace action requires a valid scoped GrowFlux API key.

Does the Agent see provider secrets?

No. Provider and channel credentials stay in GrowFlux. MCP receives governed capability and status projections rather than raw stored secrets.

Should I grant every scope?

No. Start with read-only discovery scopes and add run, review, or publishing permissions only when the Agent genuinely needs them.

Is a successful tool response proof of publication?

No. Publication requires destination-specific delivery evidence; connection health and accepted scheduling intent are separate states.

Last updated: · Maintained by GrowFlux