MCP Server
The CodeNOW MCP (Model Context Protocol) server allows AI assistants and tools to interact with the CodeNOW platform programmatically. MCP is an open standard that enables AI models to discover and use external tools in a structured way — the CodeNOW MCP server exposes platform operations as MCP tools that any compatible AI client can call.
Why Use the MCP Server?
While the REST API is designed for traditional integrations and automation scripts, the MCP server is optimized for AI-driven workflows. It enables AI assistants (such as Claude, Cursor, or other MCP-compatible clients) to:
- Query and manage applications, components, and deployments
- Trigger builds and deployments
- Inspect environment status and logs
- Perform platform operations using natural language through an AI assistant
Prerequisites
- A CodeNOW user account
- An MCP-compatible AI client (e.g., Claude Desktop, Claude Code, Cursor, or any client supporting the MCP standard)
Authentication
The MCP server supports two authentication methods — OAuth 2.0 and API Key. Not every MCP client supports OAuth flows and not every client supports custom HTTP headers, so both methods are provided for broad compatibility across different clients.
Option 1: OAuth 2.0 (Recommended)
When your AI client connects for the first time, you are redirected to the CodeNOW login screen. After successful login, the MCP server uses your JWT token for all subsequent requests.
This is the recommended method because it gives you access to all your accounts and does not require managing static credentials.
The OAuth flow is accessible from any MCP-compatible client running locally on your machine (e.g., Claude Code, Cursor) and from claude.ai on the web. Remote or server-side MCP clients that cannot handle browser-based OAuth redirects should use the API Key method instead.
Configuration:
{
"mcpServers": {
"codenow": {
"type": "http",
"url": "https://mcp.cloud.codenow.com/mcp",
"oauth": {
"clientId": "codenow-api-mcp",
"callbackPort": 8080
}
}
}
}
Option 2: API Key
For clients that do not support the OAuth flow, you can authenticate using a personal API key passed via a custom HTTP header. API keys are issued per user and are bound to a single account.
This method is useful when you want to connect an automated agent with limited permissions or when your MCP client does not support browser-based OAuth redirects.
To generate an API key, go to Keys & Tokens in your user profile.
Configuration:
{
"mcpServers": {
"codenow": {
"type": "http",
"url": "https://mcp.cloud.codenow.com/mcp/",
"headers": {
"X-Codenow-Api-Key": "<your-api-key>"
}
}
}
}
Keep your API key secret. Do not commit it to version control or share it publicly. If compromised, you can suspend or delete it in Keys & Tokens.
Comparison
| OAuth 2.0 | API Key | |
|---|---|---|
| Access scope | All user accounts | Single account |
| Client requirement | Must support OAuth / browser redirects | Must support custom HTTP headers |
| Best for | Interactive use with AI assistants | Automated agents, CI/CD, headless clients |
| Credential management | Automatic (token refresh) | Manual (generate, rotate, suspend) |
The exact location of the MCP configuration depends on your AI client — consult your client's documentation for details.
Available Tools
Once connected, the MCP server exposes CodeNOW platform operations as tools that the AI assistant can discover and call. The available tools mirror the capabilities of the REST API and respect the same RBAC permissions as your user account.
Security and RBAC
The MCP server enforces the same Role-Based Access Control as the REST API. All operations are executed with the permissions of the authenticated user. See Authentication for more details on the CodeNOW RBAC model.