Skip to content

improvement(deployed-mcp): added the ability to make the visibility for deployed mcp tools public, updated UX #2853

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
waleedlatif1 merged 7 commits into from
Jan 16, 2026
Merged

improvement(deployed-mcp): added the ability to make the visibility for deployed mcp tools public, updated UX #2853

waleedlatif1 merged 7 commits into from
Jan 16, 2026
+12,761 −1,176

Conversation

@waleedlatif1
Copy link
Collaborator

@waleedlatif1 waleedlatif1 commented Jan 16, 2026

Summary

  • added the ability to make the visibility for deployed mcp tools public
  • added params for mcp tools in settings
  • improved UX overall (add to cursor, mcp.json snippet, etc)

Type of Change

  • New feature

Testing

Tested manually

Checklist

  • Code follows project style guidelines
  • Self-reviewed my changes
  • Tests added/updated and passing
  • No new warnings introduced
  • I confirm that I have read and agree to the terms outlined in the Contributor License Agreement (CLA)

@vercel
Copy link

vercel bot commented Jan 16, 2026
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

1 Skipped Deployment
Project Deployment Review Updated (UTC)
docs Skipped Skipped Jan 16, 2026 10:15pm

Request Review

@greptile-apps
Copy link
Contributor

greptile-apps bot commented Jan 16, 2026
edited
Loading

Greptile Summary

This PR adds public visibility for deployed MCP tools and significantly improves the UX for MCP server management. The implementation includes database schema changes, API route updates to conditionally bypass authentication for public servers, and extensive UI enhancements.

Key Changes

  • Public Visibility: Added isPublic boolean field to workflow_mcp_server table, allowing MCP tools to be accessed without authentication
  • Security Implementation: Public servers generate short-lived internal JWT tokens (5 min expiry) that execute workflows under the creator's user context, maintaining proper authorization
  • API Enhancements:
    • MCP serve endpoint (/api/mcp/serve/[serverId]) conditionally skips auth for public servers
    • Server creation now supports bulk workflow addition with validation (deployed status, start block checks)
    • PATCH endpoint supports updating visibility settings
  • UX Improvements:
    • New tabbed interface separating server details from workflow management
    • MCP client configuration snippets for Cursor, Claude Desktop, Claude Code, and VS Code
    • Cursor deep link integration for one-click server installation
    • "Add to Cursor" button and copyable config snippets
    • Parameter descriptions editor for MCP tool schemas
  • React Query Migration: Refactored chat and form deployment logic from manual state management to React Query hooks, improving consistency and reducing code duplication

Technical Implementation

The public visibility feature works by:

  1. When a public MCP server receives a request, authentication is skipped
  2. The system generates a temporary internal JWT token containing the server creator's user ID
  3. This token is passed to the workflow execution endpoint via Authorization header
  4. The workflow executes under the creator's permissions, ensuring proper access control
  5. Tokens expire after 5 minutes to minimize security exposure

The migration to React Query consolidates deployment logic across chat, form, and MCP deployments, creating reusable hooks in apps/sim/hooks/queries/ that handle optimistic updates and cache invalidation consistently.

Confidence Score: 4/5

  • This PR is safe to merge with minor considerations
  • The implementation is well-structured with proper security controls (short-lived tokens, execution under creator context), comprehensive validation (deployment status, start block checks), and extensive UX improvements. The React Query migration follows established patterns. One minor code duplication issue was identified but doesn't affect functionality.
  • No files require special attention - the implementation is solid across all changes

Important Files Changed

Filename Overview
packages/db/schema.ts Added isPublic boolean field to workflow_mcp_server table with default false
apps/sim/app/api/mcp/serve/[serverId]/route.ts Conditionally skips authentication for public servers and uses internal token for workflow execution, properly passes creator user ID
apps/sim/app/api/mcp/workflow-servers/route.ts Added isPublic to server creation, supports adding workflows during creation, validates deployment status and start blocks
apps/sim/app/workspace/[workspaceId]/w/components/sidebar/components/settings-modal/components/workflow-mcp-servers/workflow-mcp-servers.tsx Extensive UX improvements: tabs for details/workflows, visibility toggle, config snippets for multiple MCP clients, Cursor deep link integration
apps/sim/hooks/queries/chats.ts New file extracting chat deployment logic into React Query hooks (migration from manual state management)

Sequence Diagram

sequenceDiagram
    participant Client as MCP Client
    participant API as MCP Serve Route
    participant Auth as Authentication
    participant TokenGen as Token Generator
    participant Workflow as Workflow Executor
    participant DB as Database

    Client->>API: POST /api/mcp/serve/{serverId}
    API->>DB: Fetch server (isPublic, createdBy)
    DB-->>API: Server configuration
    
    alt Server is Public
        Note over API,Auth: Skip auth check
        API->>TokenGen: Generate temporary token
        TokenGen-->>API: Internal JWT
        API->>Workflow: Execute with owner context
    else Server is Private
        API->>Auth: Verify request credentials
        Auth-->>API: Validation result
        alt Auth Failed
            API-->>Client: 401 Unauthorized
        else Auth Success
            API->>Workflow: Execute with user context
        end
    end
    
    Workflow->>Auth: Verify credentials
    Auth-->>Workflow: Extract user context
    Workflow->>DB: Execute as workflow owner
    DB-->>Workflow: Execution results
    Workflow-->>API: Response
    API-->>Client: MCP tool output
Loading

@waleedlatif1 waleedlatif1 force-pushed the improvement/deployed-mcp branch from 26c1362 to 65b18d1 Compare January 16, 2026 20:06
@waleedlatif1
migrated chats to use reactquery, upgraded entire deploymodal to use …
b467bac 
…reactquery instead of manual state management
@waleedlatif1
Copy link
Collaborator Author

waleedlatif1 commented Jan 16, 2026

@greptile

greptile-apps[bot]
greptile-apps bot reviewed Jan 16, 2026
View reviewed changes
Copy link
Contributor

@greptile-apps greptile-apps bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

36 files reviewed, 1 comment

Edit Code Review Agent Settings | Greptile

@waleedlatif1 waleedlatif1 merged commit ce3ddb6 into staging Jan 16, 2026
6 checks passed
@waleedlatif1 waleedlatif1 mentioned this pull request Jan 16, 2026
Merged
@waleedlatif1 waleedlatif1 deleted the improvement/deployed-mcp branch January 17, 2026 00:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@greptile-apps greptile-apps[bot] greptile-apps[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@waleedlatif1