Custom MCP Server

Connect your own self-hosted Model Context Protocol (MCP) server over HTTP.

How to connect

1. Go to Integrations → click Custom MCP Server.
2. Enter your MCP endpoint (must end with /mcp).
3. (Optional) Add HTTP headers, for example Authorization: Bearer ....
4. After connecting, Worken fetches a fresh capability snapshot and shows discovered tools, prompts, and listed resources for that server.

Requirements

• HTTP transport only. Local stdio and CLI transports are handled via the worken mcp developer CLI.
• Bot runtime remains tools-only in v1. Prompts and resources are shown in the integration view, but are not exposed to the model runtime.
• Interactive workflows that require elicitation are out of scope for v1.
• URL must be reachable from Worken and use https:// in production namespaces.
• Tools receive provider-safe IDs like mcp_custom__<integrationSlug>__<toolSlug>__<hash>. The format keeps a readable slug from the original name while staying within provider limits and avoiding collisions between servers.

Security

• URLs are validated against SSRF: localhost, private IP ranges, and link-local addresses (169.254.x.x) are rejected.
• Redirects are blocked at the HTTP transport level.
• Embedded URL credentials are rejected; secrets must be passed through headers.
• Headers (for example API tokens) are never logged and are stored encrypted or in the external secret store instead of plaintext auth_data.

When to use this

• You have an MCP server that exposes many tools and want to plug it into multiple Worken agents.
• You need to experiment with internal MCP tools without publishing them as first-class vendor integrations.

For CLI-based development or local MCP servers that are not exposed over HTTPS, use the worken mcp CLI instead of this integration.