The Codex MCP (Model Context Protocol) server allows AI agents like Claude, GitHub Copilot, and other MCP-compatible clients to interact with your documentation wiki.
Architecture inspired by streamable-mcp-server-template
-
Set an API key for security:
export MCP_API_KEY=your-secure-api-key -
Enable and start the MCP server:
# Development (with hot reload) MCP_ENABLED=true npm run dev -w server # Or use the dedicated script npm run dev:mcp -w server
-
Connect your MCP client to:
http://localhost:3002/mcp
| Variable | Default | Description |
|---|---|---|
MCP_ENABLED |
false |
Enable/disable MCP server |
MCP_PORT |
3002 |
Port for MCP server |
MCP_HOST |
0.0.0.0 |
Host to bind to |
MCP_API_KEY |
(none) | API key for authentication |
MCP_SESSION_TTL_MS |
86400000 |
Session TTL (24 hours) |
MCP_MAX_SESSIONS |
100 |
Max sessions per API key |
MCP_DEBUG |
false |
Enable debug logging |
The MCP server exposes 16 tools:
search_pages- Search documentation by query stringget_page- Read a specific page's contentcreate_page- Create a new documentation pageupdate_page- Update an existing pagedelete_page- Delete a pagerename_page- Rename a pagemove_page- Move a page to a different folder
list_folders- Get folder hierarchylist_pages- List pages in a foldercreate_folder- Create a new folderdelete_folder- Delete an empty folderrename_folder- Rename a folder
list_attachments- List attachments in a folderupload_attachment- Upload a file attachment (base64 encoded)get_attachment- Download an attachmentdelete_attachment- Delete an attachment
codex://page/{path}- Access any documentation page by pathcodex://folders- Get the complete folder structure as JSON
Set MCP_API_KEY to require authentication. Clients must provide the key via:
Authorization: Bearer <key>header, orX-Api-Key: <key>header
Important: Claude Desktop only supports stdio transport and cannot connect to HTTP-based MCP servers directly. You must use
mcp-remoteas a bridge.
Add to your Claude Desktop config (~/Library/Application Support/Claude/claude_desktop_config.json):
{
"mcpServers": {
"codex": {
"command": "npx",
"args": [
"-y",
"mcp-remote",
"http://localhost:3002/mcp",
"--header",
"Authorization: Bearer your-api-key"
]
}
}
}For a remote/production server:
{
"mcpServers": {
"codex": {
"command": "npx",
"args": [
"-y",
"mcp-remote",
"https://your-codex-server.com/mcp",
"--header",
"Authorization: Bearer your-api-key"
]
}
}
}VS Code / GitHub Copilot supports native HTTP transport, so no bridge is needed.
Configure in your VS Code settings or .vscode/mcp.json:
{
"servers": {
"codex": {
"type": "http",
"url": "http://localhost:3002/mcp",
"headers": {
"Authorization": "Bearer your-api-key"
}
}
}
}| Endpoint | Method | Description |
|---|---|---|
/health |
GET | Health check |
/.well-known/mcp |
GET | Server metadata |
/mcp |
POST | MCP JSON-RPC messages |
/mcp |
GET | SSE stream for server messages |
/mcp |
DELETE | Terminate session |
Supports MCP protocol versions:
2025-03-26(latest)2024-11-05
Uses Streamable HTTP transport for web compatibility.
- Always set
MCP_API_KEYfor authentication - Run behind a reverse proxy with HTTPS
- Use
MCP_HOST=127.0.0.1to restrict to localhost if not proxying - Set
MCP_MAX_SESSIONSappropriately for your use case
# Health check
curl http://localhost:3002/health
# Initialize session
# gitleaks:allow
curl -X POST http://localhost:3002/mcp \
-H "Content-Type: application/json" \
-H "Accept: application/json, text/event-stream" \
-H "Authorization: Bearer your-api-key" \
-d '{"jsonrpc":"2.0","method":"initialize","params":{"protocolVersion":"2024-11-05","capabilities":{},"clientInfo":{"name":"curl","version":"1.0"}},"id":1}'
# List tools (use session ID from initialize response)
# gitleaks:allow
curl -X POST http://localhost:3002/mcp \
-H "Content-Type: application/json" \
-H "Accept: application/json, text/event-stream" \
-H "Mcp-Session-Id: <session-id>" \
-d '{"jsonrpc":"2.0","method":"tools/list","id":2}'