Command Code

Manage MCP Servers

Full reference for configuring, scoping, authenticating, and managing MCP servers in Command Code.

Commands

All MCP management is done through cmd mcp <subcommand>.

Add a Server

CommandDescriptionExample
cmd mcp addAdd server with CLI optionscmd mcp add --transport http notion https://mcp.notion.com/mcp
cmd mcp add-jsonAdd server from JSON configcmd mcp add-json github '{"type":"http","url":"https://..."}'

Manage Servers

CommandDescriptionExample
cmd mcp listList all configured serverscmd mcp list
cmd mcp getShow detailed config for a servercmd mcp get notion
cmd mcp removeRemove a server from configurationcmd mcp remove notion

Authentication

CommandDescriptionExample
cmd mcp auth <server>Authenticate with OAuth (opens browser)cmd mcp auth notion
cmd mcp auth --statusCheck authentication statuscmd mcp auth --status notion
cmd mcp auth --listList all servers with stored tokenscmd mcp auth --list
cmd mcp auth --clearClear stored tokenscmd mcp auth --clear notion

Scopes

MCP servers can be stored in three scopes with different visibility:

ScopeFile LocationPurpose
local~/.commandcode/projects/<slug>/mcp.jsonPrivate, per-project (default)
project.mcp.json in project rootShared, version controlled
user~/.commandcode/mcp.jsonPrivate, available across all projects

Precedence: When the same server name exists in multiple scopes, local overrides project, which overrides user.

Scope Examples

cmd mcp add --transport http notion https://mcp.notion.com/mcp
Version control

The project scope saves to .mcp.json in your project root, which is meant to be committed to Git. OAuth client secrets are automatically stripped from this file and stored securely in ~/.commandcode/mcp-tokens.json instead.

Config Schema

The configuration files follow this schema:

Config Schema

{ "mcpServers": { "my-server": { "transport": "http", "enabled": true, "url": "https://api.example.com/mcp", "headers": { "Authorization": "Bearer token" }, "env": { "API_KEY": "value" } } } }

Every MCP server is configured at a specific scope that controls visibility and sharing.

Local scope (default)

Stored in ~/.commandcode/. Only available to you for the current project.

cmd mcp add --transport http stripe https://mcp.stripe.com # Explicit: cmd mcp add --transport http stripe --scope local https://mcp.stripe.com

Project scope

Stored in .mcp.json at your project root. Checked into version control — shared with your team.

cmd mcp add --transport http stripe --scope project https://mcp.stripe.com

This creates or updates .mcp.json:

{ "mcpServers": { "stripe": { "transport": "http", "url": "https://mcp.stripe.com" } } }

User scope

Stored in ~/.commandcode/mcp.json. Available to you across all projects.

cmd mcp add --transport http stripe --scope user https://mcp.stripe.com

Authentication

OAuth Flow

Command Code supports OAuth 2.0 Authorization Code with PKCE for HTTP servers.

1

Add a server that requires OAuth

Add OAuth Server

cmd mcp add --transport http my-server https://api.example.com/mcp

If the server requires authentication, Command Code detects this automatically and starts the OAuth flow.

2

Authenticate via browser

A browser window opens for you to authorize. After you grant access, tokens are stored securely in ~/.commandcode/mcp-tokens.json.

You can also authenticate later:

Authenticate

cmd mcp auth my-server

Or use the /mcp menu inside a session to authenticate interactively.

3

Tokens refresh automatically

Tokens are refreshed automatically when they expire. If refresh fails, re-authenticate with cmd mcp auth <server>.

Token Commands

cmd mcp auth --status my-server

OAuth Flow (remote servers)

Many remote MCP servers support OAuth 2.0. Use /mcp inside Command Code to authenticate:

/mcp

Select the server and follow the browser login flow. Tokens are stored securely and refreshed automatically.

Tips:

  • Use "Clear authentication" in /mcp to revoke access
  • If your browser doesn't open automatically, copy the provided URL
  • OAuth works with HTTP and SSE transport servers

OAuth with JSON

cmd mcp add-json my-server \ '{"type":"http","url":"https://mcp.example.com/mcp","oauth":{"clientId":"your-client-id","callbackPort":8080}}' \ --client-secret

API key auth

For servers that use API keys, pass them as environment variables or headers:

# Via env cmd mcp add --transport stdio --env API_KEY=your-key my-server \ -- npx -y my-mcp-server # Via header cmd mcp add --transport http my-server https://api.example.com/mcp \ --header "Authorization: Bearer your-token"

Next steps