WWebmasterID AgentFree
Open dashboard

MCP bridge setup

Claude can read sanitised projections from your workspace through the Agent-WebmasterID MCP bridge. The bridge is read-only by default: Claude never sees provider tokens, Supabase service-role keys, raw API responses, or any tool that writes to the live web.

How it works

  1. You issue a token from /mcp inside the workspace. The plaintext is shown once for copy-paste; the server stores only a SHA-256 hash.
  2. Your local MCP client (Claude Desktop, Claude Code, VS Code) presents the Bearer token when it calls the Agent’s MCP endpoint.
  3. The agent returns sanitised projections. Only the closed allow-list of tools is implemented; forbidden tool names (raw DB query, get tokens, deploy, git push, publish, send outreach, create backlinks, shell execute, arbitrary HTTP) return a 403 even if the client supplies them.
  4. Workflows still require operator approval. Claude prepares structured prompts and analyses; the operator approves and runs each workflow on the Workflows page.

Claude Desktop

Edit claude_desktop_config.json (~/Library/Application Support/Claude/ on macOS) and add the bridge under mcpServers:

{
  "mcpServers": {
    "webmasterid-agent": {
      "command": "npx",
      "args": ["-y", "mcp-remote", "https://agent.webmasterid.com/api/mcp/sse"],
      "env": {
        "MCP_BEARER_TOKEN": "wmid_…paste_your_token…"
      }
    }
  }
}

Restart Claude Desktop. The Agent-WebmasterID tools appear in the tools panel; the operator approves every tool call.

Claude Code (CLI)

Add a project-scoped MCP entry to .claude/mcp_servers.json:

{
  "webmasterid-agent": {
    "transport": "sse",
    "url": "https://agent.webmasterid.com/api/mcp/sse",
    "headers": {
      "Authorization": "Bearer wmid_…paste_your_token…"
    }
  }
}

Re-launch the Claude Code session and check /mcp to confirm the server is connected.

VS Code (Continue / Cline / similar)

Most VS Code MCP-aware extensions accept an SSE URL + Bearer header. Configure them like this:

{
  "mcp.servers": [
    {
      "name": "webmasterid-agent",
      "transport": "sse",
      "url": "https://agent.webmasterid.com/api/mcp/sse",
      "headers": {
        "Authorization": "Bearer wmid_…paste_your_token…"
      }
    }
  ]
}

Reload the VS Code window. The extension lists the available tools; each call requires operator approval.

Troubleshooting

  • 403 forbidden: the token has been revoked or expired. Issue a new one from /mcp.
  • 401 unauthorized: the Bearer header is missing or malformed. Confirm there’s a space between Bearer and the token.
  • Tool not implemented: the client tried to call a forbidden tool name. The bridge has a closed allow-list and rejects everything else with a 403.
  • No data returned: the workspace may not have connected Google Search Console yet. Open Keyword Intelligence and connect Search Console first.

See also: workflow approval model and privacy + data handling.