VibeLogin MCP
Add authentication to your app - no code, no config, never leave your IDE
@vibelogin/mcp
Add authentication to your app without leaving your IDE. MCP server for Cursor, Claude Code, Windsurf, and Cline.
Just say "add authentication to my app" — the agent creates your project, configures auth methods, wires up Google OAuth, and scaffolds a working sign-in flow into your codebase. All from your editor's chat.
Install
No global install needed. Wire it into your MCP client config once and it runs on demand via bunx.
Client configuration
One snippet works in every client. Paste this into your MCP settings and you're done.
{
"mcpServers": {
"vibelogin": {
"command": "bunx",
"args": ["@vibelogin/mcp"]
}
}
}
The first tool call opens a browser for one-click consent. After that, tokens are cached under ~/.vibelogin/credentials.json — you won't be asked to log in again for 30 days.
Claude Desktop / Claude Code
~/Library/Application Support/Claude/claude_desktop_config.json (macOS):
{
"mcpServers": {
"vibelogin": {
"command": "bunx",
"args": ["@vibelogin/mcp"]
}
}
}
Cursor
~/.cursor/mcp.json (or per-project .cursor/mcp.json):
{
"mcpServers": {
"vibelogin": {
"command": "bunx",
"args": ["@vibelogin/mcp"]
}
}
}
Windsurf / Cline / Zed
Same shape — every MCP client accepts a command + args block. The one-liner above works in all of them.
That's it — no environment variables needed. Defaults point to production automatically.
Authentication
On first use, a browser window opens for one-click consent. After that, you're authenticated for 30 days — no further prompts.
Tools
The agent picks the right tools automatically based on your conversation. Just say what you need.
create_project
Creates a new VibeLogin project in your org. Returns the project's id, slug, oauthSlug, environment, publishable key, and secret key (shown once).
| Param | Type | Required | Description |
|---|---|---|---|
name | string | yes | Human-readable project name. |
slug | string | no | URL-safe slug; auto-generated from name if omitted. |
environment | enum | no | production | development | staging (default production). |
list_projects
Lists every project in your org. Use this when the agent needs to discover what already exists before creating something new.
No parameters.
get_project
Look up a single project by id, slug, or oauthSlug.
| Param | Type | Required | Description |
|---|---|---|---|
idOrSlug | string | yes | Project id, slug, or oauthSlug. |
configure_auth
Toggle auth methods, set redirect URLs, and/or wire up Google OAuth. Field-level updates — anything you don't set is left untouched.
| Param | Type | Required | Description |
|---|---|---|---|
projectId | string | yes | The project's id. |
methods.emailPassword | boolean | no | Enable email + password sign-in. |
methods.magicLink | boolean | no | Enable magic link emails. |
methods.emailOtp | boolean | no | Enable 6-digit email OTP codes. |
methods.passwordReset | boolean | no | Enable password reset emails. |
methods.emailVerification | boolean | no | Require email verification on signup. |
google.clientId | string | with google | Google OAuth client ID (from Google Cloud Console). |
google.clientSecret | string | with google | Google OAuth client secret. |
google.enabled | boolean | no | Default true. |
redirectUrls | string[] | no | Overwrites the project's allowed redirect URL list. |
If you call this without google, the response includes the exact Google Cloud Console URL + redirect URI you need to set up the credentials.
add_auth_to_project
Scaffold a working sign-in flow into your codebase. Detects the framework from package.json and writes non-destructive files (existing files are skipped, never clobbered).
Supported frameworks today: Next.js (App Router), Vite + React. Refused with guidance: Remix, Astro, Express, unknown.
| Param | Type | Required | Description |
|---|---|---|---|
projectDir | string | yes | Absolute path to the project root. |
slug | string | yes | The project's oauthSlug (from create_project). |
publishableKey | string | yes | The project's publishable key. |
appUrl | string | yes | Your app's origin (e.g. https://myapp.com). |
Files written for Next.js
middleware.ts # hostedAuthMiddleware
app/auth/callback/route.ts # createCallbackHandler
app/login/page.tsx # <VibeLogin />
.env.local.example # publishable key + secret placeholder
Next steps printed by the tool:
pnpm add @vibelogin/nextjs- Copy
.env.local.example→.env.local, fillVIBELOGIN_SECRET_KEY pnpm dev→ open/login
Files written for Vite + React
src/auth/VibeLoginProvider.tsx # context + useVibeLogin() hook
src/auth/Login.tsx # /login redirect to hosted UI
src/auth/Callback.tsx # /auth/callback handler
.env.example # VITE_-prefixed publishable key
Next steps printed by the tool:
pnpm add @vibelogin/react react-router-dom- Wrap
<App/>in<VibeLoginProvider/> - Add routes
/loginand/auth/callback - Copy
.env.example→.env.local pnpm dev→ open/login
Example conversations
You: "Add VibeLogin to this Next.js app. Email + password and Google sign-in."
Agent: (calls
create_project { name: "myapp", environment: "production" }) Createdmyapp(pk_live_…). (callsconfigure_auth { projectId, methods: { emailPassword: true } }) Email + password enabled. To turn on Google, I need a Client ID and Secret from Google Cloud Console — here's the redirect URI to authorize:https://api.vibelogin.com/oauth/myapp-xyz/google/callback. (after you paste creds:) (callsconfigure_auth { google: { clientId, clientSecret } }) (callsadd_auth_to_project { projectDir: ".", slug: "myapp-xyz", publishableKey: "pk_live_…", appUrl: "https://myapp.com" }) Scaffold complete (next). Wrotemiddleware.ts,app/auth/callback/route.ts,app/login/page.tsx,.env.local.example. Runpnpm add @vibelogin/nextjs && pnpm devand open/login.
You: "What projects do I have already?"
Agent: (calls
list_projects) You have 3:myapp(production),myapp-staging(staging),internal-tools(development).
Security
- No secrets in the agent — authentication uses loopback OAuth + PKCE (RFC 8252)
- Single-use authorization codes with 2-minute TTL
- Rotated refresh tokens — every refresh invalidates the previous one
- Credentials stored securely —
chmod 600on~/.vibelogin/credentials.json
Supported frameworks
| Framework | Status |
|---|---|
| Next.js (App Router) | Fully supported |
| Vite + React | Fully supported |
| Remix, Astro, Express | Coming soon |
License
Apache-2.0
Server Terkait
Scout Monitoring MCP
sponsorPut performance and error data directly in the hands of your AI assistant.
Alpha Vantage MCP Server
sponsorAccess financial market data: realtime & historical stock, ETF, options, forex, crypto, commodities, fundamentals, technical indicators, & more
Ollama MCP Server
A bridge to use local LLMs from Ollama within the Model Context Protocol.
mcp-sync
Sync MCP server configurations across various AI coding tools.
SheetsData
Instant access to electronic component datasheets for AI agents — specs, pinouts, package info, and absolute max ratings extracted from manufacturer PDFs on demand.
MCP Chart Server
Create real-time TradingView chart visualizations using the Chart-IMG API.
Authless Remote MCP Server
An authentication-free remote MCP server designed for deployment on Cloudflare Workers.
SMART-E2B
Integrates E2B for secure code execution in cloud sandboxes, designed for Claude AI Desktop.
Harness
Access and interact with Harness platform data, including pipelines, repositories, logs, and artifact registries.
NeuroDev MCP Server
A powerful Model Context Protocol (MCP) server that supercharges your Python development workflow with AI-powered code review, intelligent test generation, and comprehensive test execution.
SSE MCP Server Example
An example MCP Server demonstrating Server-Sent Events (SSE) usage.
Sistema de Predicción Energética con IA
An AI-powered system for analyzing and predicting domestic energy consumption. It offers precise forecasts, historical pattern analysis, and personalized optimization recommendations through a conversational interface.