VibeLogin MCP
Add authentication to your app - no code, no config, never leave your IDE
@vibelogin/mcp
Add authentication to your app without leaving your IDE. MCP server for Cursor, Claude Code, Windsurf, and Cline.
Just say "add authentication to my app" — the agent creates your project, configures auth methods, wires up Google OAuth, and scaffolds a working sign-in flow into your codebase. All from your editor's chat.
Install
No global install needed. Wire it into your MCP client config once and it runs on demand via bunx.
Client configuration
One snippet works in every client. Paste this into your MCP settings and you're done.
{
"mcpServers": {
"vibelogin": {
"command": "bunx",
"args": ["@vibelogin/mcp"]
}
}
}
The first tool call opens a browser for one-click consent. After that, tokens are cached under ~/.vibelogin/credentials.json — you won't be asked to log in again for 30 days.
Claude Desktop / Claude Code
~/Library/Application Support/Claude/claude_desktop_config.json (macOS):
{
"mcpServers": {
"vibelogin": {
"command": "bunx",
"args": ["@vibelogin/mcp"]
}
}
}
Cursor
~/.cursor/mcp.json (or per-project .cursor/mcp.json):
{
"mcpServers": {
"vibelogin": {
"command": "bunx",
"args": ["@vibelogin/mcp"]
}
}
}
Windsurf / Cline / Zed
Same shape — every MCP client accepts a command + args block. The one-liner above works in all of them.
That's it — no environment variables needed. Defaults point to production automatically.
Authentication
On first use, a browser window opens for one-click consent. After that, you're authenticated for 30 days — no further prompts.
Tools
The agent picks the right tools automatically based on your conversation. Just say what you need.
create_project
Creates a new VibeLogin project in your org. Returns the project's id, slug, oauthSlug, environment, publishable key, and secret key (shown once).
| Param | Type | Required | Description |
|---|---|---|---|
name | string | yes | Human-readable project name. |
slug | string | no | URL-safe slug; auto-generated from name if omitted. |
environment | enum | no | production | development | staging (default production). |
list_projects
Lists every project in your org. Use this when the agent needs to discover what already exists before creating something new.
No parameters.
get_project
Look up a single project by id, slug, or oauthSlug.
| Param | Type | Required | Description |
|---|---|---|---|
idOrSlug | string | yes | Project id, slug, or oauthSlug. |
configure_auth
Toggle auth methods, set redirect URLs, and/or wire up Google OAuth. Field-level updates — anything you don't set is left untouched.
| Param | Type | Required | Description |
|---|---|---|---|
projectId | string | yes | The project's id. |
methods.emailPassword | boolean | no | Enable email + password sign-in. |
methods.magicLink | boolean | no | Enable magic link emails. |
methods.emailOtp | boolean | no | Enable 6-digit email OTP codes. |
methods.passwordReset | boolean | no | Enable password reset emails. |
methods.emailVerification | boolean | no | Require email verification on signup. |
google.clientId | string | with google | Google OAuth client ID (from Google Cloud Console). |
google.clientSecret | string | with google | Google OAuth client secret. |
google.enabled | boolean | no | Default true. |
redirectUrls | string[] | no | Overwrites the project's allowed redirect URL list. |
If you call this without google, the response includes the exact Google Cloud Console URL + redirect URI you need to set up the credentials.
add_auth_to_project
Scaffold a working sign-in flow into your codebase. Detects the framework from package.json and writes non-destructive files (existing files are skipped, never clobbered).
Supported frameworks today: Next.js (App Router), Vite + React. Refused with guidance: Remix, Astro, Express, unknown.
| Param | Type | Required | Description |
|---|---|---|---|
projectDir | string | yes | Absolute path to the project root. |
slug | string | yes | The project's oauthSlug (from create_project). |
publishableKey | string | yes | The project's publishable key. |
appUrl | string | yes | Your app's origin (e.g. https://myapp.com). |
Files written for Next.js
middleware.ts # hostedAuthMiddleware
app/auth/callback/route.ts # createCallbackHandler
app/login/page.tsx # <VibeLogin />
.env.local.example # publishable key + secret placeholder
Next steps printed by the tool:
pnpm add @vibelogin/nextjs- Copy
.env.local.example→.env.local, fillVIBELOGIN_SECRET_KEY pnpm dev→ open/login
Files written for Vite + React
src/auth/VibeLoginProvider.tsx # context + useVibeLogin() hook
src/auth/Login.tsx # /login redirect to hosted UI
src/auth/Callback.tsx # /auth/callback handler
.env.example # VITE_-prefixed publishable key
Next steps printed by the tool:
pnpm add @vibelogin/react react-router-dom- Wrap
<App/>in<VibeLoginProvider/> - Add routes
/loginand/auth/callback - Copy
.env.example→.env.local pnpm dev→ open/login
Example conversations
You: "Add VibeLogin to this Next.js app. Email + password and Google sign-in."
Agent: (calls
create_project { name: "myapp", environment: "production" }) Createdmyapp(pk_live_…). (callsconfigure_auth { projectId, methods: { emailPassword: true } }) Email + password enabled. To turn on Google, I need a Client ID and Secret from Google Cloud Console — here's the redirect URI to authorize:https://api.vibelogin.com/oauth/myapp-xyz/google/callback. (after you paste creds:) (callsconfigure_auth { google: { clientId, clientSecret } }) (callsadd_auth_to_project { projectDir: ".", slug: "myapp-xyz", publishableKey: "pk_live_…", appUrl: "https://myapp.com" }) Scaffold complete (next). Wrotemiddleware.ts,app/auth/callback/route.ts,app/login/page.tsx,.env.local.example. Runpnpm add @vibelogin/nextjs && pnpm devand open/login.
You: "What projects do I have already?"
Agent: (calls
list_projects) You have 3:myapp(production),myapp-staging(staging),internal-tools(development).
Security
- No secrets in the agent — authentication uses loopback OAuth + PKCE (RFC 8252)
- Single-use authorization codes with 2-minute TTL
- Rotated refresh tokens — every refresh invalidates the previous one
- Credentials stored securely —
chmod 600on~/.vibelogin/credentials.json
Supported frameworks
| Framework | Status |
|---|---|
| Next.js (App Router) | Fully supported |
| Vite + React | Fully supported |
| Remix, Astro, Express | Coming soon |
License
Apache-2.0
Похожие серверы
Scout Monitoring MCP
спонсорPut performance and error data directly in the hands of your AI assistant.
Alpha Vantage MCP Server
спонсорAccess financial market data: realtime & historical stock, ETF, options, forex, crypto, commodities, fundamentals, technical indicators, & more
Agent Module
Deterministic compliance and vertical knowledge bases for autonomous agents. Free 24hr trial.
mcpproxy-go
Open-source local MCP proxy server. Routes multiple MCP servers through a single endpoint with BM25 tool filtering, quarantine security, activity logging, and web UI.
Dieter Rams
Evaluates product designs against Dieter Rams' 10 principles of good design.
PlantUML-MCP-Server
MCP server that provides PlantUML diagram generation capabilities
GoPeak
The most comprehensive MCP server for Godot Engine. 95+ tools for scene management, GDScript LSP, DAP debugging, screenshot capture, input injection, and CC0 asset library.
Shipyard
The Shipyard CLI provides an MCP server for agents to manage Shipyard environments directly: by pulling logs, comparing branches, running tests, and stopping/starting environments..
Openapi MCP
An MCP server that lets LLMs inspect and interact with OpenAPI specifications.
Read Docs MCP
Enables AI agents to access and understand package documentation from local or remote repositories.
EdgeOne Pages MCP
An MCP server and client implementation for EdgeOne Pages Functions, supporting OpenAI-formatted requests.
ComfyUI
An MCP server for ComfyUI integration.