Bauta - Share Artifacts
Deploy HTML/React artifacts from your AI client to hosted, share-gated URLs. Private by default, password or email gates, EU hosting. Remote MCP: https://bauta.app/mcp
Documentation
Docs
Connect, deploy, share.
Everything you need to connect an agent to Bauta and deploy your first artifact — the MCP endpoint, authentication, every tool, the sharing modes, and the gated-by-default posture.
Connect
Bauta is a remote MCP server. The endpoint (Streamable HTTP) is:
https://bauta.app/mcp
Claude (web or desktop): Customize → Connectors →Add custom connector, paste the endpoint URL, and complete the sign-in flow when prompted.
Free to start — no separate signup. Connecting is the signup: the first time you authenticate, your Bauta account is created automatically (sign in with Google or email, no credit card). The free tier lets you deploy and share right away; paid plans add a branded subdomain, custom slugs, email-OTP viewer gates, and longer history.
Claude Code (CLI):
claude mcp add --transport http bauta https://bauta.app/mcp
Authentication. Bauta uses standard MCP OAuth: the server is its own OAuth authorization server and supports bothDynamic Client Registration (RFC 7591) andClient ID Metadata Documents (CIMD), so both pre-registered and self-identifying MCP clients work without manual client setup. CLI and desktop clients may use loopback redirect URIs onlocalhost or 127.0.0.1 with any port. Discovery metadata is served at the standard/.well-known/oauth-authorization-server location.
Tools
Every tool declares whether it is read-only or destructive, and read and write operations are always separate tools.
| Tool | What it does |
|---|---|
| deploy_artifact | Deploy an HTML or React artifact to a hosted URL (or publish a new revision of one you already own). Deploys are owned by you, unlisted, and permanent by default — served only via the secret access-token link the deploy returns. (An optional ephemeral flag makes a temporary/demo deploy that auto-deletes after a few days unless you keep it.) |
| update_artifact | Publish a new revision of an existing artifact; the URL stays the same. |
| list_artifacts | List the artifacts you own: slug, title, sharing mode, published revision, timestamps. Read-only. |
| rollback | Move an artifact's live version back to a prior revision — nothing is created or deleted, only the published pointer moves. |
| rename_slug | Rename an artifact. Paid (org) artifacts pick a new slug and old links redirect (301) for a grace period; free artifacts re-roll a fresh random id and the old link stops working immediately. |
| set_sharing | Change who can view an artifact: private, unlisted, public, password, or email_otp. |
| share_via_email | Grant a specific email address access to an artifact and send them an invite. |
| list_share_recipients | List the addresses you have previously shared artifacts with. Read-only. |
| bind_data_source | Attach a data snapshot to an artifact, served back to the artifact's own code at a stable /data URL; binding again replaces the snapshot. |
| get_analytics | Aggregate view and deploy counts for one of your artifacts — cookieless, sampling-corrected estimates. Read-only. |
| export_artifact | Export everything stored for one of your artifacts: metadata, every revision's original source, and the sharing configuration. Read-only. |
| delete_artifact | Permanently delete an artifact — all revisions, sharing settings, and share grants; serving stops immediately at every URL. |
| request_email_verification | Email a one-time code to an address you control, to attach it to your account as a verified email. |
| verify_email_code | Complete email verification by submitting the one-time code. |
| whoami | Show the caller's identity: the stable MCP subject and the linked Bauta account. Read-only. |
| ping | Liveness check — answers "pong". No side effects. |
URLs
- Free artifacts serve at
share.bauta.app/<random-id>, owned by you and permanent. Renaming re-rolls a fresh random id (the old link stops working immediately). - Organizations (paid plans) get vanity URLs on their own subdomain:
your-org.bauta.app/artifact-name/. On upgrade or downgrade the old links 301-redirect forever.
Artifact code never runs on bauta.app itself: content executes inside a sandboxed iframe served from a separate registered domain (bauta-usercontent.com), which carries no cookies and is excluded from search-engine indexing.
Sharing modes
| Mode | Who can view |
|---|---|
| private | Nobody — visitors are blocked instantly, even with the access-token link. |
| unlisted | Reachable only via the secret access-token link the deploy returns. The bare URL is an existence-blind 404. This is the default for every deploy. |
| public | Anyone with the link — no password, code or token. |
| password | Anyone with the link who enters the password you set. Viewers need no account. |
| email_otp | Viewers verify their email with a one-time code. With email grants (via share_via_email) only granted addresses get a code; without grants, any address that completes verification may view, and every verified view is recorded in the audit log. |
Gated by default
Bauta's security posture, in one list:
- Private by default. Every deploy is owned by you and
unlistedthe moment it lands — reachable only with the secret access-token link, and a blind 404 to everyone else. It will never be made public without an explicitset_sharingaction by you. - Sandboxed execution. All artifact code runs in an iframe with
sandbox="allow-scripts"and nothing else, on a separate registered domain with no cookies — it cannot reach your session, other artifacts, or the parent page. - Deploy-time scanning. Outbound links in deployed content are checked against Google Safe Browsing before anything is stored; known-bad links reject the deploy.
- Rate limits. Deploys, gate attempts, verification emails, and abuse reports are all rate-limited.
- Report and takedown. Every served artifact page links to the abuse report form; taken-down content stops serving on every origin immediately.
- Audit log. Deploys, sharing changes, and email-verified views are recorded append-only.
- EU-hosted content, cookieless analytics. Artifact content lives in an EU-jurisdiction bucket; view counting uses no cookies and no third-party scripts. See the privacy policy and terms of service.
FAQ
What is Bauta?
Bauta is an MCP server that lets Claude — and any MCP client, including ChatGPT, Codex and Cursor — deploy AI-generated HTML and React artifacts (presentations, reports, dashboards, mini-apps) to hosted, share-gated URLs. You say “share this” in your AI client; Bauta returns a real, permanent link.
How do I connect Bauta to Claude?
In Claude (web or desktop): Customize → Connectors →Add custom connector → pastehttps://bauta.app/mcp. In Claude Code:claude mcp add --transport http bauta https://bauta.app/mcp. Authentication happens in the browser on first use; connecting creates your account — there is no separate signup.
What tools does the Bauta MCP server expose?
Sixteen tools: deploy_artifact, update_artifact,list_artifacts, rollback,rename_slug, set_sharing,share_via_email, list_share_recipients,bind_data_source, get_analytics,export_artifact, delete_artifact,request_email_verification, verify_email_code,whoami and ping — each described in the tool table above.
Do viewers need an account?
No. Viewers never sign up. Depending on the sharing mode they open the link directly (public), use the secret token link (unlisted), enter a password, or verify their email with a one-time code (email_otp).
Is a deploy public?
No — every deploy is unlisted by default: reachable only via the secret access-token link returned to you, and an existence-blind 404 for everyone else. Content becomes public only through an explicitset_sharing call by the owner.
Where is content hosted?
Artifact content is stored in an EU-jurisdiction bucket and served from a separate sandbox domain (bauta-usercontent.com) inside an iframe with sandbox="allow-scripts" — never onbauta.app itself.