VibeLogin MCP
Add authentication to your app - no code, no config, never leave your IDE
@vibelogin/mcp
Add authentication to your app without leaving your IDE. MCP server for Cursor, Claude Code, Windsurf, and Cline.
Just say "add authentication to my app" — the agent creates your project, configures auth methods, wires up Google OAuth, and scaffolds a working sign-in flow into your codebase. All from your editor's chat.
Install
No global install needed. Wire it into your MCP client config once and it runs on demand via bunx.
Client configuration
One snippet works in every client. Paste this into your MCP settings and you're done.
{
"mcpServers": {
"vibelogin": {
"command": "bunx",
"args": ["@vibelogin/mcp"]
}
}
}
The first tool call opens a browser for one-click consent. After that, tokens are cached under ~/.vibelogin/credentials.json — you won't be asked to log in again for 30 days.
Claude Desktop / Claude Code
~/Library/Application Support/Claude/claude_desktop_config.json (macOS):
{
"mcpServers": {
"vibelogin": {
"command": "bunx",
"args": ["@vibelogin/mcp"]
}
}
}
Cursor
~/.cursor/mcp.json (or per-project .cursor/mcp.json):
{
"mcpServers": {
"vibelogin": {
"command": "bunx",
"args": ["@vibelogin/mcp"]
}
}
}
Windsurf / Cline / Zed
Same shape — every MCP client accepts a command + args block. The one-liner above works in all of them.
That's it — no environment variables needed. Defaults point to production automatically.
Authentication
On first use, a browser window opens for one-click consent. After that, you're authenticated for 30 days — no further prompts.
Tools
The agent picks the right tools automatically based on your conversation. Just say what you need.
create_project
Creates a new VibeLogin project in your org. Returns the project's id, slug, oauthSlug, environment, publishable key, and secret key (shown once).
| Param | Type | Required | Description |
|---|---|---|---|
name | string | yes | Human-readable project name. |
slug | string | no | URL-safe slug; auto-generated from name if omitted. |
environment | enum | no | production | development | staging (default production). |
list_projects
Lists every project in your org. Use this when the agent needs to discover what already exists before creating something new.
No parameters.
get_project
Look up a single project by id, slug, or oauthSlug.
| Param | Type | Required | Description |
|---|---|---|---|
idOrSlug | string | yes | Project id, slug, or oauthSlug. |
configure_auth
Toggle auth methods, set redirect URLs, and/or wire up Google OAuth. Field-level updates — anything you don't set is left untouched.
| Param | Type | Required | Description |
|---|---|---|---|
projectId | string | yes | The project's id. |
methods.emailPassword | boolean | no | Enable email + password sign-in. |
methods.magicLink | boolean | no | Enable magic link emails. |
methods.emailOtp | boolean | no | Enable 6-digit email OTP codes. |
methods.passwordReset | boolean | no | Enable password reset emails. |
methods.emailVerification | boolean | no | Require email verification on signup. |
google.clientId | string | with google | Google OAuth client ID (from Google Cloud Console). |
google.clientSecret | string | with google | Google OAuth client secret. |
google.enabled | boolean | no | Default true. |
redirectUrls | string[] | no | Overwrites the project's allowed redirect URL list. |
If you call this without google, the response includes the exact Google Cloud Console URL + redirect URI you need to set up the credentials.
add_auth_to_project
Scaffold a working sign-in flow into your codebase. Detects the framework from package.json and writes non-destructive files (existing files are skipped, never clobbered).
Supported frameworks today: Next.js (App Router), Vite + React. Refused with guidance: Remix, Astro, Express, unknown.
| Param | Type | Required | Description |
|---|---|---|---|
projectDir | string | yes | Absolute path to the project root. |
slug | string | yes | The project's oauthSlug (from create_project). |
publishableKey | string | yes | The project's publishable key. |
appUrl | string | yes | Your app's origin (e.g. https://myapp.com). |
Files written for Next.js
middleware.ts # hostedAuthMiddleware
app/auth/callback/route.ts # createCallbackHandler
app/login/page.tsx # <VibeLogin />
.env.local.example # publishable key + secret placeholder
Next steps printed by the tool:
pnpm add @vibelogin/nextjs- Copy
.env.local.example→.env.local, fillVIBELOGIN_SECRET_KEY pnpm dev→ open/login
Files written for Vite + React
src/auth/VibeLoginProvider.tsx # context + useVibeLogin() hook
src/auth/Login.tsx # /login redirect to hosted UI
src/auth/Callback.tsx # /auth/callback handler
.env.example # VITE_-prefixed publishable key
Next steps printed by the tool:
pnpm add @vibelogin/react react-router-dom- Wrap
<App/>in<VibeLoginProvider/> - Add routes
/loginand/auth/callback - Copy
.env.example→.env.local pnpm dev→ open/login
Example conversations
You: "Add VibeLogin to this Next.js app. Email + password and Google sign-in."
Agent: (calls
create_project { name: "myapp", environment: "production" }) Createdmyapp(pk_live_…). (callsconfigure_auth { projectId, methods: { emailPassword: true } }) Email + password enabled. To turn on Google, I need a Client ID and Secret from Google Cloud Console — here's the redirect URI to authorize:https://api.vibelogin.com/oauth/myapp-xyz/google/callback. (after you paste creds:) (callsconfigure_auth { google: { clientId, clientSecret } }) (callsadd_auth_to_project { projectDir: ".", slug: "myapp-xyz", publishableKey: "pk_live_…", appUrl: "https://myapp.com" }) Scaffold complete (next). Wrotemiddleware.ts,app/auth/callback/route.ts,app/login/page.tsx,.env.local.example. Runpnpm add @vibelogin/nextjs && pnpm devand open/login.
You: "What projects do I have already?"
Agent: (calls
list_projects) You have 3:myapp(production),myapp-staging(staging),internal-tools(development).
Security
- No secrets in the agent — authentication uses loopback OAuth + PKCE (RFC 8252)
- Single-use authorization codes with 2-minute TTL
- Rotated refresh tokens — every refresh invalidates the previous one
- Credentials stored securely —
chmod 600on~/.vibelogin/credentials.json
Supported frameworks
| Framework | Status |
|---|---|
| Next.js (App Router) | Fully supported |
| Vite + React | Fully supported |
| Remix, Astro, Express | Coming soon |
License
Apache-2.0
เซิร์ฟเวอร์ที่เกี่ยวข้อง
Scout Monitoring MCP
ผู้สนับสนุนPut performance and error data directly in the hands of your AI assistant.
Alpha Vantage MCP Server
ผู้สนับสนุนAccess financial market data: realtime & historical stock, ETF, options, forex, crypto, commodities, fundamentals, technical indicators, & more
HAL (HTTP API Layer)
An MCP server that enables Large Language Models to make HTTP requests and interact with web APIs. It supports automatic tool generation from OpenAPI/Swagger specifications.
FastAPI-MCP
A zero-configuration tool to automatically expose FastAPI endpoints as MCP tools.
Clangaroo
Provides fast C++ code intelligence for LLMs using the clangd language server.
MCP SBOM Server
Performs a Trivy scan to produce a Software Bill of Materials (SBOM) in CycloneDX format.
ADB MCP Server
Interact with Android devices using the Android Debug Bridge (ADB).
Riza
Arbitrary code execution and tool-use platform for LLMs by Riza
TokenTool MCP
Deploy and manage compliant tokens from Claude, Cursor, or any AI agent — by typing a sentence.
Headless Terminal (ht) MCP
A high-performance MCP server for the headless terminal (ht), implemented in Rust.
MCP Go Generator Node.js
Generate Go microservices with a hexagonal architecture in a Node.js environment.
AbletonMCP
Control Ableton Live with AI prompts for music production, track creation, and session manipulation.