VibeLogin MCP

Add authentication to your app - no code, no config, never leave your IDE

@vibelogin/mcp

Add authentication to your app without leaving your IDE. MCP server for Cursor, Claude Code, Windsurf, and Cline.

Just say "add authentication to my app" — the agent creates your project, configures auth methods, wires up Google OAuth, and scaffolds a working sign-in flow into your codebase. All from your editor's chat.

Install

No global install needed. Wire it into your MCP client config once and it runs on demand via bunx.

Client configuration

One snippet works in every client. Paste this into your MCP settings and you're done.

{
  "mcpServers": {
    "vibelogin": {
      "command": "bunx",
      "args": ["@vibelogin/mcp"]
    }
  }
}

The first tool call opens a browser for one-click consent. After that, tokens are cached under ~/.vibelogin/credentials.json — you won't be asked to log in again for 30 days.

Claude Desktop / Claude Code

~/Library/Application Support/Claude/claude_desktop_config.json (macOS):

{
  "mcpServers": {
    "vibelogin": {
      "command": "bunx",
      "args": ["@vibelogin/mcp"]
    }
  }
}

Cursor

~/.cursor/mcp.json (or per-project .cursor/mcp.json):

{
  "mcpServers": {
    "vibelogin": {
      "command": "bunx",
      "args": ["@vibelogin/mcp"]
    }
  }
}

Windsurf / Cline / Zed

Same shape — every MCP client accepts a command + args block. The one-liner above works in all of them.

That's it — no environment variables needed. Defaults point to production automatically.

Authentication

On first use, a browser window opens for one-click consent. After that, you're authenticated for 30 days — no further prompts.

Tools

The agent picks the right tools automatically based on your conversation. Just say what you need.

`create_project`

Creates a new VibeLogin project in your org. Returns the project's id, slug, oauthSlug, environment, publishable key, and secret key (shown once).

Param	Type	Required	Description
`name`	string	yes	Human-readable project name.
`slug`	string	no	URL-safe slug; auto-generated from `name` if omitted.
`environment`	enum	no	`production` \| `development` \| `staging` (default `production`).

`list_projects`

Lists every project in your org. Use this when the agent needs to discover what already exists before creating something new.

No parameters.

`get_project`

Look up a single project by id, slug, or oauthSlug.

Param	Type	Required	Description
`idOrSlug`	string	yes	Project id, slug, or oauthSlug.

`configure_auth`

Toggle auth methods, set redirect URLs, and/or wire up Google OAuth. Field-level updates — anything you don't set is left untouched.

Param	Type	Required	Description
`projectId`	string	yes	The project's id.
`methods.emailPassword`	boolean	no	Enable email + password sign-in.
`methods.magicLink`	boolean	no	Enable magic link emails.
`methods.emailOtp`	boolean	no	Enable 6-digit email OTP codes.
`methods.passwordReset`	boolean	no	Enable password reset emails.
`methods.emailVerification`	boolean	no	Require email verification on signup.
`google.clientId`	string	with `google`	Google OAuth client ID (from Google Cloud Console).
`google.clientSecret`	string	with `google`	Google OAuth client secret.
`google.enabled`	boolean	no	Default `true`.
`redirectUrls`	string[]	no	Overwrites the project's allowed redirect URL list.

If you call this without google, the response includes the exact Google Cloud Console URL + redirect URI you need to set up the credentials.

`add_auth_to_project`

Scaffold a working sign-in flow into your codebase. Detects the framework from package.json and writes non-destructive files (existing files are skipped, never clobbered).

Supported frameworks today: Next.js (App Router), Vite + React. Refused with guidance: Remix, Astro, Express, unknown.

Param	Type	Required	Description
`projectDir`	string	yes	Absolute path to the project root.
`slug`	string	yes	The project's `oauthSlug` (from `create_project`).
`publishableKey`	string	yes	The project's publishable key.
`appUrl`	string	yes	Your app's origin (e.g. `https://myapp.com`).

Files written for Next.js

middleware.ts                       # hostedAuthMiddleware
app/auth/callback/route.ts          # createCallbackHandler
app/login/page.tsx                  # <VibeLogin />
.env.local.example                  # publishable key + secret placeholder

Next steps printed by the tool:

pnpm add @vibelogin/nextjs
Copy .env.local.example → .env.local, fill VIBELOGIN_SECRET_KEY
pnpm dev → open /login

Files written for Vite + React

src/auth/VibeLoginProvider.tsx      # context + useVibeLogin() hook
src/auth/Login.tsx                  # /login redirect to hosted UI
src/auth/Callback.tsx               # /auth/callback handler
.env.example                        # VITE_-prefixed publishable key

Next steps printed by the tool:

pnpm add @vibelogin/react react-router-dom
Wrap <App/> in <VibeLoginProvider/>
Add routes /login and /auth/callback
Copy .env.example → .env.local
pnpm dev → open /login

Example conversations

You: "Add VibeLogin to this Next.js app. Email + password and Google sign-in."

Agent: (calls create_project { name: "myapp", environment: "production" }) Created myapp (pk_live_…). (calls configure_auth { projectId, methods: { emailPassword: true } }) Email + password enabled. To turn on Google, I need a Client ID and Secret from Google Cloud Console — here's the redirect URI to authorize: https://api.vibelogin.com/oauth/myapp-xyz/google/callback. (after you paste creds:) (calls configure_auth { google: { clientId, clientSecret } }) (calls add_auth_to_project { projectDir: ".", slug: "myapp-xyz", publishableKey: "pk_live_…", appUrl: "https://myapp.com" }) Scaffold complete (next). Wrote middleware.ts, app/auth/callback/route.ts, app/login/page.tsx, .env.local.example. Run pnpm add @vibelogin/nextjs && pnpm dev and open /login.

You: "What projects do I have already?"

Agent: (calls list_projects) You have 3: myapp (production), myapp-staging (staging), internal-tools (development).

Security

No secrets in the agent — authentication uses loopback OAuth + PKCE (RFC 8252)
Single-use authorization codes with 2-minute TTL
Rotated refresh tokens — every refresh invalidates the previous one
Credentials stored securely — chmod 600 on ~/.vibelogin/credentials.json

Supported frameworks

Framework	Status
Next.js (App Router)	Fully supported
Vite + React	Fully supported
Remix, Astro, Express	Coming soon

License

Apache-2.0

Máy chủ liên quan

Scout Monitoring MCP

nhà tài trợ

Put performance and error data directly in the hands of your AI assistant.

Alpha Vantage MCP Server

nhà tài trợ

Access financial market data: realtime & historical stock, ETF, options, forex, crypto, commodities, fundamentals, technical indicators, & more

Flutter MCP

Provides real-time Flutter/Dart documentation and pub.dev package information to AI assistants, supporting all packages on demand.

Together AI Image Server

A TypeScript-based server for generating images using the Together AI API.

Vigil

Cognitive infrastructure for AI agents — awareness daemon, frame-based tool filtering, signal protocol, session handoff, and event triggers.

Loki MCP Server

A Go-based server to query Grafana Loki logs using the Model Context Protocol (MCP).

IIIF Images Server

A server for working with IIIF (International Image Interoperability Framework) manifests and images.

BlenderMCP

Connects Blender to Claude AI via the Model Context Protocol (MCP), enabling direct interaction and control for prompt-assisted 3D modeling, scene creation, and manipulation.

Video Agent MCP Server

An MCP server for AI-powered video creation using the FAL AI API.

Command Executor

Execute pre-approved shell commands securely on a server.

third-eye-mcp

Privacy-first screen capture MCP server for AI coding agents. Let Claude, Cursor, or any MCP-compatible AI see your screen with full control.

Behavioural Prediction MCP

The Behavioural Prediction MCP Server provides AI-powered tools to analyze wallet behaviour prediction,fraud detection and rug pull prediction.