Getting Started Last updated April 22, 2026

Remote MCP Setup

AgentBridge can act as a hosted OAuth-protected MCP server for clients like ChatGPT and Claude. In the common setup flow, the user enters only the MCP server URL, then signs in to AgentBridge and approves access to their tools.

MCP Server URL #

text 
https://agentbridge.in/api/mcp/server

Use that URL as the hosted MCP endpoint in your client. AgentBridge publishes OAuth metadata and Dynamic Client Registration so the client can discover the rest of the flow automatically.

Discovery Endpoints #

PurposeURL
Authorization-server metadata https://agentbridge.in/.well-known/oauth-authorization-server
Protected resource metadata https://agentbridge.in/.well-known/oauth-protected-resource/api/mcp/server
Dynamic Client Registration https://agentbridge.in/api/oauth-apps/register
Authorization endpoint https://agentbridge.in/api/oauth-provider/authorize
Token endpoint https://agentbridge.in/api/oauth-provider/token

User Flow #

  1. Add the MCP server URL

    In ChatGPT or Claude, create a new custom MCP connection and enter https://agentbridge.in/api/mcp/server.

  2. Client discovers OAuth configuration

    The client calls the MCP server, receives an OAuth challenge, then fetches the authorization-server metadata and protected-resource metadata.

  3. Dynamic client registration happens automatically

    AgentBridge supports RFC 7591-style Dynamic Client Registration so the client can create its own OAuth app without manual setup.

  4. User signs in to AgentBridge if needed

    If the user already has an AgentBridge session cookie, they go directly to consent. If not, AgentBridge sends them to the login page first and then returns them to the authorization step.

  5. User approves access

    On the consent page, the user can authorize or deny access. A denial returns the user to the client with error=access_denied.

  6. Client exchanges the authorization code

    After consent, the client exchanges the code at the token endpoint and uses the resulting bearer token to call the hosted MCP server.

Verification #

You can verify the hosted MCP and OAuth discovery chain with these commands:

bash 
curl -i https://agentbridge.in/api/mcp/server
curl -i https://agentbridge.in/.well-known/oauth-protected-resource/api/mcp/server
curl -i https://agentbridge.in/.well-known/oauth-authorization-server

The MCP server should respond without a token using 401 Unauthorized and a WWW-Authenticate header that includes the protected-resource metadata URL.

Troubleshooting #

OAuth configuration not found
Check that the root /.well-known metadata endpoints are reachable on the same origin as the MCP server.
CORS or browser-origin issues
Update trusted origins and patterns in the admin global configuration if the browser client is blocked during registration or discovery.
Login does not return to authorization
Make sure the AgentBridge login flow preserves the returnUrl so the user lands back on consent after signing in.
Dynamic Client Registration fails
Confirm that /api/oauth-apps/register returns 201 Created with a valid JSON registration payload.

Next steps: read the Authentication guide, the API Reference, or go back to the Quick Start.