Remote MCP
Plug your AI coding assistant into Launchmatic over OAuth. Claude Code, Cursor, Codex, OpenCode, GitHub Copilot — anything that speaks the Model Context Protocol can drive your services with scoped, revocable access. No API keys to paste.
Connect your client
claude mcp add launchmatic --transport http https://mcp.launchmatic.io{
"mcpServers": {
"launchmatic": { "url": "https://mcp.launchmatic.io" }
}
}# Configure an HTTP-transport MCP server pointing at:
https://mcp.launchmatic.ioOn first use the client opens a browser to mcp.launchmatic.io/oauth/authorize. You sign in with GitHub, pick which workspaces to grant access to, and approve. The client gets a scoped Bearer token; nothing is copy-pasted, and you can revoke per-app from Settings → Connected Apps at any time.
Available tools
| tool | required scope | does |
|---|---|---|
whoami | mcp:tools | Identity, granted scopes, accessible teams. Use first to verify the connection. |
list-projects | projects:read | Projects the OAuth grant covers. |
list-services | projects:read | Services in a project, with status of the latest deployment. |
get-service | projects:read | Full service detail: config, recent deploys, env keys (NOT values), domains. |
list-deployments | projects:read | Deployment history for a service. |
get-deployment | projects:read | Status, timing, build logs for a single deployment. |
redeploy | deployments:write | Trigger a fresh build + deploy on the configured branch (or override). |
cancel-deployment | deployments:rollback | Halt a running build/deploy. |
set-env-vars | envvars:write | Bulk set/update environment variables. Run redeploy after. |
add-domain | domains:write | Register a custom hostname; SSL provisions automatically. |
get-logs | logs:read | Snapshot of runtime logs from the running pod (or last build log if no pod). |
launchmatic-agent | mcp:tools | Meta-tool: send one fuzzy request, get a consolidated multi-step answer back. |
The 11 concrete tools are deliberately consolidated — every tool definition costs context on every turn the client makes. The launchmatic-agent meta-tool lets a client delegate a fuzzy multi-step request ("why is my api crashing", "add postgres and wire it up") and get one synthesized answer back, instead of orchestrating 4-6 round-trips themselves.
Scopes
New clients default to read-only (mcp:tools + projects:read + logs:read). Write capabilities are opt-in per scope.
mcp:tools | Call MCP tools. Required for any client to connect. |
projects:read | Read projects, services, deployments, env keys, domains. |
logs:read | Read runtime + build logs. |
services:write | Create / modify services. |
envvars:write | Set / delete environment variables. |
domains:write | Add / remove custom domains. |
databases:write | Create / link / delete managed databases. |
deployments:write | Trigger new deployments. |
deployments:rollback | Cancel running deployments and roll back. |
offline_access | Issue a refresh token so the client can stay connected. |
Token usage & quota
Agent calls consume Anthropic tokens that Launchmatic bills against your plan. Quotas:
| plan | monthly tokens |
|---|---|
| FREE | 100K |
| PRO | 1.5M |
| TEAM | 8M |
Per-day soft caps and per-team aggregates kick in before you hit the monthly cap so a runaway session can't burn the whole quota. Track live in Settings → AI Usage.
Revoke access
Open Settings → Connected Apps to see every app you've granted access to, what scopes it has, when it last called a tool, and a one-click revoke. Revocation is immediate — the next tool call from the revoked client gets HTTP 401.
Standards
- • OAuth 2.1 with PKCE-only public clients (RFC 6749, 7636)
- • Dynamic Client Registration (RFC 7591) so clients self-register on first connect
- • Authorization Server Metadata at
/.well-known/oauth-authorization-server(RFC 8414) - • Protected Resource Metadata at
/.well-known/oauth-protected-resource(RFC 9728) - • Token Revocation (RFC 7009) at
/oauth/revoke - • OIDC userinfo at
/oauth/userinfofor clients that already speak OIDC - • MCP Streamable HTTP transport with optional stateful sessions