The AI ecosystem is growing fast, and many tools and services now expose their capabilities through MCP (Model Context Protocol) servers. By connecting an MCP server to elvex, your agents can instantly access any tools that server exposes, without you needing to manually define each one.
You might need to connect an MCP server when:
A third-party service you use publishes an MCP server and you want your agents to use its tools without building a custom integration
Your engineering team has built an internal MCP server to expose proprietary systems or workflows to AI agents
You want to extend your agents with specialized capabilities — like code execution, data retrieval, or external API calls — that are already packaged in an MCP server
This guide will show you how to add an MCP server in elvex, configure authentication, and make its tools available to your agents.
Before you begin
You must have an Admin or Owner company role to connect MCP servers. If you don't see the option, contact your elvex administrator.
Have the MCP server's URL ready, along with any credentials required to authenticate with it.
How MCP server connections work
When you connect an MCP server, elvex connects to that server and discovers the tools it exposes. Those tools are then available to be enabled on any agent, just like actions from a native integration. elvex handles credential injection automatically at runtime. Agents never see raw API keys or tokens.
Connecting an MCP server
In the elvex sidebar, navigate to Settings → Integrations.
Click Add, then select MCP Server.
Enter the URL of the MCP server and select the appropriate Transport type (HTTP is the default for most servers).
Give the server a descriptive Name — for example, "OpenAI API" or "Google Cloud MCP Server". This name is displayed in the integrations list and helps agents discover the server.
Choose your Scope and Authentication method (see Authorization below).
Click Connect & Authorize. elvex will connect to the server and discover its available tools.
Authorization
When connecting an MCP server, you'll configure two things: the scope (who shares credentials) and the authentication method (how those credentials work). This works the same way as custom API integrations in elvex.
Scope
Global (company-wide)
A single set of credentials is shared across your entire organization. Any user interacting with an agent that uses this MCP server will use the same underlying credentials.
Use global scope when the MCP server accesses shared company resources that don't vary by user — for example, a company-wide data pipeline or a shared internal tooling server.
Per-user (each user connects separately)
Each user connects their own credentials. When a user interacts with an agent that uses this MCP server, their personal credentials are used. elvex will prompt each user to connect the first time they trigger a relevant tool.
Use per-user scope when the MCP server accesses user-specific data — for example, a server that acts on behalf of individual users in an external system.
Authentication methods
API Key / Headers
Supply an API key or any custom key-value header pairs. Use this when the MCP server requires a static token or non-standard headers for authentication — for example, an API key passed as X-API-Key.
OAuth 2.0
Both global and per-user scope support OAuth 2.0. When OAuth is selected:
For global scope, the admin completes the OAuth flow once and credentials are shared company-wide.
For per-user scope, the admin configures the OAuth settings, but each user is redirected through their own OAuth login flow to connect their personal account.
elvex handles token management and refresh automatically — neither admins nor users need to manage tokens manually.
OAuth endpoint auto-discovery
elvex will attempt to auto-discover OAuth endpoints from the server's .well-known metadata. If auto-discovery succeeds, you'll be prompted to authorize immediately. If it fails, you can configure endpoints manually using the Manual configuration fallback.
Recommended: For most MCP servers, we recommend using Per-user scope with OAuth 2.0. This ensures each user authenticates with their own credentials, keeping access secure and auditable at the individual level.
Advanced: Manual OAuth 2.0 configuration
If auto-discovery fails, you'll need to provide the following settings. These are supplied by the MCP server's provider — check their developer documentation for the correct values.
Field | Description |
Authorization URL | The URL users are redirected to in order to grant access |
Token URL | The endpoint elvex calls to exchange an authorization code for an access token |
Client ID | The public identifier for your OAuth application |
Client Secret | The private secret for your OAuth application |
Scopes | A comma-separated list of OAuth permission scopes to request |
Enabling MCP tools on an agent
Once your MCP server is connected, you can enable its tools on any agent.
Open the agent you want to configure.
Navigate to the agent's Tools settings.
Find your MCP server and toggle on the specific tools you want the agent to use.
Click Save.
Next steps
Test your connection by enabling one or two tools on an agent and triggering them in a conversation to verify the server is responding correctly.
If you're using per-user scope, let your team know they'll be prompted to connect their credentials the first time they use a tool from this server.
To update credentials or reconfigure the server, return to Settings → Integrations, find your MCP server, and edit it.