Skip to main content

Adding MCP Servers

Via Command Line

The quickest way to add an MCP server: 
# stdio server — just pass the command after --
devin mcp add <name> -- <command> [args...]

# HTTP server — pass the URL as a positional argument
devin mcp add <name> <URL>

# HTTP server — or use the --url flag
devin mcp add <name> --url <URL>
The transport type is inferred automatically: a URL implies HTTP, and trailing args (or --command) imply stdio. You can still set -t/--transport explicitly when needed (e.g. for SSE): 
devin mcp add <name> --transport sse <URL>
By default, servers are saved to local scope (.devin/config.local.json, gitignored). Use -s/--scope to change: 
devin mcp add -s project <name> <URL>   # shared via .devin/config.json
devin mcp add -s user <name> <URL>      # global (~/.config/devin/config.json; %APPDATA%\devin\config.json on Windows)
You can also manage servers from the command line: 
devin mcp list              # List all configured servers
devin mcp get <name>        # Show details for a specific server
devin mcp remove <name>     # Remove a configured server
devin mcp login <name>      # Authenticate with a server via OAuth
devin mcp logout <name>     # Remove stored OAuth credentials

Via Config File

Add servers directly to your config file’s mcpServers section: 
// .devin/config.json
{
  "mcpServers": {
    "server-name": {
      "command": "npx",
      "args": ["-y", "@company/mcp-server"],
      "env": {
        "API_KEY": "your-key"
      }
    }
  }
}
Project-level servers are shared with your team via version control.

Server Configuration Options

MCP servers can be configured in two ways: as a local command (stdio transport) or as a remote server (Streamable HTTP or SSE transport).

Local Command (stdio)

FieldTypeRequiredDescription
commandstringYesThe executable to run
argsstring[]NoCommand-line arguments
envobjectNoEnvironment variables to set

Remote Server (HTTP / SSE)

FieldTypeRequiredDescription
urlstringYesThe URL of the MCP server endpoint
transportstringNoSet to "http" for Streamable HTTP or "sse" for Server-Sent Events transport. Required for SSE — without it, URL-based servers default to HTTP.
headersobjectNoCustom HTTP headers to include in requests

Examples

{
  "mcpServers": {
    "github": {
      "command": "npx",
      "args": ["-y", "@modelcontextprotocol/server-github"],
      "env": {
        "GITHUB_TOKEN": "ghp_..."
      }
    }
  }
}

{
  "mcpServers": {
    "notion": {
      "url": "https://mcp.notion.com/mcp",
      "transport": "http"
    }
  }
}
After adding an OAuth-based server, run devin mcp login notion to authenticate. See Authentication below.
{
  "mcpServers": {
    "linear": {
      "url": "https://mcp.linear.app/mcp",
      "transport": "http"
    }
  }
}

{
  "mcpServers": {
    "atlassian": {
      "url": "https://mcp.atlassian.com/v1/sse",
      "transport": "sse"
    }
  }
}
After adding, run devin mcp login atlassian to authenticate. Each MCP client (Windsurf, Claude Code, Devin for Terminal) maintains its own OAuth session, so you must log in separately even if you’ve already authenticated in another tool.
{
  "mcpServers": {
    "my-tools": {
      "command": "python",
      "args": ["./scripts/mcp-server.py"],
      "env": {
        "DB_URL": "postgres://localhost/mydb"
      }
    }
  }
}

Authentication

Some remote MCP servers require OAuth authentication. After adding an OAuth-based server to your config, authenticate using the login command: 
devin mcp login <server-name>
For example: 
devin mcp login notion    # Authenticate with Notion
devin mcp login linear    # Authenticate with Linear
This opens a browser window where you can authorize access. The OAuth tokens are stored locally and refreshed automatically. You can optionally request specific OAuth scopes: 
devin mcp login notion --scopes read,write
To remove stored OAuth credentials for a server: 
devin mcp logout <server-name>
If the server supports OAuth, you will also be prompted to authenticate automatically when the server is first used.

Managing Secrets

Never commit API keys or secrets to version control. Use .devin/config.local.json for sensitive values.
For team projects, the recommended pattern is:
  1. Define the server in .devin/config.json with placeholder or no env vars
  2. Each team member adds their personal keys in .devin/config.local.json
The local config file is automatically excluded from git.

MCP Permissions

You can pre-approve, deny, or force-ask for specific MCP tools in your permissions config: 
{
  "permissions": {
    "allow": [
      "mcp__github__list_issues",
      "mcp__github__create_issue"
    ],
    "deny": [
      "mcp__github__delete_repo"
    ],
    "ask": [
      "mcp__linear__*"
    ]
  }
}
Permission matcher patterns:
PatternMatches
mcp__server__toolA specific tool on a specific server
mcp__server__*All tools on a specific server
mcp__*All MCP tools on all servers

Troubleshooting

If you see errors like Auth required or AuthRequired when connecting to a remote MCP server (HTTP or SSE), the server requires OAuth authentication.Run:
devin mcp login <server-name>
Each MCP client authenticates independently. Even if you’ve already authenticated in Windsurf or Claude Code, you need to run devin mcp login separately for Devin for Terminal.To verify your auth status, try removing and re-adding credentials:
devin mcp logout <server-name>
devin mcp login <server-name>
Verify the command works outside Devin for Terminal:
npx -y @modelcontextprotocol/server-github
Check that all required environment variables are set.
Ask the agent to list MCP servers and tools. The server may need a moment to initialize.
Check your permissions config. MCP tools default to prompting for approval. Add them to permissions.allow to auto-approve.