Skip to main content

AI client integrations

Choose the right integration path for each AI client your organization uses. MintMCP integrates with AI clients through two mechanisms: a direct MCP connection, where the client speaks MCP to a Virtual MCP (VMCP) URL, and Agent Monitor hooks, which observe non-MCP tool calls like shell commands, file reads, and edits in coding agents.

Two integration paths

Direct MCP connection

MCP-speaking clients connect to a VMCP URL exposed by MintMCP, authenticate once via OAuth (or a bearer key), and from then on every tool call flows through the gateway.

On this path:

  • Users sign in through your organization's identity provider
  • The gateway enforces which tools each identity can call
  • Every tool call is logged with user, payload, result, and timing
  • Rules for secrets and prompt injection can allow, block, or require approval

Agent Monitor hooks

Coding agents run local tools directly (Bash, Edit, Read, shell execution), and MCP alone doesn't see these. Agent Monitor uses the client's hook system to observe every agent action, including non-MCP tools, and sends it to MintMCP for monitoring and rule enforcement.

Agent Monitor captures:

  • Prompts submitted
  • Shell commands before execution
  • MCP tool calls
  • File reads and edits

Activity appears in MintMCP's Live Activity view. Setup guides cover Claude Code, Cursor, and Codex.

The two paths compose: connect a client to a VMCP for governed tool access, and add the hook for full agent visibility.

Connect over MCP

Connect any of these clients to a Virtual MCP by pointing it at the VMCP URL. The Auth column shows how each client authenticates: OAuth through your SSO, a bearer key, or both.

ClientAuthNotes
Claude CodeOAuth or bearerPair with Agent Monitor hooks for visibility into Bash, Edit, and Read
Claude webOAuthAdded as a custom connector in settings
Claude desktopOAuthSame custom connector configuration as Claude web
ChatGPTOAuthMCP connectors require developer mode
ChatGPT Custom GPTsBearer or OAuthConnects through OpenAPI actions rather than MCP; use OAuth when sharing with teammates
CursorOAuthPair with hooks for shell, file, and prompt visibility
Cursor Cloud AgentsOAuth (via Cursor dashboard) or bearerConfigure MCP in the Cursor web dashboard; see Cursor setup
LibreChatOAuth or bearerConfigured in librechat.yaml with the streamable-http transport
Codex CLIOAuth or bearerStreamable HTTP servers in config.toml; the same config drives the Codex IDE extension
VS CodeOAuthNative MCP support; remote servers with OAuth need version 1.101 or later
GitHub CopilotOAuthAgent mode connects through the host IDE's MCP support; the cloud coding agent takes MCP configuration in repository settings
WindsurfOAuth or bearerRemote servers use serverUrl in mcp_config.json
ZedOAuth or bearerRuns stdio servers only, so connect remote URLs through the mcp-remote bridge
ClineBearerSet "type": "streamableHttp" for remote servers
Roo CodeBearerStreamable HTTP transport alongside SSE and stdio
ContinueBearertype: streamable-http in the YAML config
JetBrains AI AssistantBearerRemote servers configured by URL; OAuth flows aren't supported yet, so paste a token
Gemini CLIOAuthhttpUrl in settings.json; run /mcp auth to sign in
Gemini EnterpriseOAuthAdmins add MCP servers as data stores in the Gemini Enterprise console
Amazon Q DeveloperOAuthRemote HTTP servers in the CLI and IDE agent configuration
KiroOAuth or bearerNative remote MCP in the IDE and CLI
GooseOAuth or bearerRemote extensions over streamable HTTP
WarpBearerStreamable HTTP and SSE with custom headers
AmpOAuth or bearerRemote servers configured by url in settings
OpenCodeOAuthHandles the OAuth flow automatically for remote servers
Microsoft Copilot StudioOAuthAgents connect through a custom connector that speaks streamable HTTP

The table isn't exhaustive: any MCP-speaking client can connect to the VMCP URL, so a client missing from the list still works as long as it supports remote MCP servers.

Agent Monitor hook support

Agent Monitor attaches to a coding agent's hook system to capture prompts, shell commands, and file edits. Claude Code, Cursor, and Codex ship with first-class support and setup guides, and support for other popular agents is available on request.

AgentSupportSetup
Claude CodeFirst-classClaude Code hook setup
CursorFirst-classCursor hook setup
CodexFirst-classCodex hook setup

Hook support for other popular coding agents is available on request: contact support@mintmcp.com and we'll work with you to set your agent up.

How clients authenticate

Most clients use OAuth to MintMCP: the user signs in through your organization's SSO (Okta, Google, Microsoft Entra ID), MintMCP issues a token, and the client uses it on subsequent tool calls. Clients marked bearer in the table above authenticate with a key instead, which suits headless and CLI environments where there's no browser to complete a sign-in. Custom GPTs can use a bearer API key for personal use or OAuth when shared with teammates, and Agent Monitor hooks authenticate with an organization key rather than a user OAuth token, since they run in local hook processes.

Picking the right path

  • Governed tool access only: use the direct MCP connection. The client sees only the tools it's allowed to call, and every call is logged.
  • Tool access plus full agent visibility: add the Agent Monitor hook. This is how you see what Claude Code's Bash tool ran, which files Cursor's agent read, and which prompts were submitted.
  • Sharing an assistant with teammates: Custom GPTs with OAuth, or a VMCP connected through Claude web or ChatGPT with per-user SSO sign-in.

How connector icons display in clients

The MCP spec defines an icon field that servers can return to identify themselves visually, and MintMCP returns spec-compliant icons for its hosted connectors. Not every client honors that field yet, so the icon a user sees depends on which client they use.

ClientIcon behavior
Claude (web and desktop)Does not render the MCP spec icon field. Falls back to the favicon of the connector's URL, fetched via an external favicon service. Because all MintMCP-hosted connectors share the same domain, Claude shows the same MintMCP logo for every connector: Drive, Gmail, a custom Virtual MCP, and so on
VS CodeSupports the MCP spec icon field, but requires the icon to be served from the same domain as the connector
MCP InspectorFully supports the MCP spec icon field
Other MCP clientsVaries, so check the client's documentation for icon support

In clients that ignore the spec field, the icon comes from the connector URL's favicon, so MintMCP-hosted connectors currently display the same logo there. Client icon support is evolving quickly, so check your client's current behavior.

Logos configured in MintMCP's own MCP store UI (see gateway customization) control what appears inside the MintMCP admin interface. The behavior above describes what the AI client displays in its own UI after connecting.

Where to get connection details

Each VMCP in the MCP store has an MCP Client Setup tab with the URL. Custom GPTs have a separate Custom GPT tab with the OpenAPI schema and auth details. Agent Monitor setup for Claude Code and Cursor hooks lives under the Monitor Setup page, which issues the organization key the hook scripts use.

Next steps