How to Connect an MCP Client to Your Server (HTTP, Auth, and Gateways)
Short answer: To connect an MCP client to a server, configure the client with the server’s base URL (for remote HTTP/SSE) or command (for stdio), ensure transport matches what the server exposes, and add authentication (often Authorization: Bearer … or OAuth where supported). If you use an MCP gateway, point the client at the gateway’s single URL and token—not the raw upstream address—so policies and audit apply before tool calls reach your backend.
Use this flow after you have a running server (or a hosted integration): connect the client, validate tool discovery, then tighten auth and policy.
1. Choose the transport
| Transport | Typical use | Client config shape |
|---|---|---|
| stdio | Local dev; subprocess MCP server | Command + args (e.g. npx, script path) |
| HTTP / SSE | Hosted MCP; remote teams | HTTPS URL + headers |
Your server documentation should state which it supports. For building the server itself, start with How to create a custom MCP server.
2. Set the endpoint
- Remote: Use the full HTTPS URL to the MCP endpoint your host exposes.
- Gateway: Use the Guardian URL from your dashboard so all traffic is authenticated and logged—see MCP firewall and gateway explained.
3. Add authentication
- Bearer token: Many gateways issue a per-server token. Clients must send
Authorization: Bearer <token>on each request. - OAuth: User-delegated flows may attach tokens from your IdP; patterns vary by host—Securing MCP with OAuth covers the concepts.
Never commit tokens to git; use environment variables or your client’s secret store.
4. Verify discovery and tools
After connecting, confirm the client can list tools (tools/list or equivalent in your UI). If listing works but calls fail, check tool policies, payload size, and rate limits—symptoms overlap; your gateway response should distinguish policy denial from transport errors.
5. Production checklist
- TLS enabled for remote connections.
- Token rotation process documented.
- Audit reviewed for unexpected tool names—Monitoring MCP traffic helps.
FAQ
MCP vs API: which endpoint do I use?
If the backend speaks REST only, you need an MCP server in front or a bridge. Conceptual comparison: MCP vs traditional APIs and MCP vs webhooks.
How does this relate to function calling?
The model still issues structured calls; MCP standardizes discovery and server boundaries. See MCP vs function calling.
Conclusion
Connecting clients is step one; governing connections is what makes MCP safe at scale. Next, standardize on a gateway for shared teams—see multi-server MCP infrastructure.
Integrations directory · Open MCP Trail
Related articles
- How to create a custom MCP server — Build side
- MCP firewall and gateway explained — Why one stable URL matters
- MCP security best practices — Hardening checklist
- Setting up GitHub MCP — Concrete remote setup example
- MCP performance optimization — When latency matters