Connecting your AI (MCP)
modelux exposes every management action as a tool through the Model Context Protocol (MCP). Connect an MCP-aware AI client — Claude Desktop, Claude Code, ChatGPT, Cursor — and you can manage routing, budgets, providers, analytics, and more through natural language.
There are two ways to connect:
- OAuth (recommended). Paste a single URL, click “Allow,” done. Best for desktop and editor clients that can open a browser.
- Management API key. Bearer token on every request. Best for CI, scripts, and headless clients that can’t drive a browser flow.
Connect via OAuth
For any MCP client that speaks the MCP authorization spec:
-
Add a new MCP server and paste the URL:
https://api.modelux.ai/api/mcp -
The client will:
- Fetch
/.well-known/oauth-protected-resourceto discover modelux’s authorization server. - Register itself (via RFC 7591 dynamic client registration) if it isn’t pre-registered.
- Open a browser to
https://api.modelux.ai/api/oauth/authorizewith a PKCE challenge.
- Fetch
-
Sign in to modelux, review the requested scopes (
mcp:read,mcp:write), and click Allow. The browser redirects back to the client; the client exchanges the authorization code for an access token at/api/oauth/tokenand starts calling tools.
Review and revoke individual connections any time from Settings → Connected apps.
Connect with a management API key
For CI, scripts, or MCP clients that can’t drive a browser flow:
- In the dashboard, go to Settings → API & MCP.
- Create a management API key (
mlx_mgmt_*). Copy it — it’s only shown once. - Paste the MCP config into your client:
{
"mcpServers": {
"modelux": {
"url": "https://api.modelux.ai/api/mcp",
"headers": {
"Authorization": "Bearer mlx_mgmt_..."
}
}
}
}
Restart the client. It will connect and list available tools.
Management API keys are org-scoped: whoever holds the key can perform any management action within that org, so treat them like any privileged credential — don’t commit them to source control, rotate periodically, and revoke immediately if exposed. For per-user, revocable, least-privilege access, prefer OAuth.
What you can ask
- “Create a cascade that tries haiku first then falls back to sonnet”
- “Show me yesterday’s spend by model”
- “Set a $500/month cap on my production project with auto-downgrade to @cheap”
- “Which provider had the highest error rate last week?”
- “Rotate my OpenAI API key and verify it works”
- “Replay the last 24 hours of traffic against the candidate config”
Scopes
OAuth tokens carry one or both of:
mcp:read— list / get / describe tools only.mcp:write— required for any mutating tool (create, update, delete, revoke, …). A token with onlymcp:readhitting a write tool gets aninsufficient_scope403.
Scope narrows what a token can do, but your dashboard role still gates the
underlying action: a user with member role can’t grant a token admin
powers by requesting mcp:write.
Tools available
modelux exposes 80+ tools covering the full management API surface: projects, routing configs, providers, budgets, API keys, analytics, audit logs, webhooks, experiments, and org/member management. See the full management reference for the list.
For low-level OAuth endpoints and metadata URLs, see the OAuth reference.