> ## Documentation Index
> Fetch the complete documentation index at: https://docs.armature.tech/llms.txt
> Use this file to discover all available pages before exploring further.

# Connect and configure an MCP server in Armature

> Register an MCP server with Armature by providing its URL and auth credentials. Armature probes it live and discovers all available tools automatically.

Before Armature can test your MCP tools, it needs to know where your server lives and how to authenticate with it. The connection flow takes under a minute: you fill in your server's URL and auth details, and Armature immediately probes the server live — calling MCP `initialize` and `tools/list` — to confirm connectivity and build your tool catalog. From that point on, your server appears on the MCP Servers page and is ready for monitors, workflow coverage, and agent-driven repair.

## Connect a server

<Steps>
  <Step title="Open the connection modal">
    On the **MCP Servers** page, click **New server**. The "Connect new MCP server" modal opens. If your organization is on a free plan, you will be prompted to upgrade before continuing.
  </Step>

  <Step title="Enter a server name and endpoint URL">
    Give the server a descriptive name (for example, `Acme Payments MCP`) — this label appears throughout the Armature UI. In the **Endpoint URL** field, enter the full `https://` URL of your MCP server's HTTP endpoint.

    <Warning>
      The endpoint URL must use `https://`. Plain `http://` URLs are not accepted.
    </Warning>
  </Step>

  <Step title="Configure authentication">
    Choose the authentication method that matches how your MCP server secures its API. Armature supports three modes:

    <Tabs>
      <Tab title="Bearer token">
        Select **Bearer token** to use standard HTTP Bearer authentication. Paste your token into the **Token value** field — you do not need to include the `Bearer ` prefix; Armature adds it automatically.

        When Armature calls your server, every request includes:

        ```http theme={null}
        Authorization: Bearer <your-token>
        ```

        Your token is stored in a secure secrets backend and is never exposed in the Armature UI after you save.
      </Tab>

      <Tab title="API key header">
        Select **API key header** to send your credential in a custom HTTP header. Fill in two fields:

        * **Header name** — the name of the header your server expects, for example `x-api-key`.
        * **API key value** — the secret value to send.

        Every request Armature makes to your server will include:

        ```http theme={null}
        x-api-key: <your-key>
        ```

        Like bearer tokens, the key value is stored securely and is never shown in plaintext after saving.
      </Tab>

      <Tab title="No auth">
        Select **No auth** if your MCP server is publicly accessible or handles authentication through network-level controls. Armature will make unauthenticated requests.

        <Note>
          You can still add extra headers (see below) even when no primary auth method is selected.
        </Note>
      </Tab>
    </Tabs>
  </Step>

  <Step title="Add extra headers (optional)">
    If your server requires additional HTTP headers beyond the primary auth credential — for example, a `X-Base-URL` routing header or a tenant identifier — paste them as a JSON object into the **Extra headers** field:

    ```json theme={null}
    {
      "X-Base-URL": "https://api.example.com",
      "X-Tenant-ID": "acme"
    }
    ```

    Extra headers are sent on every request alongside the primary auth header. The field accepts any valid JSON object; arrays and primitives are rejected.
  </Step>

  <Step title="Save and watch the live probe">
    Click **Connect server**. Armature saves your server record, stores the auth secret securely, and immediately runs a live probe:

    1. Calls MCP `initialize` to verify the server responds.
    2. Calls `tools/list` to discover every tool the server exposes.

    The probe result appears in a "Set up tool monitors" wizard. If the probe succeeds, you'll see the full list of discovered tools. If it fails, Armature shows the error message and a **Retry** button — check that the URL is reachable and the credentials are correct, then retry.
  </Step>

  <Step title="Set up tool monitors (optional)">
    After a successful probe, Armature opens the tool monitor wizard. You can select which tools to monitor on a schedule, set per-tool intervals, and supply any required arguments. This step is optional — you can dismiss the wizard and add monitors later from the **MCP Servers** page or the **Monitors** page.

    See [MCP tool monitors](/mcp-servers/tool-monitors) for a full walkthrough.
  </Step>
</Steps>

## Explore your server

Once connected, click your server's card to open the server detail panel. The panel has three tabs:

| Tab                    | What you'll find                                                                                                     |
| ---------------------- | -------------------------------------------------------------------------------------------------------------------- |
| **Tools**              | The full tool catalog discovered during the last probe, with a badge indicating which tools are currently monitored. |
| **Monitors**           | All tool monitors attached to this server, with their last-run status and cadence.                                   |
| **Connection history** | A log of every probe attempt with timestamps and any error details.                                                  |

You can re-run a live probe at any time by clicking **Live probe** in the server detail panel. This re-queries `tools/list` and refreshes the tool catalog with any changes your server has made since the last probe.

## Edit or remove a server

From the server detail panel you can:

* **Edit** the server name or endpoint URL using the **Edit details** button.
* **Delete** the server using the **Delete** button. Deleting a server removes it and all of its tool monitors permanently. Armature asks for confirmation before proceeding.

<Warning>
  Deleting a server is irreversible. All tool monitors and their run history are removed along with the server record.
</Warning>

## Auth secret security

Armature stores auth secrets — bearer tokens and API key values — in a secure secrets backend. Once you save a server, the token or key is never displayed again in the Armature UI. If you need to rotate a credential, delete the server and reconnect it with the new secret.

<CardGroup cols={2}>
  <Card title="Tool monitors" icon="zap" href="/mcp-servers/tool-monitors">
    Schedule recurring pings for individual tools and get alerted when they fail.
  </Card>

  <Card title="Coverage report" icon="chart-bar" href="/mcp-servers/coverage">
    See which tools in your server's catalog are exercised by workflows and which are not.
  </Card>
</CardGroup>
