Skip to main content

Overview

The Formbricks MCP server exposes a small v3 Surveys tool surface for AI agents. It runs inside the Formbricks web app at /api/mcp and reuses the same v3 Surveys API authentication, authorization, rate limiting, response handling, and audit logging paths as the REST routes.
OAuth 2.1 is the preferred authentication path for MCP clients. Formbricks API keys remain supported as a backwards-compatible fallback for local development, self-hosters, and clients that do not support MCP OAuth yet.
Looking for step-by-step setup guides for Claude Code, the Claude apps, and Codex? See Connect AI agents (MCP). This handbook covers the technical internals.

Endpoint

Use the streamable HTTP MCP endpoint on the Formbricks app:
For local development:
The route supports POST requests, runs with the Next.js Node.js runtime, and sets private no-store response headers. Browser-origin MCP requests must come from the configured Formbricks app origin. OAuth clients discover the protected resource metadata here:
The metadata advertises /api/mcp as the protected resource and points clients to the Better Auth issuer under /api/auth.

Authentication

OAuth 2.1

OAuth clients use Authorization Code + PKCE with Dynamic Client Registration. The MCP protected resource is:
The authorization server issuer is:
Discovery endpoints:
EndpointPurpose
/api/auth/.well-known/oauth-authorization-serverBetter Auth authorization metadata
/api/auth/.well-known/openid-configurationOpenID Connect metadata
/.well-known/oauth-authorization-server/api/authRFC 8414 path-insertion alias
/.well-known/openid-configuration/api/authRFC 8414 OpenID path-insertion alias
/.well-known/oauth-protected-resourceMCP protected resource metadata
/.well-known/oauth-protected-resource/api/mcpMCP resource-specific metadata
Supported scopes:
ScopeUse
surveys:readlist_surveys, get_survey, and read-only validation paths
surveys:writecreate_survey, patch_survey, delete_survey, and write validations
openidOpenID Connect subject interoperability
profileUser profile claims
emailUser email claim
offline_accessRefresh tokens for MCP clients
The authorization server supports all of the above, but the MCP protected-resource metadata (/.well-known/oauth-protected-resource/api/mcp) advertises only surveys:read, surveys:write, and offline_access — the scopes an MCP client needs. Clients derive their Dynamic Client Registration scopes from that list, so offline_access must be advertised there for clients to be issued refresh tokens (openid/profile/email are OIDC scopes the MCP resource does not require). OAuth scopes only gate MCP tool categories. Actual workspace access is still evaluated at tool execution through the existing v3 authorization checks for the signed-in Formbricks user.

API-key fallback

API-key MCP access remains supported. Authenticate with a Formbricks API key in a request header:
or:
Do not pass credentials in the query string. The MCP route rejects query credential names such as api_key, x-api-key, access_token, token, and authorization case-insensitively. API key permissions are enforced through the same workspace access checks as the v3 REST API:
ToolMinimum Workspace Permission
list_surveysread
get_surveyread
create_surveywrite or manage
validate_surveywrite or manage when the validation request checks write access
patch_surveywrite or manage
delete_surveywrite or manage
Store fallback MCP API keys as environment variables or client secrets. Do not commit API keys into MCP client config files.

Local Setup

Start Formbricks and prepare the database:
Verify OAuth discovery:
OAuth-capable MCP clients should dynamically register a public client and request resource equal to the MCP URL:
Manual Dynamic Client Registration smoke test:
This passes scope explicitly, so it does not reproduce a real client’s behavior — real MCP clients register with the scopes from the protected-resource metadata’s scopes_supported (surveys:read surveys:write offline_access). Because the authorization server validates the /authorize request against the client’s registered scopes, a client that registers with a narrower set than it later requests (e.g. it registers surveys-only but requests offline_access) is rejected with invalid_scope. To smoke-test the real path, omit scope and let the client adopt the advertised set, or pass exactly what the metadata advertises.
The consent screen is served at /account/authorize. Users can revoke approved MCP clients from /account/settings/authorized-apps. For API-key fallback, create an API key in the Formbricks app with access to the target workspace. Use the least privileged permission needed by the agent workflow. Verify that the MCP endpoint can list tools:

Codex Configuration

OAuth

Add the HTTP MCP server. Include --oauth-resource so the OAuth access token is audience-bound to the MCP resource URL:
Authenticate and request the scopes the agent needs:
For read-only usage, omit surveys:write:
Codex opens the browser to Formbricks, completes Dynamic Client Registration, and stores the OAuth client and tokens in Codex’s credential store. The user approves the requested scopes on the Formbricks consent screen. Equivalent Codex config for the server entry:
Verify the registration:
Then ask Codex to use the configured server:

API-key fallback

Store the API key in the shell environment:
For Codex Desktop on macOS, persist the value in the launch environment and restart Codex Desktop:
Register the local MCP server with a bearer-token environment variable:

Claude Configuration

Claude Code

OAuth

Add the remote HTTP MCP server:
Run /mcp and authenticate formbricks-local. Claude Code discovers the MCP protected-resource metadata, registers a public client whose scopes are taken from that metadata’s scopes_supported (surveys:read surveys:write offline_access), and launches the browser-based OAuth flow — there is no scope-entry step. You approve the requested scopes on the Formbricks consent screen. Workspace role determines whether surveys:write tools actually succeed at execution time (see Authentication), regardless of the granted scope. Verify it:
For project-shared Claude Code configuration, use .mcp.json without static credentials:
If the installed Claude Code version does not start the OAuth flow for remote HTTP servers, use the API-key fallback below until that client is updated.

API-key fallback

Set the API key:
Add the HTTP MCP server:
For a project-shared fallback configuration, keep the API key outside git:
Claude Code will fail to parse this fallback config if FORMBRICKS_MCP_API_KEY is not set.

Claude Desktop

If the installed Claude Desktop build supports remote HTTP MCP server entries, add the same server definition to the Claude Desktop config file and restart Claude Desktop. Prefer the OAuth entry without headers when supported; use the API-key header entry only as a fallback. macOS config path:
Example config:
Fallback config with an API key:
Set the API key in the Desktop launch environment before opening Claude Desktop when using the fallback config:
If a Claude Desktop version only supports stdio MCP servers, use Claude Code for the HTTP endpoint or add a local stdio-to-HTTP bridge.

Tool Responses

Tool results include both structuredContent and a text content item containing the same JSON string. Successful results mirror the v3 REST response body and add requestId for correlation. Errors are returned as MCP error tool results with a structured v3 problem payload:

Available Tools

list_surveys

Lists surveys in one workspace. The tool is read-only and idempotent. Input:
Output:

get_survey

Gets one survey by ID. The tool is read-only and idempotent. Input:
lang is optional. When supplied, it filters translatable survey fields to the requested language codes or configured aliases.

create_survey

Creates a block-based link survey using the v3 survey document contract. The tool writes data and is not idempotent. Input:
Output uses the same survey resource shape as GET /api/v3/surveys/{surveyId} and includes the MCP requestId.

validate_survey

Validates a create or patch payload without writing survey changes. The tool is read-only and idempotent, but create validation still checks workspace write access when workspaceId is present. Create validation input:
Patch validation input:
Validation failures return 200 with valid: false and structured invalid_params, matching POST /api/v3/surveys/validate.

patch_survey

Updates a survey by ID using the v3 survey patch contract. The tool writes data, can be destructive, and is not idempotent. Omitted top-level fields are preserved. Provided top-level objects and arrays replace that whole subtree, so omitted nested entries inside a provided subtree can be removed. The patch tool does not deep-merge nested objects and does not implement JSON Patch.
For agent workflows, fetch the current survey first, modify only the intended top-level fields, run validate_survey with operation: "patch", and then submit the same patch with patch_survey.
Input:
Output uses the same survey resource shape as GET /api/v3/surveys/{surveyId} and includes the MCP requestId.

delete_survey

Deletes one survey by ID. The tool is destructive, writes data, and is not idempotent. Input:
The v3 REST delete operation returns 204 No Content. The MCP tool result contains the requestId so callers can correlate the audit trail:

Relationship To V3 Surveys API

The MCP server does not run custom survey database queries. Each tool calls the shared server-only v3 survey operations used by the REST routes:
MCP ToolREST Contract
list_surveysGET /api/v3/surveys
get_surveyGET /api/v3/surveys/{surveyId}
create_surveyPOST /api/v3/surveys
validate_surveyPOST /api/v3/surveys/validate
patch_surveyPATCH /api/v3/surveys/{surveyId}
delete_surveyDELETE /api/v3/surveys/{surveyId}
When the v3 OpenAPI contract changes, update the MCP schemas and this page together. The hand-maintained v3 OpenAPI spec lives at docs/api-v3-reference/openapi.yml.

Limitations

  • OAuth is user-delegated only. Machine-to-machine client credentials for MCP are not supported.
  • OAuth access tokens must be JWTs audience-bound to /api/mcp; opaque MCP access token introspection is not accepted by the MCP route.
  • API-key authentication remains supported for compatibility and fallback use.
  • The MCP server exposes only the v3 survey operations listed on this page.
  • Tool coverage depends on the current v3 Surveys REST endpoint coverage.
  • create_survey creates link surveys only. In-app survey creation and distribution settings are not part of the current v3 create operation.
  • patch_survey follows the v3 PATCH contract: top-level partial document updates only, no JSON Patch, and no nested deep merge. Provided top-level objects and arrays replace their whole subtree and can remove omitted nested entries.
  • validate_survey validates payload shape and references; it does not create languages, survey versions, or surveys.
  • Query-string credentials are rejected; use headers for API keys.
  • Large request bodies are rejected before the MCP handler using the same body-size policy as v3 APIs.

Implementation Files

  • apps/web/app/api/mcp/route.ts
  • apps/web/modules/mcp/auth.ts
  • apps/web/modules/mcp/server.ts
  • apps/web/modules/mcp/tools/surveys.ts
  • apps/web/modules/mcp/tools/schemas.ts
  • apps/web/app/api/v3/surveys/lib/operations.ts