Skip to main content
Smithery Connect is Smithery’s managed service for connecting to MCP servers. Instead of implementing the MCP protocol directly, handling OAuth flows, and managing credentials yourself, Smithery Connect provides a simple REST interface that handles all of this for you.

Why Smithery Connect?

Smithery Connect lets you add MCP server integrations to your app without managing the complexity yourself:
  • Zero OAuth configuration — No redirect URIs, client IDs, or secrets to configure. Smithery maintains OAuth apps for popular integrations.
  • Automatic token refresh — Tokens refresh automatically before expiry. If a refresh fails, the connection status changes to auth_required.
  • Secure credential storage — Credentials are encrypted and write-only. They can be used to make requests but never read back.
  • Stateless for you — Smithery Connect manages connection lifecycle. Make requests without worrying about reconnects, keepalives, or session state.
  • Scoped service tokens — Mint short-lived tokens for browser or mobile clients to call tools directly, scoped to specific users and namespaces.

Quick Start

# 1. Log in to Smithery
smithery auth login

# 2. Connect to the Exa search server
smithery mcp add https://server.smithery.ai/exa --id exa

# 3. List available tools
smithery tool list exa

# 4. Call a tool
smithery tool call exa search '{"query": "latest news about MCP"}'

Servers with Configuration

Some MCP servers require configuration like API keys or project IDs. How you pass each config value depends on the server’s schema — some values go as headers (typically API keys), while others go as query parameters in the MCP URL. Check the server’s page on smithery.ai to see what configuration it requires and where each value should go. 
# Add a server with config (API key as header, project ID as query param)
smithery mcp add \
  '@browserbasehq/mcp-browserbase?browserbaseProjectId=your-project-id' \
  --id my-browserbase \
  --headers '{"browserbaseApiKey": "your-browserbase-api-key"}'
Unlike OAuth-based servers that return auth_required, servers configured with API keys return connected immediately.
Each server’s config schema specifies whether a field is passed as a header or query parameter via the x-from metadata. See Session Configuration for details on how servers declare their config transport.

Multi-User Setup

When your agent serves multiple users, you’ll need to track which connections belong to which user. Use the metadata field to associate connections with your users, then filter by metadata to retrieve a specific user’s connections.

1. Create a Connection for a User

When a user wants to connect an integration (e.g., GitHub), create a connection with their userId in metadata: 
smithery mcp add https://server.smithery.ai/github \
  --id user-123-github \
  --name "GitHub" \
  --metadata '{"userId": "user-123"}'

# If OAuth is required, the CLI outputs the auth URL:
# → auth_required
# → https://auth.smithery.ai/...
# Visit the URL to authorize

2. List a User’s Connections

When your agent needs to know what tools are available for a user, list their connections: 
smithery mcp list --metadata '{"userId": "user-123"}'

3. Use Tools Across Connections

Create MCP clients for each connection and aggregate their tools: 
# List tools for a connection
smithery tool list user-123-github

# Call a tool
smithery tool call user-123-github search_repositories \
  '{"query": "mcp"}'

Core Concepts

Namespaces

A namespace is a globally unique identifier that groups your connections. Create one namespace per application or environment (e.g., my-app, my-app-staging). If you don’t specify a namespace, the SDK uses your first existing namespace or creates one automatically.

Connections

A connection is a long-lived session to an MCP server that persists until terminated. Each connection:
  • Has a connectionId (developer-defined or auto-generated)
  • Stores credentials securely (write-only—credentials can never be read back, only used to execute requests)
  • Can include custom metadata for filtering (e.g., userId to associate connections with your users)
  • Returns serverInfo with the MCP server’s name and version
OptionTypeDescription
clientSmithery?The Smithery client instance. If not provided, auto-created using SMITHERY_API_KEY env var
mcpUrlstring?The MCP server URL. Required when connectionId is not provided
namespacestring?If omitted, uses first existing namespace or creates one
connectionIdstring?If omitted, an ID is auto-generated
Returns a SmitheryConnection with { transport, connectionId, url }. Throws SmitheryAuthorizationError if OAuth authorization is required (see Handling Authorization).

Connection Status

When you create or retrieve a connection, it includes a status field:
StatusDescription
connectedConnection is ready to use
auth_requiredOAuth authorization needed. Includes authorizationUrl to redirect the user
errorConnection failed. Includes error message

Authentication

Smithery Connect uses two authentication methods:
TokenUse CaseAccess
API KeyBackend onlyFull namespace access
Service TokenBrowser, mobile, agentsScoped access to specific connections
Get your API key from smithery.ai/account/api-keys.
Never expose your API key to untrusted clients or agents. Use scoped service tokens for browser and mobile apps.

OAuth Flow

When an MCP server requires OAuth:
  1. Create a connection—the response status will be auth_required with an authorizationUrl
  2. Redirect the user to authorizationUrl
  3. User completes OAuth with the upstream provider (e.g., GitHub)
  4. User is redirected back to your app
  5. The connection is now ready—subsequent requests will succeed
You don’t need to register OAuth apps, configure redirect URIs, or handle token exchange. Smithery manages the OAuth relationship with upstream providers and stores credentials securely on your behalf.

Handling Authorization

When using the SDK, createConnection() throws a SmitheryAuthorizationError if the MCP server requires OAuth. The error contains the URL to redirect the user to and the connection ID to retry with after authorization completes. 
# Connect to a server that requires OAuth
smithery mcp add https://server.smithery.ai/github

# If auth is required, the CLI outputs the authorization URL:
# → auth_required
# → https://auth.smithery.ai/...
# → connection_id: abc-123-github
# Visit the URL to authorize, then retry
After the user completes authorization and returns to your app, retry with the saved connectionId: 
# After authorization, the connection is ready
smithery tool list abc-123-github

Service Tokens

Service tokens let you safely use the Smithery Connect from browsers, mobile apps, and AI agents without exposing your API key. Your backend mints a scoped token, then your client uses it to call tools directly. 
smithery auth token --policy '[{
  "namespaces": "my-app",
  "resources": "connections",
  "operations": ["read", "execute"],
  "metadata": { "userId": "user-123" },
  "ttl": "1h"
}]'
This token can only access connections in my-app where metadata.userId matches user-123. Initialize the client with the token: 
# Use the scoped token to call tools
SMITHERY_API_KEY=$TOKEN smithery tool list user-123-github
Need workspace-level scoping, read-only tokens, or token narrowing? See Token Scoping for the full guide.

Advanced

For full API documentation, see the Smithery Connect Reference.

Direct MCP Calls

Call MCP methods directly via the Streamable HTTP endpoint: 
# List available tools
smithery tool list user-123-github

# Call a tool
smithery tool call user-123-github search_repositories \
  '{"query": "mcp"}'