# MCP for Codex

> Connect the OpenAI Codex CLI to SiberMate by adding a remote MCP server in config.toml.

Last updated: 2026-06-15

## Server URLs

- Default remote MCP URL: `https://mcp.sibermate.com/mcp`
- Multi-tenant profile URL: `https://mcp.sibermate.com/profile/{YOUR TENANT DOMAIN}/mcp`
- Example profile URL: `https://mcp.sibermate.com/profile/sibermate.com/mcp`

## Setup Notes

- Edit ~/.codex/config.toml and add the [mcp_servers.sibermate] table below.
- Set SIBERMATE_API_KEY in your environment; Codex sends it as an Authorization: Bearer header.
- Some Codex builds require experimental_use_rmcp_client = true for HTTP servers. Use the domain profile URL for multiple tenants.

## Authentication

- Recommended remote flow: OAuth discovery from the MCP server URL.
- Bearer fallback: use `Authorization: Bearer <SIBERMATE_API_KEY>` only when the client supports custom headers.
- Local stdio fallback: `npx -y @sibermatedev/mcp` with `SIBERMATE_API_KEY` in the client environment.

## Codex config.toml

```
[mcp_servers.sibermate]
url = "https://mcp.sibermate.com/mcp"
bearer_token_env_var = "SIBERMATE_API_KEY"
```

## Safety Checklist

- Use a dedicated tenant API key for MCP setup.
- Keep API keys out of prompts, screenshots, repositories, browser history, and shared docs.
- For profile URLs, the domain in the URL must match the tenant returned by the API key.
- Review generated action plans before sending assignments, reminders, removals, uploads, or deletions.

Related docs:

- https://docs.sibermate.com/mcp
- https://docs.sibermate.com/api-reference.md
- https://api.sibermate.com/v1/openapi.json