# MCP for Windsurf

> Connect Windsurf (Cascade) to SiberMate through its MCP configuration using the remote server URL.

Last updated: 2026-06-15

## Server URLs

- Default remote MCP URL: `https://mcp.sibermate.com/mcp`
- Multi-tenant profile URL: `https://mcp.sibermate.com/profile/{YOUR TENANT DOMAIN}/mcp`
- Example profile URL: `https://mcp.sibermate.com/profile/sibermate.com/mcp`

## Setup Notes

- Open the Windsurf MCP config (~/.codeium/windsurf/mcp_config.json) from Cascade settings.
- Add SiberMate with serverUrl and an Authorization header (${env:VAR} is supported).
- Use the domain profile URL for side-by-side tenants.

## Authentication

- Recommended remote flow: OAuth discovery from the MCP server URL.
- Bearer fallback: use `Authorization: Bearer <SIBERMATE_API_KEY>` only when the client supports custom headers.
- Local stdio fallback: `npx -y @sibermatedev/mcp` with `SIBERMATE_API_KEY` in the client environment.

## Windsurf mcp_config.json

```
{
  "mcpServers": {
    "sibermate": {
      "serverUrl": "https://mcp.sibermate.com/mcp",
      "headers": {
        "Authorization": "Bearer ${env:SIBERMATE_API_KEY}"
      }
    }
  }
}
```

## Safety Checklist

- Use a dedicated tenant API key for MCP setup.
- Keep API keys out of prompts, screenshots, repositories, browser history, and shared docs.
- For profile URLs, the domain in the URL must match the tenant returned by the API key.
- Review generated action plans before sending assignments, reminders, removals, uploads, or deletions.

Related docs:

- https://docs.sibermate.com/mcp
- https://docs.sibermate.com/api-reference.md
- https://api.sibermate.com/v1/openapi.json