Descope Docs

Add Descope documentation, guides, and API reference to your AI assistant. One URL, any supported IDE.

How to install

Pick your IDE or client and add the server. No OAuth or login required.

Add to your MCP config (e.g. Cursor Settings → Tools & MCP → Open config).

Restart Cursor if the server does not appear.

VS Code supports MCP when using GitHub Copilot in Agent mode. Add a .vscode/mcp.json in your project root (or your user MCP config location):

Define MCP servers in your OpenCode config under mcp. Add each MCP with a unique name—you can refer to it by name when prompting the LLM.

Add to opencode.jsonc:

From the terminal:

Verify it's configured:

codex mcp list

Alternatively, add in ~/.codex/config.toml:

Run in your terminal:

Open Settings → Connectors
Click Add Connector and enter:
Save. No OAuth or login is required for the Descope Docs server.

Open Windsurf Settings (e.g. Cmd+, on Mac) and search for MCP
Click View raw config to open mcp_config.json
Add the Descope Docs server (see below)
Save and restart Windsurf.

Go to ChatGPT Settings → Connectors (requires login)
Click Add Connector and enter:
Save. No OAuth or login is required for the Descope Docs server.

What you get

Two MCP tools: ask questions and search docs.

Ask about Descope

ask-question-about-descope

Troubleshooting, feature questions, and conceptual help from an AI that knows Descope.

Search docs

search-descope-docs

Semantic search across documentation and public sources; use the extracts in your workflow.

What you can ask

You can use the Docs MCP Server for a wide range of Descope-related questions. Examples:

Troubleshooting

Why am I getting "Invalid session token" when validating a JWT in my API?
Magic link sign-in works in dev but fails in production—what should I check?
How do I fix CORS errors when embedding the Descope flow?

How-to and setup

How do I add Google OAuth to my Descope flow?
What are the steps to configure an MCP server in Descope?
How do I map SSO groups to Descope roles?

Concepts and capabilities

What's the difference between project-level and tenant-level roles?
Does Descope support passkeys? How do I enable them?
How does refresh token rotation work and when is the old token invalidated?

SDK and API

How do I get the session token in the React SDK?
What's the backend API to create a user with the Management API?
How do I validate a Descope JWT in a Lambda authorizer?

MCP and agents

How do I secure my MCP server with Descope?
What scopes do I need for tool-level access control?

Advanced and architectural

You can ask multi-part or architectural questions; the agent understands the Descope SDKs and can help you design backend and frontend flows end-to-end. Include your stack (e.g. Next.js, Express, React) and whether you use project-level or tenant-level roles.

Design my backend: I need session validation on every API route plus role checks so only users with the "admin" role can access /api/settings. I'm using Python and FastAPI.
Architect the frontend: I want a sign-in page, a protected dashboard that requires authentication, and a separate admin section that also requires the "admin" role. Use the React SDK and show how to guard routes and conditionally render the admin UI.
Design end-to-end: Next.js app with Descope (login, session, logout), API routes that check a custom role claim, and pages that are public vs protected vs admin-only.
How do I implement step-up authentication for a sensitive action? I need the user to re-authenticate (e.g. MFA) before allowing access—what flow and SDK calls do I use on the frontend and how do I validate the step-up on the backend?

For best results, include relevant context (e.g. "Next.js 14", "using the Python SDK", "OIDC app") so the answer can be tailored to your stack.