Understanding MCP Tools

The Model Context Protocol (MCP) lets other AI clients call tools from Corbis.

That means you can use Corbis research and data tools inside products like Cursor, Claude Code, ChatGPT, and other MCP-compatible clients instead of staying only inside the Corbis web app.

Why People Use MCP

MCP is useful when you want to:

• run Corbis tools from your editor or another AI interface
• keep your research flow in one place
• bring source-backed paper search and economic data into another client
• avoid copying results back and forth by hand

What Corbis Exposes Over MCP

The exact tool list can change over time, and availability depends on your account and MCP key settings.

In practice, Corbis currently exposes tools in categories like:

• academic paper search and paper details
• literature search
• FRED search and batch time-series retrieval
• market data snapshots, comparisons, and trends
• internet and deep web research
• citation formatting and citation export
• dataset discovery
• academic identity tools
• a general "query Corbis" tool

If you only need one mental model, use this one: MCP gives another AI client access to the same kinds of research actions Corbis can perform directly.

The Easiest Setup

For most users, the simplest setup is a personal MCP API key from Corbis.

Step 1: Create a key

In Corbis, open Settings → API Keys, create an MCP key, and copy it when it is shown.

Important:

• copy the token when it is shown
• tokens are only revealed once
• revoke and replace a key if you think it has been exposed

Step 2: Point your client at the universal endpoint

Use your Corbis origin (the same host you use in the browser for the app—not a marketing URL unless that is where the app actually runs). The MCP path you need is:

/api/mcp/universal

Build the full URL as: the same origin you use for the web app (scheme, host, and port if any) plus the path /api/mcp/universal.

Most clients connect with that URL plus your MCP key.

Step 3: Use the connection method your client expects

Corbis already helps with the common cases:

• Cursor: one-click install or downloadable JSON config
• Claude Code: copyable CLI command
• Other MCP clients: universal endpoint plus your key

If you are not sure which transport to use, prefer the streamable HTTP setup against /api/mcp/universal unless your client docs require something else.

Authentication (API key vs OAuth)

• Personal MCP API keys — Created in Settings → API Keys. This is the default path for editors and local MCP clients (Cursor, Claude Code, and similar).

• OAuth — Used when a supported integration (for example a hosted assistant product) implements Corbis’s OAuth flow so users sign in and approve access in the web app. You do not need OAuth for a simple “URL + MCP key” setup.

If the client accepts it, send your key as an Authorization: Bearer … header. OAuth access tokens use the same header style after you complete the integration’s login flow.

Security: Some clients allow putting the key on the URL as a query parameter. That can be easier to leak (logs, referrers, shared links). When the client supports header-based auth, prefer Bearer tokens or OAuth over query-string tokens, especially in untrusted or shared environments.

OAuth scope and consent details for implementers are documented in lib/mcp/OAUTH2_IMPLEMENTATION.md in the repository (not required reading for basic API-key setup).

Advanced / other surfaces

Prefer /api/mcp/universal for new setups. Other routes exist for compatibility and discovery:

• /api/mcp/sse and /api/mcp/message — Legacy SSE transport pair for clients that need a dedicated SSE URL instead of streamable HTTP on the universal route.
• /.well-known/oauth-protected-resource, /.well-known/oauth-authorization-server, /.well-known/openid-configuration — OAuth / OpenID discovery metadata for clients that probe well-known URLs.
• /api/mcp/oauth/register, /api/mcp/oauth/authorize, /api/mcp/oauth/token — Dynamic registration, authorization, and token exchange for supported OAuth integrations.

This section names routes only; it is not a full OAuth tutorial.

Practical Tips

• Create separate keys for separate devices or clients.
• Name keys clearly so you can revoke the right one later.
• Treat MCP keys like passwords.
• If a tool seems missing, check your plan and the key configuration first.
• If a client offers both modern HTTP MCP and older SSE-based options, prefer HTTP on /api/mcp/universal unless you know you need the legacy path.

Common Questions

Do I need a paid plan to use MCP?

Tool access depends on your account entitlements and key configuration. The safest answer is to check your current plan and limits in Corbis.

Can I use Corbis from my editor?

Yes. That is one of the main MCP use cases.

Can I connect more than one client?

Yes. Many users create separate keys for different clients so they can revoke them independently.

Where do I get help if the connection fails?

Start in Settings → API Keys and make sure you are using the right endpoint and token. If that still fails, contact support.

Further reading (repository)

If you are working from a checkout of the Corbis codebase:

• docs/ai-sdk/mcp/ — Corbis MCP guides (Cursor plugin, Claude Code, Codex, and related).
• lib/mcp/CHATGPT_GUIDE.md — ChatGPT-oriented setup notes.

Related Guides

• Quick Start Guide
• Plans & Pricing