Skip to main content

Connecting

The DEON MCP server speaks the Streamable HTTP transport of the Model Context Protocol. There is a single MCP endpoint:

POST https://api.deon.cloud/mcp

The server is stateless — no session handshake is required, and GET/DELETE on /mcp return 405. A GET https://api.deon.cloud/health returns {"status":"ok"} for availability checks, and the root URL serves a human-readable status page.

Authentication

Every request must carry a DEON API token in the Authorization header. You can generate one at https://account.deon.cloud/account/api-tokens. Tokens start with deon_tk_ and two header schemes are accepted:

Authorization: Bearer deon_tk_...
Authorization: DeonApiKey deon_tk_...

Most MCP clients send Bearer by default. The token is validated on every request and the server acts as the token's user — an agent can only see and edit the projects that user can access.

StatusMeaning
401Missing or invalid token. JSON-RPC error -32001: "Unauthorized: a valid DEON API token (deon_tk_…) is required."
405GET or DELETE on /mcp — only POST is supported.
note

The token must belong to the environment the server is configured against (production, staging, or development). A staging token is rejected by a production deployment and vice versa.

Claude Code

claude mcp add --transport http deon https://api.deon.cloud/mcp \
--header "Authorization: Bearer deon_tk_..."

JSON Configuration (Cursor, VS Code, Claude Code)

For clients that support HTTP MCP servers directly in a JSON config file — such as Cursor, VS Code, and Claude Code's project-level .mcp.json:

{
"mcpServers": {
"deon": {
"type": "http",
"url": "https://api.deon.cloud/mcp",
"headers": {
"Authorization": "Bearer deon_tk_..."
}
}
}
}
caution

This format does not work for Claude Desktop — see below.

Claude Desktop

Claude Desktop's claude_desktop_config.json only accepts stdio servers (command + args). Entries with "type": "http", "url", or "headers" are rejected at startup ("…are not valid MCP server configurations and were skipped"). Remote servers are officially supported only through Settings → Connectors, but those expect OAuth rather than a static bearer token, so DEON's deon_tk_ tokens can't be used there either.

You can locate or create claude_desktop_config.json directly from within Claude Desktop via Settings → Developer → Edit Config — this opens the file in your default editor at the standard location for your OS, creating it first if it doesn't exist yet.

The working approach is to bridge the remote server to stdio with mcp-remote. This requires Node.js (which provides npx):

{
"mcpServers": {
"deon": {
"command": "npx",
"args": [
"-y", "mcp-remote", "https://api.deon.cloud/mcp",
"--header", "Authorization:${DEON_AUTH}"
],
"env": { "DEON_AUTH": "Bearer deon_tk_..." }
}
}
}
note

Passing the token via the env block rather than inline in args is intentional: Claude Desktop has a known bug with spaces inside args values, so the Bearer deon_tk_... value (which contains a space) is injected through the ${DEON_AUTH} variable instead.

Microsoft Copilot Studio

Copilot Studio connects to the DEON MCP server over the Streamable HTTP transport, which the server uses natively. Authentication is done with an API key sent as a header — this maps directly onto DEON's Authorization header.

  1. Open your agent and go to the Tools page.

  2. Select Add a tool → New tool → Model Context Protocol.

  3. Fill in the basic details:

    • Server name: e.g. DEON
    • Server description: a short description of what the server does — the agent orchestrator uses this to decide when to call it, e.g. "Access and edit DEON projects, documents, and knowledge."
    • Server URL: https://api.deon.cloud/mcp
  4. For the authentication type, select API key, then configure it as follows:

    • Type: Header
    • Header/parameter name: Authorization
  5. Select Create, then create a new connection. When prompted for the API key value, enter your full token including the scheme:

    Bearer deon_tk_...

    (The DeonApiKey deon_tk_... scheme works here too.)

  6. Select Add to agent to finish.

Each user of the agent supplies their own token, and the agent acts as that token's user — see Authentication.

Custom connector (OpenAPI) alternative

If you set up the server through a Power Apps custom connector instead of the wizard, import an OpenAPI file that marks the /mcp operation with the Streamable agentic protocol:

swagger: '2.0'
info:
title: DEON
description: DEON MCP server (Streamable HTTP) for Copilot Studio
version: 1.0.0
host: api.deon.cloud
basePath: /
schemes:
- https
paths:
/mcp:
post:
summary: DEON MCP Server
x-ms-agentic-protocol: mcp-streamable-1.0
operationId: InvokeMCP
responses:
'200':
description: Success

Configure the connector's security to send the Authorization header (API key), matching the wizard setup above.

note

Copilot Studio dropped support for the deprecated SSE transport in August 2025 — only the Streamable HTTP transport (which DEON uses) is supported.

MCP Inspector

To explore the tools interactively:

npx @modelcontextprotocol/inspector

Choose Streamable HTTP, enter https://api.deon.cloud/mcp as the URL, and add an Authorization: Bearer deon_tk_... header.

curl

A raw JSON-RPC initialize request, for debugging:

curl -X POST "https://api.deon.cloud/mcp" \
-H "Authorization: Bearer deon_tk_..." \
-H "Content-Type: application/json" \
-H "Accept: application/json, text/event-stream" \
-d '{
"jsonrpc": "2.0",
"id": 1,
"method": "initialize",
"params": {
"protocolVersion": "2025-03-26",
"capabilities": {},
"clientInfo": { "name": "curl", "version": "0.0.0" }
}
}'

List the available tools the same way with "method": "tools/list".

Limits

  • Request bodies are limited to 25 MB — this is the effective ceiling for base64 payloads sent to upload_image.
  • list_projects returns at most 200 projects per call; retrieve_knowledge returns at most 50 citations.