MCP Integration
The Specor MCP server exposes your product graph as a set of tools that any MCP-compatible AI client can call. This lets Claude Desktop, Cursor, Windsurf, and other clients read your product model and propose changes without leaving your editor.
What you can do
Once connected, your AI assistant can:
- Read the graph — query domains, capabilities, features, flows, rules, metrics, and acceptance criteria in any branch
- Search nodes — find features by keyword or semantic similarity
- Create and update nodes — draft new features, add metrics, link needs — all through the standard command pipeline
- Read suggestions — see pending AI suggestions and act on them from the chat
- Query history — ask what changed on a branch and when
Everything goes through the same event-sourced pipeline as the app, so changes are versioned and reversible.
Setup
1. Get your API token
Go to app.specor.ai → Account → API Tokens → New token. Copy the token — it will not be shown again.
2. Add the server to your MCP client
The Specor MCP server is hosted at https://mcp.specor.ai/mcp and uses the SSE transport — no local installation required.
Claude Desktop
Open ~/Library/Application Support/Claude/claude_desktop_config.json (macOS) or %APPDATA%\Claude\claude_desktop_config.json (Windows) and add:
{ "mcpServers": { "specor": { "url": "https://mcp.specor.ai/mcp", "headers": { "Authorization": "Bearer your-token-here", "X-Workspace-ID": "your-workspace-id" } } }}Restart Claude Desktop. You should see a Specor tool indicator in the chat input.
Cursor
In Cursor Settings → MCP → Add server:
{ "specor": { "url": "https://mcp.specor.ai/mcp", "headers": { "Authorization": "Bearer your-token-here", "X-Workspace-ID": "your-workspace-id" } }}Other clients
Any client that supports the MCP SSE transport works. Point it at https://mcp.specor.ai/mcp and pass Authorization: Bearer <token> and X-Workspace-ID: <workspace-id> as request headers.
3. Optional: scope to a branch
By default the server reads from and writes to main. To work on a specific branch, add the X-Branch-ID header:
"headers": { "Authorization": "Bearer your-token-here", "X-Workspace-ID": "your-workspace-id", "X-Branch-ID": "your-branch-id"}You can find branch IDs in the Branches view inside the app.
Available tools
| Tool | Description |
|---|---|
list_domains | List all domains in the workspace |
get_domain | Get a domain with its capabilities |
list_features | List features, optionally filtered by capability |
get_feature | Get a feature with its rules, metrics, flows, and acceptance criteria |
search_nodes | Full-text search across all node titles and descriptions |
get_node | Get any node by ID |
get_neighbors | Get nodes connected to a given node |
create_node | Create a new node (any type) |
update_node | Update fields on an existing node |
create_edge | Add a typed relationship between two nodes |
create_feature | Shorthand: create a feature under a capability with optional linked needs |
add_metric | Add a metric to a feature |
add_acceptance_criteria | Add an acceptance criterion to a feature |
add_rule | Add a rule to a feature |
list_suggestions | List pending AI suggestions |
list_branches | List branches in the workspace |
Example prompts
Once connected, try these in your AI client:
“What features does the Checkout domain have and which ones are missing metrics?”
“Add an acceptance criterion to the One-click Purchase feature: ‘User completes checkout in ≤ 3 taps’”
“Show me all pending AI suggestions for the payments branch and help me fix the naming ones.”
“Create a new capability called ‘Fraud Detection’ under the Checkout domain, then add a feature called ‘Real-time transaction scoring’.”
Permissions
The MCP server uses your API token and respects your role:
- Viewer token — read-only; write tools return a permission error
- Editor token — full read/write except ontology changes
- Admin token — full access
Use a viewer token for read-only integrations (e.g. dashboards, documentation generation).
Security
- Tokens are scoped to a single workspace
- All writes go through the same validation pipeline as the app — invalid commands are rejected with structured errors
- Revoke tokens at any time from Account → API Tokens