HTTP server

PresentFast hosts a remote MCP server at https://presentfast.com/api/mcp. Any spec-compliant client (claude.ai, custom integrations, your own agent) can attach. Authentication uses OAuth 2.0 with PKCE; clients self-register via RFC 7591 Dynamic Client Registration. No binary to install.

Endpoint: /api/mcp
Transport: Streamable HTTP
Auth: OAuth, PKCE, DCR
Spec: 2025-06-18

When should I use the remote HTTP server?

The remote server speaks the Model Context Protocol over a single Streamable HTTP endpoint. Sessions are short-lived and stateless; every request is authenticated with a Bearer access token issued by PresentFast's OAuth authorization server.

Choose this server when:

You don't control the host machine (browser-based clients, SaaS).
You want one auth flow per identity, shared across devices.
You'd rather not ship and update a local binary.

If you're on a terminal or in a code editor, the local stdio server via @presentfast/mcp-server is faster (no network hop). See the Claude Code, Cursor, or Codex guides for that path.

How does authentication work?

PresentFast publishes OAuth 2.0 metadata at the well-known locations required by the spec. A connecting client can bootstrap end-to-end with no manual configuration:

Protected resource metadata

/.well-known/oauth-protected-resource

RFC 9728. Returned in WWW-Authenticate on any unauthenticated request to /api/mcp.

Authorization server metadata

/.well-known/oauth-authorization-server

RFC 8414. Discovers /oauth/authorize, /oauth/token, and /oauth/register.

Dynamic client registration

POST /api/oauth/register

RFC 7591. Clients self-register and receive a client_id. PKCE (S256) is required on every authorize.

Token endpoint

POST /api/oauth/token

Exchanges authorization_code + code_verifier for a Bearer access token. Refresh tokens supported.

Note

You normally don't have to think about any of this. A spec-compliant MCP client discovers the metadata, registers itself, opens the consent screen, and stores tokens automatically. Read on only if you're writing a client from scratch.

How do I connect from Claude.ai?

Web Claude has a one-field setup for remote MCP servers. Open Settings → Connectors → Custom Connectors and paste:

Name: PresentFast
URL:  https://presentfast.com/api/mcp

Click Connect, sign in to PresentFast in the popup, approve the all scope, and you're live. The connector flips to connected and the model can call every tool below.

A longer walk-through with screenshots lives on the Claude.ai guide.

How do I connect from any other MCP client?

Most spec-compliant clients accept a JSON config like this. Drop the PresentFast endpoint into the servers map:

json

{
  "mcpServers": {
    "presentfast": {
      "url": "https://presentfast.com/api/mcp",
      "transport": "http"
    }
  }
}

On first attach the client will follow the OAuth flow described above. If your client doesn't speak DCR yet, register manually:

bash

curl -X POST https://presentfast.com/api/oauth/register \
  -H "Content-Type: application/json" \
  -d '{
    "client_name": "my-custom-agent",
    "redirect_uris": ["http://localhost:3333/callback"],
    "grant_types": ["authorization_code", "refresh_token"],
    "response_types": ["code"],
    "token_endpoint_auth_method": "none"
  }'

The response contains the client_id you'll pass to /api/oauth/authorize.

What tools does the HTTP server expose?

Tool	Kind	Summary
publish_presentation	Mutating	Publish an inline Markdown or HTML deck. Returns a public share URL.
list_presentations	Read	List the authenticated user's presentations with metadata.
update_presentation	Mutating	Rename a presentation by id.
get_presentation_analytics	Read	Fetch visits, unique visitors, avg time-on-deck and click insights for one share URL.
start_login	Auth	Begin the OAuth device flow (stdio clients only). Web clients use the standard authorization-code flow.

How do I smoke-test my connection?

Once you have an access token (copy it from your client's session storage, or run a manual authorize + token flow), poke tools/list:

bash

curl -sS https://presentfast.com/api/mcp \
  -H "Authorization: Bearer $PF_ACCESS_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "jsonrpc": "2.0",
    "id": 1,
    "method": "tools/list"
  }'

A 401 with a WWW-Authenticate header pointing to the Protected Resource Metadata means your token is missing or expired. Re-run the flow and try again.

What rate limits and error codes should I expect?

Code	Meaning	Recovery
401	Missing or expired Bearer token.	Refresh, or restart the OAuth flow from the metadata URL.
403	Token lacks the requested scope.	Re-authorize and accept the `all` scope.
429	Rate-limited per client.	Honor `Retry-After`. Default budget is generous; sustained bursts will throttle.
5xx	Server fault.	Retry with exponential backoff. Persistent 5xx, file an issue.

OAuth grants are listed and revocable under Settings on your account.