> ## Documentation Index
> Fetch the complete documentation index at: https://docs.enokilabs.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Connect your agent

> Wire your coding agent to the Enoki MCP server and register your first target.

Enoki runs a remote **MCP server** so your own coding agent — Claude Code, Cursor,
or any MCP-capable client — can drive the whole loop: register a target, run an
assessment, read validated findings, and confirm a fix. This page connects your
client and registers your first target.

<Info>
  **Endpoint:** `https://mcp.enokilabs.ai/mcp` (streamable HTTP).
</Info>

## Prerequisites

* An Enoki workspace (you sign in at [app.enokilabs.ai](https://app.enokilabs.ai)).
* A workspace **API key** with the `read` and `write` scopes — and `test:run` if
  you want your agent to trigger assessments. See [API keys & scopes](/api-keys)
  for how to mint one (workspace admins only). Keys look like `egk_…` and are
  shown once.

<Warning>
  The full setup flow needs **both `read` and `write`** — `write` does not imply
  `read`. Mint the key with both (plus `test:run` to trigger runs). Keys end up in
  agent config files, so grant the least you need, never the all-scopes default.
</Warning>

## Connect your client

Authenticate with your API key as a Bearer token. Pick your client:

<Tabs>
  <Tab title="Claude Code">
    One command — `--scope user` makes the server available in every project, not
    just the current one:

    ```bash theme={null}
    claude mcp add --scope user --transport http enoki \
      https://mcp.enokilabs.ai/mcp \
      --header "Authorization: Bearer egk_your_key_here"
    ```

    Verify with `claude mcp list` (or `/mcp` inside a session). The tools appear as
    `mcp__enoki__get_setup_guide`, `mcp__enoki__create_target`, and so on.
  </Tab>

  <Tab title="Cursor">
    Add Enoki to your `~/.cursor/mcp.json` (global) or a project `.cursor/mcp.json`:

    ```json theme={null}
    {
      "mcpServers": {
        "enoki": {
          "url": "https://mcp.enokilabs.ai/mcp",
          "headers": {
            "Authorization": "Bearer egk_your_key_here"
          }
        }
      }
    }
    ```

    Cursor picks it up from **Settings → MCP**; the Enoki tools show as connected.
  </Tab>

  <Tab title="VS Code / other">
    Any client that supports remote MCP over `mcp-remote` works — point it at the
    endpoint with the Bearer header:

    ```json theme={null}
    {
      "mcpServers": {
        "enoki": {
          "command": "npx",
          "args": [
            "-y", "mcp-remote", "https://mcp.enokilabs.ai/mcp",
            "--header", "Authorization: Bearer egk_your_key_here"
          ]
        }
      }
    }
    ```

    This covers VS Code, Windsurf, Zed, and most other MCP clients.
  </Tab>

  <Tab title="claude.ai (web)">
    Not yet. The claude.ai web connector authenticates over OAuth, which the Enoki
    MCP server does not offer yet — so a static API key can't be used there.
    Connect a coding-agent client (Claude Code, Cursor) instead. OAuth support is
    on the roadmap and will unlock web connectors.
  </Tab>
</Tabs>

## Register your first target

A "target" is one of your agent endpoints, registered so Enoki can test it.
Your agent builds the connection config from your target's own API docs — the
server ships a `get_setup_guide` tool with the full, always-current field
reference and worked examples, so start there.

<Steps>
  <Step title="Read the setup guide">
    Call **`get_setup_guide`**. It returns the config field reference (generated
    from the live schema, so it never drifts), the semantics the schema can't
    express (response dot-paths, request-body templating, streaming modes, session
    capture), and worked examples for HTTP, SSE-streaming, and WebSocket endpoints.
  </Step>

  <Step title="Check for duplicates">
    Call **`list_targets`** before creating. Creates are not deduplicated: a
    matching name and `endpoint_host` in the same environment is the same target —
    reuse its `model_id`. If only one matches, ask before creating a second.
  </Step>

  <Step title="Create the target">
    Call **`create_target`** with the config you built. It is atomic
    prove-then-persist: Enoki fires one live probe and only saves the target if the
    probe succeeds. A failed probe saves nothing and returns a categorized error so
    you can fix and retry:

    * `unreachable` — DNS, connection, or timeout: check the endpoint URL.
    * `auth_failed` — the target refused authentication: check the auth type and credential.
    * `parse_error` — a reply arrived but the response field matched nothing: fix the dot-path.

    Iterate by calling `create_target` again. There's no update or delete over MCP —
    change stored targets in the dashboard. The response never echoes your config or
    credential.
  </Step>

  <Step title="Run an assessment">
    On success you get a `model_id`. Hand it to **`trigger_assessment`** to start a
    run, then poll **`get_assessment_status`**. Read results with `list_findings`
    and `get_finding`. See the [MCP tool reference](/mcp-tools) for the full surface.
  </Step>
</Steps>

## What's next

<CardGroup cols={2}>
  <Card title="MCP tool reference" href="/mcp-tools">
    Every tool, its inputs and outputs, and the scope each requires.
  </Card>

  <Card title="Troubleshooting" href="/troubleshooting">
    Probe error categories, auth failures (401/403), and rate limits.
  </Card>
</CardGroup>
