Your APIs as AI tools. In minutes, not days.

The Model Context Protocol (MCP) defines a standard way for AI agents to discover and invoke external tools. Apitide turns your existing workflow routes into MCP-compliant tools automatically — no extra code, no separate tool definitions, no schema writing.

Select the workflow routes you want to expose when creating an MCP server. Apitide reads the route's trigger configuration — HTTP method, endpoint path, request schema, query parameters, and description — and generates the MCP tool definition from that metadata. The tool name is derived from the route slug, with an optional workflow prefix for disambiguation across large route lists.

When an AI agent calls a tool, Apitide executes the corresponding workflow route with the agent-supplied parameters, applies any configured transformations, and returns the result. The full Apitide execution engine runs — parallel steps, caching, credential injection, schema validation — exactly as it does for regular HTTP calls. The agent gets a clean, structured response without knowing anything about the underlying service topology.

Most teams that want user-aware MCP tools assume they need an external OAuth provider. They don't. If you have any endpoint that validates credentials and returns a token — a workflow calling your existing auth service, your own login API, a database lookup — that is all the MCP server needs.

Configure the custom login option: point it at a workflow route, tell it which fields in the request body contain the username and password, and specify the dot-notation path to the token in the response (e.g. "access_token" or "data.token"). The MCP server shows a branded login form to the user, POSTs the credentials to your workflow, and extracts the token from the response. That token is stored in the MCP session and forwarded as an Authorization header on every subsequent tool call.

This changes what your tools can do. Instead of anonymous tool calls where every request looks identical, your workflows receive the authenticated user's token on every invocation — they know who is asking. A "get my orders" tool can call your orders service with the user's bearer token and return their orders, not a generic list. A "create quote" tool executes with the user's permissions. The AI agent acts on behalf of the authenticated user, with full user context, across the entire session.

For teams that do use an external OAuth provider — Auth0, AWS Cognito, Google, any OAuth 2.0 compliant IdP — the redirect login option works the same way. The user is redirected to the provider's login page, authenticates there, and the provider's access token is stored in the MCP session and forwarded on tool calls. Both login methods produce the same outcome: an authenticated session with a user token that tools receive on every call.

The default OAuth session lifetime is one hour — a sensible conservative default for interactive use cases. But AI agents are not interactive users. A Claude Desktop session running background tasks should not be interrupted hourly for re-authentication; a session that expires mid-task forces the user to restart the entire operation.

Apitide lets you set the session expiry per MCP server, with presets for 1 hour, 8 hours, 1 day, 7 days, and 30 days, as well as a custom duration in seconds. The expiry is stored with each session and reported to the MCP client in the token response — the client's internal refresh timer is set to the full configured duration rather than counting down from a partial session lifetime.

This also fixes the double re-authentication problem that occurs when clients check token validity at expiry time: because the token response carries the full session lifetime rather than the remaining seconds, clients set their refresh timer correctly from the moment the token is issued.