X Launches Hosted MCP Servers for Cursor, Claude, Grok Build, and Other AI Tools


X has launched hosted Model Context Protocol servers that let AI tools connect more easily to the X API and X developer documentation.

The new setup supports tools such as Grok Build, Cursor, Claude Desktop, VS Code, and other MCP-compatible clients. According to X’s MCP documentation, developers can connect AI tools to the X API through a hosted MCP server at api.x.com/mcp and to X documentation through a separate hosted server at docs.x.com/mcp.

The change does not appear to add new X API capabilities. Instead, it reduces the integration work needed to expose X data, search, trends, bookmarks, and documentation to AI development tools.

X is making its API easier for AI tools to use

Model Context Protocol, or MCP, gives AI tools a common way to connect with external services. The official MCP documentation describes it as an open standard for connecting AI applications to data sources, tools, and workflows.

For developers, the main advantage is simpler setup. Before this launch, teams that wanted Claude, Cursor, or another AI tool to use X data often had to build and host their own MCP server, connect it to the X API, and manage authentication themselves.

TechCrunch reported that X now hosts the MCP layer itself, which lets developers focus more on the application they are building and less on integration plumbing.

Hosted serverPurposeEndpoint
X MCPConnects AI tools to X API featureshttps://api.x.com/mcp
Docs MCPLets AI tools search and read X API documentationhttps://docs.x.com/mcp

What developers can do with X MCP

The hosted X MCP server can expose several X API functions to compatible AI tools. The listed capabilities include post lookup, full-archive search, user lookup, bookmarks, trends, news, and Articles.

That means a coding assistant or agent can help search X data, retrieve user information, inspect trends, or look up documentation while a developer stays inside their normal workflow.

The docs server is narrower. It gives AI tools a way to search X developer documentation and retrieve relevant pages while building or debugging X API integrations.

  • Search posts and X’s full archive through supported API access
  • Look up users, timelines, mentions, and related profile data
  • Fetch trends and news data where available
  • Manage bookmarks and bookmark folders under user-scoped access
  • Search X API documentation from an AI client
  • Retrieve documentation pages without leaving the development tool

OAuth and xurl handle the connection

X’s setup uses two connection routes. Developers can use a simple app-only bearer token for read-only access, or they can use the full xurl bridge for OAuth 2.0 user-context access.

The xurl project is an open-source command-line tool from X’s developer platform team. In this MCP setup, it acts as a local bridge that handles OAuth login and sends a fresh bearer token to the hosted X MCP server.

For the full route, developers need to create an X app, enable OAuth 2.0, register a localhost redirect URI, and provide the app’s client ID and client secret to the MCP client configuration.

RouteBest forLimitations
App-only bearer tokenRead-only API access from clients that support remote MCP with custom headersNo user context, no browser login, no actions as the signed-in user
xurl MCP bridgeUser-context workflows that need OAuth scopes and token refreshRequires a local bridge, Node.js or xurl, and first-run authentication

Cursor, Claude Desktop, and VS Code are supported

X’s documentation includes configuration examples for Grok Build, Cursor, Claude Desktop, VS Code with GitHub Copilot Agent mode, and generic MCP clients.

For Cursor, developers can add an mcp.json file globally or at the project level. For Claude Desktop, developers edit claude_desktop_config.json and add the xapi MCP server configuration.

Claude Code also supports external MCP servers. The Claude Code MCP documentation says MCP servers let Claude connect to tools, databases, APIs, issue trackers, monitoring systems, and other external systems directly instead of relying on pasted context.

Why this matters for real-time AI workflows

X is still one of the fastest places where breaking news, security research, market reactions, public statements, and software updates surface. Giving AI tools a structured way to query that data can help developers build more current applications.

For security researchers, threat intelligence teams, journalists, and analysts, the value is obvious. An AI tool can help search posts, inspect trends, or pull relevant documentation while working through an investigation or development task.

The broader point is that X wants to position its API as a live data layer for AI agents. The launch follows a wider industry shift in which companies publish official MCP servers so AI tools can interact with their services through supported channels.

Write access remains limited

Some early discussions around the launch focused on whether agentic tools could use X MCP to post automatically. X has tried to limit that concern.

TechCrunch said X clarified that the hosted MCP tool is not compatible with X’s Write API endpoints, so it cannot be used to post autonomously on X.

That distinction matters. X’s documentation lists user-context tools such as bookmarks and Articles, but automated posting through the normal Write API is not part of the hosted MCP support described in that report.

Rate limits and API rules still apply

The hosted MCP server does not bypass X’s API rules, pricing, or usage limits. Developers still need an X developer app and the right level of access for the API features they want to use.

X’s rate limit documentation still controls how many requests apps can make across supported endpoints. This means MCP access should behave like another structured way to use the API, not an unlimited data pipe.

This matters for organizations building autonomous workflows. A useful AI agent still needs account controls, scope limits, logging, and review steps when it can access live platform data.

  • Use a dedicated X developer app for MCP access
  • Grant only the scopes required for the workflow
  • Keep client secrets and bearer tokens out of shared config files
  • Monitor MCP activity like any other API integration
  • Watch for rate-limit errors and back off instead of retrying aggressively
  • Separate read-only workflows from user-context workflows

Security teams should treat MCP servers as privileged integrations

MCP makes AI tools more useful, but it also expands the number of systems those tools can touch. A poorly scoped MCP connection can expose data or let an agent perform actions the user did not intend.

The Model Context Protocol is designed to standardize these integrations, but the security model still depends on what permissions a user grants, what server they connect, and how the client handles tool calls.

For X MCP, teams should review OAuth scopes, developer app ownership, secret storage, and audit logging. They should also avoid committing MCP configuration files that contain raw credentials.

X also hosts an MCP server for documentation

The Docs MCP server may prove useful for developers who build against X’s API. It lets an AI assistant search X documentation and fetch relevant pages during coding or debugging.

The X MCP guide says developers can connect both servers at the same time, giving an assistant access to API calls and documentation lookup in the same workflow.

For teams using Claude, the Claude Code guide also recommends verifying that each MCP server is trusted before connecting it, especially when servers fetch external content or expose sensitive tools.

What developers should check before connecting

Developers should first decide whether they need read-only access or user-context access. A simple bearer token may be enough for documentation lookup or basic read workflows, while xurl is the better route for OAuth-based access.

Teams using the xurl CLI should store client ID and client secret values safely, use environment variables where possible, and avoid pasting access tokens into chats, logs, or repositories.

They should also review X’s API rate limits before building agents that perform repeated searches, trend checks, or documentation lookups.

FAQ

What did X launch for AI tools?

X launched hosted Model Context Protocol servers that connect MCP-compatible AI tools to the X API and X developer documentation.

Which AI tools can use X’s hosted MCP servers?

X lists support for Grok Build, Cursor, Claude Desktop, VS Code, and other MCP-compatible clients.

What can X MCP access?

X MCP can expose supported X API features such as post search, full-archive search, user lookup, bookmarks, trends, news, and Articles, depending on the app’s permissions and API access level.

Can X MCP post automatically on X?

X clarified to TechCrunch that the hosted MCP tool is not compatible with X’s Write API endpoints, so it cannot be used to post autonomously on X.

How do developers connect to X MCP?

Developers can use an app-only bearer token for read-only access or the xurl MCP bridge for OAuth 2.0 user-context access. The full route requires an X developer app, OAuth configuration, and client credentials.

Readers help support VPNCentral. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help VPNCentral sustain the editorial team Read more

User forum

0 messages