Skip to main content

MediaSFU MCP

MediaSFU exposes two deliberately separate Model Context Protocol (MCP) surfaces:

EndpointAuthenticationPurpose
https://mcp.mediasfu.com/mcpNonePublic, permanently read-only SDK selection, guides, references, scaffolding previews, and diagnostics.
https://mcp.mediasfu.com/mcp/actionsDisposable keyScoped account actions such as creating rooms, managing event settings, or controlling SIP calls.

Use the public endpoint when the assistant only needs MediaSFU knowledge. Add the action endpoint only when the assistant must change account state.

Public read-only setup

The public endpoint cannot create rooms, make calls, alter account settings, run package commands, or write files on the hosted server.

A generic remote MCP configuration is:

{
"mcpServers": {
"mediasfu": {
"url": "https://mcp.mediasfu.com/mcp"
}
}
}

This endpoint is the best default for documentation chat, SDK selection, integration planning, reference lookup, and troubleshooting.

Authenticated actions setup

Create a disposable key in the MediaSFU Developer Console. Select only the operations the assistant needs and use the shortest practical expiry.

Every authenticated MCP request must use this exact header:

Authorization: Bearer <username>:<disposableKey>

A bare disposable key is not accepted. The username must be the owner of the key.

For a production disposable key, add mcp.mediasfu.com to its allowed domains. Start with a sandbox disposable key while testing.

A generic configuration for clients that support static remote-MCP headers is:

{
"mcpServers": {
"mediasfu-actions": {
"url": "https://mcp.mediasfu.com/mcp/actions",
"headers": {
"Authorization": "Bearer ${MEDIASFU_USERNAME}:${MEDIASFU_DISPOSABLE_KEY}"
}
}
}
}

Keep the username and disposable key in the client's secret/environment storage. Do not commit either value to a repository or paste them into prompts.

Available action scopes

The action endpoint shows tools only when the disposable key contains the corresponding operation.

Disposable-key operationMCP actions
createRoomCreate a room; join a room.
deleteRoomDelete/cancel a room.
createEventSettingsCreate stored event/room defaults.
updateEventSettingsUpdate stored event/room defaults.
initiateCallsStart an outbound SIP call.
sipCallListList SIP calls.
sipCallSummaryRead aggregate SIP call metrics.
sipCallStateRead one SIP call's state.
sipCallEndEnd a SIP call.
sipCallControlHold/unhold, start/stop an agent, switch source, play media, update call templates, offer callbacks, and control recording.

createEventSettings and updateEventSettings are the canonical permission names going forward. Existing keys that contain the legacy createEvent or updateEvent names remain compatible and are normalized to the canonical scopes. There is no deleteEventSettings MCP action because /v1/eventssettings has no delete action; the internal GraphQL deletion mutation is not exposed through this disposable-key surface. updateRoom is also not advertised yet because there is no stable REST update action. The action endpoint never exposes an arbitrary URL, HTTP method, header, or generic "run action" tool.

Confirmation and conversational behavior

Read-only call list, summary, and state tools can run immediately. Every tool that creates, changes, calls, controls, or deletes returns confirmation_required until the client calls it with confirm: true.

A good room-creation conversation looks like this:

  1. The user says, "Create a MediaSFU room."
  2. The assistant gathers the missing host name, event type, duration, and capacity.
  3. The assistant summarizes the proposed room and asks for confirmation.
  4. After the user confirms, the assistant calls mediasfu_create_room with confirm: true.
  5. The assistant returns the room name and participant URL from MediaSFU.

This design lets an assistant complete the action while keeping the user in control of billable or destructive changes.

Grok and xAI

For Grok's public Custom Connector, use https://mcp.mediasfu.com/mcp; it needs no credentials.

For an xAI API integration, configure a remote MCP tool with the action endpoint and set its authorization value to the full Bearer <username>:<disposableKey> credential. The xAI API forwards that value in the HTTP Authorization header. See xAI Remote MCP tools.

Some Grok consumer Custom Connector screens support OAuth fields rather than a static bearer header. Do not put a disposable key into OAuth client ID or client secret fields. Use the public endpoint there, or use an xAI API integration for actions until MediaSFU publishes an OAuth compatibility layer. See xAI Connectors.

Claude Desktop through mcp-remote

If your client uses mcp-remote, keep the credential in an environment variable:

{
"mcpServers": {
"mediasfu-actions": {
"command": "npx",
"args": [
"-y",
"mcp-remote",
"https://mcp.mediasfu.com/mcp/actions",
"--header",
"Authorization: Bearer ${MEDIASFU_MCP_CREDENTIAL}"
],
"env": {
"MEDIASFU_MCP_CREDENTIAL": "<username>:<disposableKey>"
}
}
}
}

Environment-variable interpolation varies by MCP client and launcher. If the client does not expand variables in args, use its supported secret/header setting instead of writing the credential into a checked-in file.

Security checklist

  • Prefer the public endpoint whenever no account action is needed.
  • Start action testing with a sandbox disposable key.
  • Grant only the required operations.
  • Set a short expiry and a conservative request limit.
  • Add only mcp.mediasfu.com to a production key's domain allowlist.
  • Revoke the key immediately if it appears in logs, prompts, screenshots, or source control.
  • Review the action preview before confirming.