> ## Documentation Index
> Fetch the complete documentation index at: https://docs.presenton.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Connect an MCP client

> Authenticate Presenton's MCP server and connect local, remote, or multiple self-hosted instances.

The built-in Model Context Protocol server lets a compatible AI client invoke Presenton presentation workflows. MCP is available in the self-hosted web deployment at `/mcp`; it is disabled in the Electron desktop app.

## Before you start

* Run Presenton with Docker, Compose, or another web deployment.
* Confirm browser generation works.
* Configure the admin account for any shared or remote instance.
* Confirm your client supports a remote HTTP MCP server and custom headers.

## 1. Start an authenticated instance

```bash theme={null}
docker run -it --name presenton \
  --publish 5001:80 \
  --env AUTH_USERNAME=admin \
  --env AUTH_PASSWORD=replace-with-a-long-password \
  --volume "./app_data:/app_data" \
  ghcr.io/presenton/presenton:v0.9.0-beta
```

Open [http://localhost:5001](http://localhost:5001), sign in, and create a small test presentation before continuing.

## 2. Request a bearer token

```bash theme={null}
curl --silent --request POST \
  --url http://localhost:5001/api/v1/auth/login \
  --header 'Content-Type: application/json' \
  --data '{"username":"admin","password":"YOUR_PASSWORD"}'
```

The response includes `access_token` and `token_type`. Copy the token without the surrounding JSON quotes and keep it private.

<Warning>
  The MCP token represents an authenticated Presenton session. Do not commit it to a repository, paste it into support tickets, or expose it in screenshots.
</Warning>

## 3. Configure the MCP client

Configuration formats vary by client. The following examples use the structure from the Presenton README; adapt the outer file location and environment-variable syntax to your client.

### Example A: local authenticated server

```json theme={null}
{
  "mcpServers": {
    "presenton": {
      "url": "http://localhost:5001/mcp",
      "headers": {
        "Authorization": "Bearer YOUR_ACCESS_TOKEN"
      }
    }
  }
}
```

### Example B: remote HTTPS server

```json theme={null}
{
  "mcpServers": {
    "presenton-production": {
      "url": "https://presentations.example.com/mcp",
      "headers": {
        "Authorization": "Bearer YOUR_ACCESS_TOKEN"
      }
    }
  }
}
```

Use HTTPS for any connection that leaves the local machine. The reverse proxy must forward the `Authorization` header and support the connection behavior required by your MCP client.

### Example C: local server without configured auth

For an isolated development instance where authentication has not been configured, omit the header:

```json theme={null}
{
  "mcpServers": {
    "presenton-local": {
      "url": "http://localhost:5001/mcp"
    }
  }
}
```

Do not use an unauthenticated configuration on a publicly reachable instance.

### Example D: development and production instances

```json theme={null}
{
  "mcpServers": {
    "presenton-local": {
      "url": "http://localhost:5001/mcp",
      "headers": {
        "Authorization": "Bearer LOCAL_ACCESS_TOKEN"
      }
    },
    "presenton-production": {
      "url": "https://presentations.example.com/mcp",
      "headers": {
        "Authorization": "Bearer PRODUCTION_ACCESS_TOKEN"
      }
    }
  }
}
```

Give each instance a clear name so users know where uploaded documents and generated presentations will be stored.

## 4. Restart and verify the client

<Steps>
  <Step title="Reload MCP configuration">
    Restart the client or use its MCP reload action so it reads the new server entry.
  </Step>

  <Step title="Check discovery">
    Confirm the client reports the Presenton server as connected and displays its available presentation tools.
  </Step>

  <Step title="Run a small request">
    Ask the client to create a short two-slide presentation about a harmless test topic.
  </Step>

  <Step title="Review in Presenton">
    Open the returned edit URL, inspect the slides, and confirm the presentation appears in the correct instance.
  </Step>
</Steps>

## Token rotation and recovery

Setting `AUTH_OVERRIDE_FROM_ENV=true` rotates the session signing secret. Existing browser sessions and MCP bearer tokens stop working, so request a new token and update every client afterward.

If a client starts returning unauthorized errors:

1. Confirm the Presenton URL and `/mcp` path.
2. Sign in to verify the admin credentials still work.
3. Request a new token from `/api/v1/auth/login`.
4. Replace the old bearer token in the client configuration.
5. Restart or reload the client.

## Secure a remote MCP deployment

* Use HTTPS and a trusted certificate.
* Keep Presenton authentication enabled.
* Restrict network access to expected users and clients.
* Store tokens in the client's secret store when supported.
* Rotate credentials and tokens after suspected exposure.
* Protect `/app_data`, because MCP-created presentations and uploads are stored there.
* Review generated presentations before publishing or exporting them.

<AccordionGroup>
  <Accordion title="The client cannot find Presenton tools">
    Confirm that it supports remote HTTP MCP, that the URL ends in `/mcp`, and that configuration was reloaded. The desktop app does not expose MCP.
  </Accordion>

  <Accordion title="The server returns 401 or unauthorized">
    Request a fresh bearer token with the current admin credentials and confirm the header is exactly `Authorization: Bearer YOUR_ACCESS_TOKEN`.
  </Accordion>

  <Accordion title="It works locally but not through a reverse proxy">
    Verify HTTPS routing to container port `80`, forwarding of the `Authorization` header, and the proxy's timeout or buffering behavior for remote MCP connections.
  </Accordion>

  <Accordion title="Tokens stopped working after a deployment change">
    Credential override rotates the signing secret and invalidates tokens. Sign in again and update the MCP client with the new token.
  </Accordion>
</AccordionGroup>

<Check>
  The MCP client discovers Presenton's tools, creates a test presentation, and returns a result that opens in the intended self-hosted instance.
</Check>
