MCP

MCP — the Model Context Protocol — is the wire format that lets AI clients call tools. Switchy is both a server (so Claude Desktop can call into your team memory) and a client (so your team chat can call into GitHub or Notion).

Mental model

MCP is a JSON-RPC convention. A client sends tools/call with a tool name + arguments; the server returns a result. The point is that the same wire format works for any pairing — Claude Desktop ↔ Switchy, Switchy ↔ GitHub, Cursor ↔ a custom internal tool. Tools are interoperable across clients.

Switchy as an MCP server

Anything in your team's memory or Spaces is reachable from any MCP-capable client. Drop one snippet into Claude Desktop, Cursor, or Windsurf, paste a key, and the same memory + Spaces show up inside the LLM workflow you already use.

• Endpoint: POST https://switchy.build/mcp/rpc.
• Auth: bearer key minted at Settings → API keys.
• Seven tools: search_memory, add_memory, list_spaces, get_space, list_sessions, get_session_transcript, post_message.
• OpenAPI spec: /api/mcp/openapi.json.
• Install instructions: Use Switchy in Claude Desktop, Cursor, or any MCP client.

Switchy as an MCP client

From inside Switchy chat, mention an external tool the same way you mention an LLM: @github what issues are open?. Switchy handles the OAuth, stores credentials in Google Secret Manager, and pipes the result into the AI agent in the same turn.

• Built-in connectors: GitHub, Notion. Both one-click OAuth.
• Custom MCPs: any HTTPS endpoint with bearer or API-key auth. SSRF-protected at registration and on every call.
• Org admins manage the connector list at Settings → MCP; Space admins toggle which connectors are reachable per Space.
• Setup walkthrough: Connect external tools.

Key properties

• Credentials never live in Postgres. Every secret — bearer tokens, OAuth access + refresh tokens — sits in Google Secret Manager. The DB only stores resource references.
• SSRF guard runs at registration AND on every call (DNS rebinding defence). RFC1918, loopback, link-local (including the GCP metadata server), v4-mapped IPv6 — all rejected.
• Outbound HTTP discipline. HTTPS-only, no redirect-following, 50 KB request cap, 5 MB response cap, 10 s tool-call timeout.
• Health checks every 10 minutes by Cloud Scheduler. Org OWNERS get one email per day per integration on transition to UNREACHABLE.
• Existence-leak guard. Asking for a Space, MCP, or tool you can't access returns 404 — never 403 — so we don't leak that the resource exists.

What this isn't

MCP is not Switchy-specific. It's the same protocol Anthropic published; everything that supports MCP can talk to Switchy and vice versa. You aren't locked in.

Switchy as a client doesn't support stdio MCPs in v1 — only HTTPS. Cloud Run isn't a great runtime for spawning subprocess MCPs; we'll re-evaluate when there's a real demand.

Next

• Try Switchy in Claude Desktop — 90 seconds.
• Connect external tools — GitHub, Notion, or your own MCP.