The current server exposes OpenAPI exploration tools, not a general API execution tool. It returns overviews and operation details from specs rather than calling the target API endpoints., Treat OpenAPI specs as potentially sensitive. Internal paths, request schemas, server URLs, security schemes, operation names, and business domain language can reveal system design., Do not point the hosted endpoint at private or pre-release OpenAPI specs unless the spec is approved for third-party processing. Self-host the Worker for private API contracts., Review operation details before asking Claude to write integration code. OpenAPI descriptions and examples are model context and can contain stale, incomplete, or user-controlled text., Swagger 2.0 specs may be converted through the Swagger converter service before the server returns operation details. Use OpenAPI 3.x specs directly when you want fewer intermediaries.
Privacy notes
The hosted MCP endpoint receives the API identifier or raw spec URL you ask Claude to inspect, plus the operationId or route requested through `getApiOperation`., The service fetches OpenAPI documents via OpenAPI Search/OAPIS redirects or from the raw spec URL you provide., Returned overviews and operation details can include endpoint paths, parameters, request bodies, response schemas, server URLs, security scheme names, examples, and descriptions in the model conversation., The public setup path does not require API credentials and should not be used to send API keys, Bearer tokens, cookies, or internal auth headers., The repository is deployed as a Cloudflare Worker. Hosted-service logging, retention, and operational access are controlled by the service operator. Self-host when you need your own logging and retention boundary.
Author
Jan Wilmake
Submitted by
oktofeesh1
Claim status
unclaimed
Last verified
2026-06-03
Decision playbook
Review trust signals before you adopt
Signals are present but mixed. Use the checklist below to confirm the source and operational safety for your environment.
Compare context
Selected
0
Current score
78
Baseline
—
Delta
No baseline selected
No major trust-signal divergence detected in the current selection.
Source and provenance checks
Complete
Confirm ownership and provenance before trusting install instructions.
Source link availableRequired
Open the canonical repository and verify ownership.
Done
Source provenance statusRequired
Marked as source-backed.
Done
Metadata reviewed
Registry metadata indicates a reviewed listing.
Done
Safety and privacy checks
Complete
Validate risk disclosures before installation or API wiring.
Safety notes presentRequired
Review the listed safety guidance before running commands.
Done
Privacy notes presentRequired
Review data handling notes before connecting accounts or secrets.
Done
Trust level risk gateRequired
Trust level does not block evaluation.
Done
Package and install checks
Needs review
Check package metadata and artifact integrity signals.
Install payload available
Install or copy payload is available for review.
Done
Package verification flag
No package verification flag provided.
Pending
Checksum metadata
No checksum provided for downloaded artifact.
Pending
Compare-driven decision checks
Needs review
Use compare context to validate trade-offs before adoption.
Compare tray has multiple entries
Add at least one more entry to compare trust differences.
Current risk score 16/100. Use staged verification before broader rollout.
Risk 16
Pre-adoption checks
Validate source and review signals before any execution.
Confirm source provenanceRequired
Source URL/provenance metadata is present.
Done
Confirm metadata review state
Listing has review metadata.
Done
Verify install payload
Install/config payload exists and can be inspected.
Done
Security checks
Confirm safety, privacy, and package integrity signals.
Review safety notesRequired
Safety notes are present.
Done
Review privacy notesRequired
Privacy notes are present.
Done
Verify package integrity metadata
No package verification/checksum metadata.
Pending
Rollout
Adopt in controlled steps based on the selected plan.
Run in isolated sandbox firstRequired
Use a constrained sandbox and observe behavior across multiple tasks.
Pending
Roll out graduallyRequired
Roll out to a small cohort before wider usage.
Pending
Set monitoring and fallback
Define rollback path and monitor errors after adoption.
Pending
Evidence readiness
Evidence readiness matrix · balanced
Required evidence gates are covered (5/6 signals complete).
Risk 15
Source provenance
Present
Source repository/provenance is listed.
Required in this preset
Metadata review
Present
Review metadata is present.
Required in this preset
Safety notes
Present
Safety notes are present.
Required in this preset
Privacy notes
Present
Privacy notes are present.
Optional in this preset
Package integrity
Missing
Package integrity metadata is missing.
Optional in this preset
Install payload
Present
Install payload is available.
Required in this preset
Required evidence gates are covered for this preset.
Decision timeline
Decision timeline · balanced
5/6 steps complete with no blocking gaps for this preset.
Risk 14
triage
Confirm source provenanceRequired
Source/provenance metadata is available.
Done
triage
Check metadata review statusRequired
Review metadata is available.
Done
verify
Review safety notesRequired
Safety notes are available.
Done
verify
Review privacy notes
Privacy notes are available.
Done
verify
Validate package integrity metadata
Package integrity metadata is missing.
Pending
rollout
Verify install payload and commandsRequired
Install payload is available.
Done
No required blockers for this timeline preset.
Prerequisite readiness
Prerequisite readiness
5 prerequisites to line up before setup.
0/5 ready
Network & hosting2General35 minutes
Safety & privacy surface
Safety & privacy surface
5 safety and 5 privacy notes across 5 risk areas. Review closely: credentials & tokens, network access.
5 areas
SafetyNetwork accessThe current server exposes OpenAPI exploration tools, not a general API execution tool. It returns overviews and operation details from specs rather than calling the target API endpoints.
SafetyNetwork accessTreat OpenAPI specs as potentially sensitive. Internal paths, request schemas, server URLs, security schemes, operation names, and business domain language can reveal system design.
SafetyNetwork accessDo not point the hosted endpoint at private or pre-release OpenAPI specs unless the spec is approved for third-party processing. Self-host the Worker for private API contracts.
SafetyExecution & processesReview operation details before asking Claude to write integration code. OpenAPI descriptions and examples are model context and can contain stale, incomplete, or user-controlled text.
SafetyGeneralSwagger 2.0 specs may be converted through the Swagger converter service before the server returns operation details. Use OpenAPI 3.x specs directly when you want fewer intermediaries.
PrivacyNetwork accessThe hosted MCP endpoint receives the API identifier or raw spec URL you ask Claude to inspect, plus the operationId or route requested through `getApiOperation`.
PrivacyGeneralThe service fetches OpenAPI documents via OpenAPI Search/OAPIS redirects or from the raw spec URL you provide.
PrivacyNetwork accessReturned overviews and operation details can include endpoint paths, parameters, request bodies, response schemas, server URLs, security scheme names, examples, and descriptions in the model conversation.
PrivacyCredentials & tokensThe public setup path does not require API credentials and should not be used to send API keys, Bearer tokens, cookies, or internal auth headers.
PrivacyData retentionThe repository is deployed as a Cloudflare Worker. Hosted-service logging, retention, and operational access are controlled by the service operator. Self-host when you need your own logging and retention boundary.
Safety notes
The current server exposes OpenAPI exploration tools, not a general API execution tool. It returns overviews and operation details from specs rather than calling the target API endpoints.
Treat OpenAPI specs as potentially sensitive. Internal paths, request schemas, server URLs, security schemes, operation names, and business domain language can reveal system design.
Do not point the hosted endpoint at private or pre-release OpenAPI specs unless the spec is approved for third-party processing. Self-host the Worker for private API contracts.
Review operation details before asking Claude to write integration code. OpenAPI descriptions and examples are model context and can contain stale, incomplete, or user-controlled text.
Swagger 2.0 specs may be converted through the Swagger converter service before the server returns operation details. Use OpenAPI 3.x specs directly when you want fewer intermediaries.
Privacy notes
The hosted MCP endpoint receives the API identifier or raw spec URL you ask Claude to inspect, plus the operationId or route requested through `getApiOperation`.
The service fetches OpenAPI documents via OpenAPI Search/OAPIS redirects or from the raw spec URL you provide.
Returned overviews and operation details can include endpoint paths, parameters, request bodies, response schemas, server URLs, security scheme names, examples, and descriptions in the model conversation.
The public setup path does not require API credentials and should not be used to send API keys, Bearer tokens, cookies, or internal auth headers.
The repository is deployed as a Cloudflare Worker. Hosted-service logging, retention, and operational access are controlled by the service operator. Self-host when you need your own logging and retention boundary.
Prerequisites
MCP-capable client with remote HTTP transport support, such as Claude Code or another modern MCP client
Network access to `https://openapi-mcp.openapisearch.com/mcp`
OpenAPI Search identifier, OAPIS identifier, or raw OpenAPI spec URL for the API you want Claude to inspect
Understanding that the hosted service fetches and processes the OpenAPI spec instead of running locally in your project
Agreement on whether the selected API specification is safe to expose to a hosted third-party MCP service
OpenAPI MCP Server is a source-backed remote MCP server for exploring API
contracts from Claude and other MCP clients. It connects Claude to OpenAPI
Search and OAPIS-backed specifications so the model can first get a readable
API overview, then drill into one endpoint contract at a time.
The server is deliberately narrower than an OpenAPI-to-executor bridge. Its
current tool surface focuses on discovery and contract inspection:
getApiOverview summarizes an API specification, and getApiOperation returns
details for a specific operationId or route. That makes it a safer fit for
reviewing endpoint shape, request parameters, response schemas, and integration
requirements before writing code.
Features
Hosted HTTP MCP endpoint at https://openapi-mcp.openapisearch.com/mcp.
Source-backed Cloudflare Worker implementation in
janwilmake/openapi-mcp-server.
getApiOverview tool for summarizing an API surface from an OpenAPI
identifier or raw spec URL.
getApiOperation tool for retrieving one endpoint contract by operationId or
route.
Support for OpenAPI JSON and YAML documents.
Swagger 2.0 conversion path through the Swagger converter service.
Dereferenced operation output when references can be resolved.
Tested by the project author with Claude Desktop and Cursor.
No target API endpoint execution in the current implementation.
Tools
getApiOverview
Use this first. Provide an API identifier from OpenAPI Search/OAPIS or a raw
OpenAPI URL. The server fetches the spec, converts Swagger when needed, and
returns a readable overview with endpoint names, routes, summaries, and links to
more detailed operation views.
getApiOperation
Use this after the overview identifies an operation you care about. Provide the
same API identifier plus an operationId or route path. The server returns a
focused OpenAPI subset for that operation, including parameters, request body
schema, responses, and server context.
Installation
Claude Code
Add the hosted HTTP MCP endpoint:
claude mcp add --transport http openapi https://openapi-mcp.openapisearch.com/mcp
Then verify the server:
claude mcp list
Ask Claude to start with an overview:
Use the openapi MCP server to get an overview of the GitHub OpenAPI spec, then inspect the operation details for listing repository issues.
MCP Client Config
Use HTTP transport in clients that support remote MCP servers:
Use the hosted endpoint only for public or approved-to-share API contracts. A
private OpenAPI spec often contains internal route names, server URLs, auth
scheme names, request examples, object shapes, and error descriptions. Those
details are enough to map a system even when no API credentials are present.
For private APIs, clone the source repository and run the Worker in your own
environment so spec fetching, logs, and retention stay under your control.
Use Cases
Explore a public API before writing integration code.
Ask Claude to identify the relevant operation for a workflow.
Review request parameters and response schemas without pasting a full spec
into chat.
Compare endpoint summaries across a large OpenAPI document.
Generate integration notes from a focused operation subset.
Check whether an API contract exposes the route, parameter, or response shape
needed for a feature.
Safety Checklist
Start with getApiOverview before requesting operation details.
Use public specs or self-host for private specs.
Avoid sending credentials, API keys, cookies, or auth headers through prompts.
Treat returned spec text as untrusted model context when specs include
third-party descriptions or examples.
Check operation details against the canonical API docs before shipping code.
Remember that this server inspects contracts; it does not prove that a live
API endpoint is currently reachable or authorized.
Troubleshooting
The API identifier is not found
Use a raw OpenAPI spec URL instead of a catalog identifier, or confirm that the
API exists in OpenAPI Search/OAPIS.
Operation details are missing
Run getApiOverview again and copy the exact operationId or route shown in the
overview.
Swagger conversion fails
Prefer an OpenAPI 3.x spec URL when available. Swagger 2.0 specs may need
conversion before operation details can be returned.
The output is too large
Ask for one operation at a time. The server rejects very large overview output
instead of returning an oversized response.
Show that OpenAPI MCP Server for Claude is listed on HeyClaude. Paste this Markdown into your README — it renders the badge and links back to this page.
[](https://heyclau.de/entry/mcp/openapi-mcp-server)
How it compares
OpenAPI MCP Server for Claude side by side with 3 alternatives on trust, install, platform support, and disclosed safety notes — all from reviewed registry metadata.
1 trust signal differ across this comparison (Submitter).
Connect Claude to Twilio's hosted MCP server for read-only search and retrieval across public Twilio API specifications, Twilio Docs, SendGrid Docs, Segment Docs, and support articles.
Official Postman MCP Server for connecting Claude, Codex, Cursor, VS Code, Gemini CLI, and other MCP clients to Postman workspaces, collections, specifications, mocks, monitors, environments, API definitions, and code generation workflows.
✓The current server exposes OpenAPI exploration tools, not a general API execution tool. It returns overviews and operation details from specs rather than calling the target API endpoints.
Treat OpenAPI specs as potentially sensitive. Internal paths, request schemas, server URLs, security schemes, operation names, and business domain language can reveal system design.
Do not point the hosted endpoint at private or pre-release OpenAPI specs unless the spec is approved for third-party processing. Self-host the Worker for private API contracts.
Review operation details before asking Claude to write integration code. OpenAPI descriptions and examples are model context and can contain stale, incomplete, or user-controlled text.
Swagger 2.0 specs may be converted through the Swagger converter service before the server returns operation details. Use OpenAPI 3.x specs directly when you want fewer intermediaries.
✓Twilio describes the current hosted MCP server as a Public Beta. Treat tool behavior, indexed coverage, and connection instructions as changeable until Twilio declares general availability.
The current hosted server is read-only and exposes search/retrieve tools for public API specifications and documentation. It does not execute Twilio API calls or send messages on your behalf.
Do not confuse documentation retrieval with production readiness. Review generated Messaging, Voice, Verify, SendGrid, Segment, or other Twilio code against the canonical docs, product limits, regulatory requirements, and your normal approval process before running it.
Future Twilio MCP releases may add OAuth-authenticated execute-ready tools. Re-review permissions, approval prompts, audit logging, and data handling before enabling any tool that can call live APIs.
Keep MCP client approval settings enabled for prompts that might transform retrieved API schemas into runnable code, migration scripts, webhook handlers, message sends, or account-management actions.
✓GraphQL MCP can introspect a schema and execute arbitrary GraphQL queries against the configured endpoint.
Mutations are blocked by default, but setting ALLOW_MUTATIONS=true allows model-generated mutation operations.
Custom HEADERS can grant access to production APIs, admin scopes, customer data, or internal services.
Schema introspection can expose object types, fields, arguments, enum values, deprecated fields, and API structure.
Even read queries can be expensive, trigger resolver side effects, expose broad data, or hit rate and complexity limits.
Prefer staging endpoints, read-only tokens, query depth/complexity limits, persisted operations, and human review for sensitive APIs.
✓Postman MCP can operate on real Postman resources. Treat collection edits, workspace changes, environment updates, monitor changes, mock changes, specification creation, documentation updates, and generated code as review-required operations.
Start with the `minimal` remote endpoint when the task only needs basic Postman operations. Use `code` or `full` only after reviewing the broader tool surface and the resources exposed to the assistant.
The `full` configuration exposes all available Postman API tools, which Postman documents as 100+ tools. Do not use it by default for exploratory chats or untrusted repositories.
Postman recommends reviewing and confirming operations that make changes or are destructive. Require a human check before accepting assistant-generated deletes, bulk updates, monitor edits, mock edits, documentation rewrites, collection rewrites, or spec-to-code changes.
Pass specific resource IDs when possible. Postman notes this reduces extra API calls and helps avoid the assistant selecting the wrong workspace, collection, environment, monitor, mock, or specification by name.
Local stdio and Docker modes run the Postman MCP server on the user's machine and require a Postman API key. Pin the npm package version or Docker image when reproducibility matters, and keep credentials out of committed MCP configs.
EU remote endpoints do not support OAuth according to Postman's docs; use API-key authentication there and verify the region before connecting customer or regulated API assets.
Privacy notes
✓The hosted MCP endpoint receives the API identifier or raw spec URL you ask Claude to inspect, plus the operationId or route requested through `getApiOperation`.
The service fetches OpenAPI documents via OpenAPI Search/OAPIS redirects or from the raw spec URL you provide.
Returned overviews and operation details can include endpoint paths, parameters, request bodies, response schemas, server URLs, security scheme names, examples, and descriptions in the model conversation.
The public setup path does not require API credentials and should not be used to send API keys, Bearer tokens, cookies, or internal auth headers.
The repository is deployed as a Cloudflare Worker. Hosted-service logging, retention, and operational access are controlled by the service operator. Self-host when you need your own logging and retention boundary.
✓The hosted endpoint can receive your natural-language search queries, requested API IDs, product interests, integration plans, and troubleshooting topics through the MCP client.
Returned documentation can enter the model conversation alongside your prompt, code, route names, environment names, webhook examples, or product decisions.
Do not paste Twilio Account SIDs, Auth Tokens, API keys, SendGrid keys, Segment write keys, phone numbers, customer identifiers, message bodies, call recordings, transcripts, or production webhook payloads into prompts while using the public docs server.
Use synthetic examples when asking Claude to draft Messaging, Voice, Verify, SendGrid, Segment, or support workflows from retrieved docs.
✓Endpoint URLs, headers, bearer tokens, schema text, GraphQL queries, variables, response data, errors, and server descriptions may be visible to the MCP client and model provider.
GraphQL responses can include personal data, customer records, internal IDs, permissions, audit data, billing data, or proprietary business objects.
HEADERS values and authorization tokens should stay out of prompts, issues, logs, screenshots, and committed configuration files.
Error messages and introspection results can reveal internal schema design and service implementation details.
✓Tool calls can expose Postman workspace metadata, collection names, request URLs, headers, examples, documentation, comments, environments, variable names, API specifications, mocks, monitors, and generated code context to the connected AI client.
Environment variables and collection variables may contain credentials, internal hostnames, customer identifiers, test tokens, bearer tokens, session cookies, webhook URLs, or staging API details. Scrub secrets before pasting raw Postman data into prompts, issues, tickets, or chat tools.
OAuth grants and Postman API keys represent a real Postman identity. Rotate exposed API keys, remove stale MCP configs, and audit workspace membership when a project or assistant no longer needs access.
Claude, Codex, IDE logs, MCP client transcripts, terminal history, screenshots, generated code, and support bundles can retain Postman-derived API details outside Postman's normal access controls.
The remote server sends MCP requests to Postman-hosted endpoints. Local stdio and Docker modes still call Postman APIs with the configured API key when managing cloud-hosted Postman resources.
Prerequisites
MCP-capable client with remote HTTP transport support, such as Claude Code or another modern MCP client
Network access to `https://openapi-mcp.openapisearch.com/mcp`
OpenAPI Search identifier, OAPIS identifier, or raw OpenAPI spec URL for the API you want Claude to inspect
Understanding that the hosted service fetches and processes the OpenAPI spec instead of running locally in your project
MCP-capable client with remote HTTP transport support, such as Claude Code, Claude Desktop connector support, Cursor, OpenCode, Codex, or another compatible client
Network access to `https://mcp.twilio.com/docs`
Agreement that the current hosted Twilio MCP server should receive the Twilio, SendGrid, or Segment documentation questions your team asks through the MCP client
Separate Twilio, SendGrid, or Segment account credentials only when you later write or run application code outside this read-only MCP server
Node.js and npx available to the MCP client runtime.
GraphQL endpoint URL that Claude is allowed to introspect and query.
Optional HEADERS JSON for authentication, using least-privilege API credentials.
Decision on whether schema introspection should use the endpoint, a local schema file, or a schema URL.
Postman account with access to the workspaces, collections, specifications, mocks, monitors, and environments the assistant should inspect or manage.
MCP-capable client such as Claude Code, Claude Desktop, Codex CLI, Cursor, VS Code, Windsurf, Gemini CLI, Kiro, or another compatible environment.
Authentication choice: OAuth for the US remote server when the MCP client supports it, or a Postman API key for EU remote, local stdio, Docker, or API-key fallback setup.
Tool-mode choice: `minimal` for essential Postman operations, `code` for API-definition search and client-code generation, or `full` for the complete Postman API tool surface.
Install
claude mcp add --transport http openapi https://openapi-mcp.openapisearch.com/mcp
claude mcp add --transport http twilio-docs https://mcp.twilio.com/docs
npx mcp-graphql
claude mcp add --transport http postman https://mcp.postman.com/minimal