Skip to main content
The Omni MCP Server supports two authentication methods. Choose the one that best fits your needs:
OAuthAPI key
Best forIndividual users who want quick, secure setupAdmins managing keys centrally, or automated workflows
Setup complexityLow - browser flowMedium - manual configuration
Key managementAutomaticManual
User permissionsUses your permissionsUses key creator’s permissions

​
OAuth authentication

OAuth lets MCP clients connect to Omni without requiring you to manually create and manage API keys. When you connect, Omni creates an API key on your behalf and links it to your user account.

​
Prerequisites

Personal access tokens (PATs) must be enabled for your organization. An admin can activate them by going to Settings > API Keys > Personal tokens.

​
How it works

The OAuth flow will use the cookie of the last Omni instance you logged into when redirecting you to the authorization page. If you are a member of multiple organizations, log out and then log back in to the organization you want to connect to immediately before starting the OAuth flow.
When you first connect an MCP client to Omni using OAuth, the flow will look similar to the following:
  1. You add the connection URL to your MCP client.
  2. The MCP client will trigger the OAuth flow.
  3. Your browser will open to an authorization page for your Omni organization.
  4. Review the permissions on the authorization page.
  5. Click Authorize.
  6. Omni will automatically create a PAT API key for the MCP client and link it to your Omni user account.
After authorization, all MCP queries use your Omni permissions and access controls. The flow uses OAuth 2.1 with PKCE for security.

​
Connection URL

Use this URL when setting up OAuth in your MCP client: 
https://callbacks.omniapp.co/callback/mcp
This URL routes requests to your Omni organization after you identify yourself during the OAuth flow.

​
API key authentication

API key authentication gives you direct control over key creation and management. This approach is useful when:
  • You need to manage API keys centrally for your organization
  • You’re setting up automated workflows or CI/CD pipelines
  • You want to use a service account rather than individual user credentials
  • Your MCP client doesn’t support OAuth

​
How it works

  1. Create an API key in Omni (instructions)
  2. Configure the key in your MCP client’s settings
  3. The client includes the key in all requests to Omni

​
Connection URL

When using API key authentication, connect directly to your Omni instance: 
https://<YOUR_OMNI_INSTANCE>/mcp/https
Replace <YOUR_OMNI_INSTANCE> with your Omni URL (e.g., acme.omniapp.co).

​
Managing MCP API keys

Organization Admins can manage API keys in Settings > API access.

​
Troubleshooting

​
OAuth issues

Ask an admin to enable PATs: Settings > API Keys > Personal tokens
  • Verify your MCP client supports OAuth 2.1 with PKCE
  • Check that you’re using the correct URL: https://callbacks.omniapp.co/callback/mcp
  • Ensure your Omni instance is accessible from your browser
  • Check that your browser allows redirects to the MCP client
  • Verify you have permission to create API keys in your organization
  • Try disconnecting and reconnecting the MCP client

​
API key issues

  • Verify the API key is correct and hasn’t been revoked
  • Check that the key has appropriate permissions
  • Ensure you’re using the correct instance URL

​
General issues

  • Confirm the API key is active in your Omni settings
  • Verify you have access to the model and topics you’re querying
  • Check that your Omni user permissions allow data access

​
Next steps

Ready to connect? Follow the setup guide for your MCP client: