Skip to content

Install Cursor

Cursor connects to StateLode’s hosted Streamable HTTP endpoint directly. No bridge. The default way in is Connect with StateLode: add the server by URL and sign in through your browser — no token to mint, paste, or rotate. A static token is still available for headless and CI use further down.

Config format verified against Cursor’s mcp.json as of 2026-06. If the UI differs, the file below is the stable contract.

Add the StateLode server without an Authorization header. When Cursor connects it detects that the server needs authorization, opens your browser to sign in to StateLode (via WorkOS), and lets you pick a workspace; Cursor then stores and refreshes the credential for you. Nothing to paste, nothing to rotate, and it survives restarts. Your role in that workspace sets access — owner, admin, and member get read + write; viewer is read-only.

Cursor reads MCP servers from a JSON file:

  • Global (all projects): ~/.cursor/mcp.json
  • Project (this repo only): .cursor/mcp.json

Add the server with just its URL — no headers block:

{
"mcpServers": {
"statelode": {
"url": "https://api.statelode.dev/mcp"
}
}
}

Then open Settings → Tools & MCP. The statelode server will show that it needs to sign in — click its Login / Connect action and complete the browser consent. When it finishes, statelode shows a green dot and lists three tools (task_search, task_get, task_mutate).

Prefer Connect above for everyday use. Reach for a static statelode_live_… token when there is no browser for a consent flow — CI jobs, headless agents, or shared service accounts. Mint one in the dashboard and keep it out of git — see Token security. Do not paste it into Cursor’s chat to have the agent configure MCP for you. (You can ask the agent to open ~/.cursor/mcp.json so you paste the config and token in yourself — see Let the agent open the file.)

Add the token in an Authorization header. Keep it in the global ~/.cursor/mcp.json so it lives in your home directory, outside any repo (and chmod 600 it on a shared machine); if you use the project .cursor/mcp.json, add it to .gitignore so the token never lands in version control:

{
"mcpServers": {
"statelode": {
"url": "https://api.statelode.dev/mcp",
"headers": {
"Authorization": "Bearer YOUR_STATELODE_TOKEN"
}
}
}
}

Ask Cursor:

Use StateLode to search active tasks in project statelode.

The agent should call task_search with projectId: "statelode" and return task summaries.

  • statelode shows “needs login” / no tools yet — that’s the Connect path waiting on the browser consent. Open Settings → Tools & MCP and click the server’s Login / Connect action, then complete the sign-in.
  • “Failed to open SSE stream: Not Found” / repeated reconnects — your client is reaching an old API build. StateLode’s endpoint serves the Streamable HTTP GET stream and JSON-RPC responses; make sure you’re pointed at https://api.statelode.dev/mcp.
  • 401 / no tools on the token path — the token is missing or wrong. Re-check the Authorization header; it must read Bearer followed by the token, with a space. Or drop the header and use Connect instead.