Connect AI Agent to Your Store (MCP)

Connect your AI coding agent to your Mobazha store via MCP (Model Context Protocol). Once connected, your agent can directly manage products, orders, messages, and more.

> This skill requires credentials. The agent needs an API token from your store to connect. The agent must ask for your explicit consent before initiating any connection to your store. Tokens should be stored in environment variables, never committed to source control.

What You Get

After connecting, your AI agent has access to 30+ store management tools:

Connection Method: SSE (Recommended)

All Mobazha deployments include a built-in MCP SSE endpoint. This is the recommended method because:

• No additional binary to install or maintain
• Tools are always up-to-date with your store version
• Works with Claude Code, Cursor, Codex, and all modern AI agents

SSE Endpoint

Step 1: Get Your API Token

SaaS Store

1. Log in to your store at app.mobazha.org
2. Go to Settings > API
3. Click Generate Token
4. Copy the token

Standalone Store (Docker with domain)

Open your store's admin panel in a browser and generate a token via Settings > API, or via curl:

curl -X POST https://shop.example.com/platform/v1/auth/tokens \
  -H "Content-Type: application/json" \
  -d '{"username": "admin", "password": "<your-admin-password>"}'

Native Install (local or VPS)

The default gateway port for native installs is 5102:

curl -X POST http://localhost:5102/platform/v1/auth/tokens \
  -H "Content-Type: application/json" \
  -d '{"username": "admin", "password": "<your-admin-password>"}'

For a VPS, replace localhost with your server's IP or use an SSH tunnel:

ssh -L 5102:localhost:5102 root@<vps-ip>
# Then use http://localhost:5102 from your local machine

Step 2: Configure Your AI Agent

Claude Code

Add to ~/.claude.json (or project-level .mcp.json):

{
  "mcpServers": {
    "mobazha-store": {
      "type": "sse",
      "url": "https://shop.example.com/platform/v1/mcp/sse",
      "headers": {
        "Authorization": "Bearer <your-token>"
      }
    }
  }
}

Cursor

Add to .cursor/mcp.json in your project:

{
  "mcpServers": {
    "mobazha-store": {
      "url": "https://shop.example.com/platform/v1/mcp/sse",
      "headers": {
        "Authorization": "Bearer <your-token>"
      }
    }
  }
}

Or go to Settings > MCP Servers > Add Server and enter the SSE URL.

Codex CLI

codex mcp add mobazha-store --transport sse \
  --url "https://shop.example.com/platform/v1/mcp/sse" \
  --header "Authorization: Bearer <your-token>"

OpenCode

Add to opencode.json:

{
  "mcp": {
    "mobazha-store": {
      "type": "sse",
      "url": "https://shop.example.com/platform/v1/mcp/sse",
      "headers": {
        "Authorization": "Bearer <your-token>"
      }
    }
  }
}

> Replace https://shop.example.com with your actual store URL from the table above.

Step 3: Verify the Connection

Ask your AI agent:

> "List my store's products" or "Show my recent orders"

The agent should call listings_list_mine or orders_get_sales and return results. If it works, the connection is live.

For a guide on what you can do with MCP tools, see the store-management skill.

Advanced: stdio Transport

For environments where SSE is not supported by the AI agent, or for air-gapped setups, a mobazha-mcp stdio binary is available. It ships with the standalone Docker image and native install.

When to Use stdio

• Your AI agent doesn't support SSE MCP transport
• Air-gapped or restricted network environment
• Development/debugging of the MCP layer itself

Using stdio from Standalone Docker

The binary is bundled in the container:

docker exec -it <container> mobazha-mcp --gateway-url http://localhost:5102 --token <token>

stdio CLI Reference

stdio Agent Configuration

{
  "mcpServers": {
    "mobazha-store": {
      "command": "mobazha-mcp",
      "args": ["--gateway-url", "http://localhost:5102"],
      "env": {
        "MOBAZHA_TOKEN": "<your-token>"
      }
    }
  }
}

Troubleshooting

"connection refused" or timeout

• Native install: verify the store is running with curl http://localhost:5102/healthz
• Standalone Docker: the SSE endpoint is at port 80/443 (not 5102), try curl http://localhost/healthz
• For remote stores, check that the domain resolves and HTTPS is configured

"401 Unauthorized"

• Verify the token: curl -H "Authorization: Bearer " http://localhost:5102/v1/profiles
• Token may have expired — generate a new one
• Ensure the token has the required scopes for the tools you want to use

"tool not found"

• search_listings and search_profiles require the marketplace search service
• Some tools require specific scopes on the API token (e.g., listings:write for listings_create)

Credential Safety

• Never hardcode tokens in source code or config files committed to git
• Store the token in environment variables or a secrets manager
• Add MCP config files to .gitignore if they contain tokens
• Tokens can be revoked and regenerated at any time from the store admin panel
• The agent must never log, display, or transmit tokens to any party other than the target store endpoint