MCP Integration

Quick setup (stdio)

Create a key, connect Gmail in the browser, then run the stdio MCP proxy. No OAuth flow in the client:

1. Go to inbox.dog/connect
2. Create an API key and click "Connect Gmail"
3. Configure your MCP client with npx inbox.dog mcp and env vars

{
  "mcpServers": {
    "inbox-dog": {
      "command": "npx",
      "args": ["-y", "inbox.dog", "mcp"],
      "env": {
        "INBOX_DOG_CLIENT_ID": "your_client_id",
        "INBOX_DOG_CLIENT_SECRET": "your_client_secret"
      }
    }
  }
}

OAuth flow (MCP-native)

MCP clients can also discover auth endpoints automatically via standard OAuth metadata:

1. Client connects to https://inbox.dog/mcp
2. Server returns 401 with WWW-Authenticate header pointing to resource metadata
3. Client discovers OAuth endpoints via /.well-known/oauth-authorization-server
4. Client registers dynamically, runs PKCE OAuth flow, user authenticates with Google
5. Client gets bearer token — Gmail tools just work

Discovery Endpoints

# Protected Resource Metadata (RFC 9728)
GET https://inbox.dog/.well-known/oauth-protected-resource

# Authorization Server Metadata (RFC 8414)
GET https://inbox.dog/.well-known/oauth-authorization-server

# Dynamic Client Registration (RFC 7591)
POST https://inbox.dog/oauth/register

Available Tools

Once authenticated, these Gmail tools are available:

Quick Test

# List available tools (no auth required)
curl -X POST https://inbox.dog/mcp \
  -H "Content-Type: application/json" \
  -d '{"jsonrpc":"2.0","id":1,"method":"tools/list"}'

Standards

• MCP Authorization Spec
• RFC 9728 — OAuth 2.0 Protected Resource Metadata
• RFC 8414 — OAuth 2.0 Authorization Server Metadata
• RFC 7591 — OAuth 2.0 Dynamic Client Registration
• PKCE (S256) required for public clients