Authenticate with the Chronosphere MCP server

Before you can use the Chronosphere Model Context Protocol (MCP) server, you need to authenticate with the MCP client you use to access a large language model (LLM). Use one of the following options to configure authentication:

Generate a Chronosphere API token, either through a personal access token or a service account.
Use OAuth (opens in a new tab). To use the Chronosphere MCP server with OAuth, your MCP client must support OAuth.

OAuth authentication with the Chronosphere MCP server has been tested with the following MCP clients only.

The following steps explain how to authenticate with popular AI-powered code editors. After authenticating, you can use the LLM features in your code editor to interact with the Chronosphere MCP server tools.

Prerequisites

If you’re authenticating your MCP client with a Chronosphere API token, use one of the following options to generate one:

Personal access: Create a personal access token to authenticate your user account with Chronosphere. When you authenticate with a personal access token, Chronosphere Observability Platform associates the actions you take with your identity and respects the permissions granted to your user account’s team.
Programmatic access: Create an unrestricted service account to create a persistent identity for a service or agent that you want to authenticate with your MCP client. You must have administrative access to create a service account.

Authenticating using Claude Code

To authenticate with the Chronosphere MCP server from Claude Code, add the MCP server as a remote HTTP server (opens in a new tab).

From within Claude Code, run the following command:
```
claude mcp add --transport http chronosphere "https://TENANT.chronosphere.io/api/mcp/mcp" \
--header "Authorization: API_TOKEN"
```
Replace the following:
- TENANT: The name of your Observability Platform tenant.
- API_TOKEN: The API token generated from your service account. Chronosphere recommends storing your API token in a separate file or Kubernetes Secret and calling it using an environment variable, such as $API_TOKEN.
To authenticate using OAuth instead of a Chronosphere API token, omit the --header flag. You can also use the /mcp command to authenticate with OAuth authentication.
Test your connection with the Chronosphere MCP server:
```
claude mcp get chronosphere
```

The command returns the details for the Chronosphere MCP server.

Authenticating using Cursor

To authenticate with the Chronosphere MCP server from Cursor, modify the mcp.json file to include the Chronosphere MCP server remote endpoint.

From within Cursor, access the mcp.json file (opens in a new tab).
Add the following configuration to the mcp.json file:
```
{
  "mcpServers": {
    "chronosphere": {
      "url": "https://TENANT.chronosphere.io/api/mcp/mcp",
      "headers": {
        "Authorization": "Bearer API_TOKEN"
      }
    }
  }
}
```
Replace the following:
- TENANT: The name of your Observability Platform tenant.
- API_TOKEN: The API token generated from your service account. Chronosphere recommends storing your API token in a separate file or Kubernetes Secret and calling it using an environment variable, such as $API_TOKEN.
To authenticate using OAuth instead of a Chronosphere API token, omit the headers section from the configuration.
Save and close the mcp.json file.
Refresh the MCP server settings in Cursor.

The Chronosphere MCP server displays in the list of configured MCP servers.

MCP server Tools