registry.modelcontextprotocol.io. The registry is still in preview, so its
data may reset. If your listing disappears, authenticate and publish it again.
Before you start, deploy the MCP door at its final public URL and choose a
private-key path outside the repository. The examples below use
example.com, @acme/example-product, and
https://mcp.example.com/api/vendo/mcp.
1. Choose the namespace
The registry name combines the reverse-DNS form of your domain with the final segment ofpackage.json’s name:
description, version, and optional homepage from
package.json. Set those fields to the identity customers should see before
you generate the listing.
Required namespace and URL binding: A
com.example/* name may list
remote URLs only on example.com or one of its subdomains. For example,
https://mcp.example.com/api/vendo/mcp is valid, but a hosting-provider URL
on another domain is not.2. Prove domain ownership
Choose either DNS or HTTP. Eachvendo mcp verify-domain run creates a new
Ed25519 keypair, so run only the variant you intend to use. --key-out is
required. Keep that file secret, outside the repository, and backed up. Do not
regenerate it after publishing the proof unless you also replace the proof.
DNS TXT record
@ by DNS providers,
with the exact v=MCPv1; k=ed25519; p=... value printed by the command.
HTTPS challenge
Pass your framework’s public static directory with--write-well-known:
3. Generate server.json
Run this from the host root:
2025-12-11:
--force when you
intend to regenerate the file.
4. Validate the live deployment
Pass the deployed Vendo wire base to doctor. This is the URL before the final/mcp segment:
/status reports the MCP door open, both OAuth
metadata documents resolve, and the server card has a name and transports. If
server.json exists, it validates the pinned schema, the reversible namespace,
the namespace-to-remote-domain binding, and exact agreement between the listed
remote and the live door. When an HTTP challenge exists locally or at the live
origin, doctor also checks that it starts with v=MCPv1.
5. Authenticate and publish
The externalmcp-publisher CLI expects the private key’s hex contents, not a
file path. Use the login method that matches the proof you published.
For DNS:
./server.json from the host root:
mcp-publisher uses https://registry.modelcontextprotocol.io by default.
Publishing to the registry is self-serve.
6. Give customers an install path
Registry publication makes the server identity machine-readable. It does not configure a client automatically, so link customers to the appropriate client flow from your setup page:-
Claude.ai: Add the remote MCP URL as a custom connector. Customers see a
Customconnector, complete your OAuth flow, and can enable its tools in a conversation. See Claude custom connectors. -
ChatGPT: In developer mode, create a custom app with the remote MCP
endpoint and scan its tools. It appears with a
Devlabel while testing and in the workspace’s app list after an admin publishes it. See ChatGPT developer mode. -
Cursor: Publish an Add to Cursor deeplink. The user sees the MCP install
prompt, then connects through OAuth and gets the server’s tools. For this
example, the config in the link decodes to
{"url":"https://mcp.example.com/api/vendo/mcp"}:See Cursor MCP installation.
Directory submissions (follow-up)
This is a separate later step and is out of scope for registry publishing. The registry flow above is self-serve. The Claude Connectors Directory and the ChatGPT app directory are curated submission queues, and a registry listing does not add your product to either one.- Claude directory submission requires an organization account and Anthropic review.
- ChatGPT app directory submission requires an organization account, OpenAI business verification, and OpenAI review.