Connecting APIs
InstaMCP connects to APIs through OpenAPI or Swagger descriptions.
What Makes a Good API Spec
A useful API spec should include:
- Clear endpoint paths.
- HTTP methods.
- Request parameters.
- Request body schemas.
- Response schemas.
- Authentication requirements.
- Short, accurate operation descriptions.
Better API descriptions create better tools.
Recommended API Preparation
Before connecting an API:
- Confirm the API works outside InstaMCP.
- Confirm the OpenAPI document is valid.
- Confirm authentication headers are known.
- Decide which operations are safe for AI use.
- Remove operations that should never be exposed.
Public URL vs Raw JSON
Use a public URL when:
- Your API spec is hosted and stable.
- You want InstaMCP to read the latest version.
Use raw JSON when:
- The spec is private.
- You want to control exactly which version is used.
- You want to remove internal-only endpoints before import.
APIs That Need User Context
If your API returns different results for different logged-in visitors, you probably need Double-Hop Authentication.
Examples:
- Customer account APIs.
- Order history APIs.
- User profile APIs.
- Booking management APIs.
APIs That Use Static Credentials
If your API uses one server-side key for all requests, configure that key in the bridge authentication settings.
See Authentication and Headers.
Verification Checklist
- The bridge imports successfully.
- Tools appear after import.
- Auth settings match the API requirements.
- Test calls return expected data.
- Sensitive or destructive operations are disabled unless intentionally allowed.