Custom MCP Servers
Bring your own remote MCP servers into a workspace so every member can use their tools in chat.
Custom MCP Servers
MCP (Model Context Protocol) servers are remote tool catalogs Hubi can call during a conversation. Connect one to a workspace and every member of that workspace gets access to its tools the next time they chat with Hubi.
Use this when the tools you need aren't already covered by a built-in Integration or a Skill - point Hubi at a remote MCP endpoint your team already runs (or any MCP-compatible service) and let it call the tools alongside everything else.
Workspace Scope
Custom MCP servers are scoped to a single workspace.
- Admins manage them - add, edit, test, enable / disable, and delete.
- All members use them - every workspace member can see the list, view the available tools, and call those tools through Hubi in chat.
- Nothing crosses workspaces - servers connected in one workspace are never visible or callable from another.
If you're not a workspace admin, you'll see the list and the available tools but the row-action menu, the Add button, and the Enable / Disable toggle will be hidden. Ask an admin to make changes.
Add a Server
Capabilities > MCP servers > Add MCP server.
Fill in:
- Name - what you'll see in the list and in tool results.
- URL - the public https endpoint of your MCP server. Private and loopback addresses are blocked.
- Authentication - choose how Hubi should authenticate.
When you press Test & Save, Hubi connects to the server, checks it speaks MCP, lists its tools, and only then saves the row. If anything fails, the dialog stays open and shows what went wrong so you can fix it without losing your inputs.
Authentication Options
Pick the option that matches how your server expects callers to authenticate:
- None - the server is public or trusts the network it sits behind. No header is sent.
- Bearer token - Hubi sends
Authorization: Bearer <token>on every call. Use this for OAuth-style or personal-access tokens. - API key - Hubi sends a custom header you choose (for example
X-API-Key) with the value you paste in. Use this for services that ship their own header convention.
Tokens and API keys are stored encrypted in our secrets vault. They're never returned to the browser or the mobile app after you save them. If you re-open the Edit dialog, the secret field shows a placeholder dot pattern - leave it blank to keep the stored secret, or type a new value to replace it.
Test a Connection
You can re-validate a server at any time without changing it.
Open the row-action menu on the server (the ... icon at the right of the row) and pick Test connection. Hubi probes the server, refreshes the tool count, updates the status pill, and shows you a toast with the result. The Tools dialog opens automatically so you can see what came back.
A green Connected . N tools pill means the server is live and ready to use in chat. An amber Re-validating or Not validated pill means the last probe is still in flight or hasn't run since the last edit. A red Failed pill explains why - see the error guide below.
Edit a Server
Row-action menu > Edit. You can rename the server, change the URL, swap the authentication type, or rotate the secret.
A few rules to keep things safe:
- Change the URL and Hubi will re-test the connection on save. If the new URL needs a different secret, type the new secret too - Hubi won't carry the old one over silently.
- Switch authentication types and the secret field clears. Enter the credentials for the new type.
- Leave the secret field blank on a save where the URL and auth type haven't changed and the stored secret is kept as-is.
Enable, Disable, and Delete
Row-action menu options:
- Disable - the server stays in the list but its tools stop showing up in chat sessions. The row dims so you can tell at a glance. Re-enable it the same way.
- Delete - removes the server and its stored secret. Existing chats keep their history; future chats won't see the server's tools.
Deletes are permanent - there's no undo. The confirmation dialog spells out that workspace members will lose access to the tools on their next chat session.
View Available Tools
Select the tool count on any row (for example 3 tools) to open the Tools dialog. You'll see each tool's name and description, taken straight from the MCP server's own catalog.
This list is the source of truth - if a tool isn't here, Hubi can't call it. Run Test connection after the server publishes a new tool to refresh the catalog.
Use the Tools in Chat
Once a server is connected and enabled, its tools are available to Hubi automatically in any chat in that workspace - no extra command, no slash, no toggle. Hubi picks the right tool based on what you're asking for, the same way it does with built-in capabilities.
You'll see the tool call appear inline in the conversation, with the server name attached so you can tell custom-MCP tools apart from built-in ones.
Status and Errors
If a save or a test fails, the dialog and the row pill explain what happened in plain language:
- Couldn't reach server. Check the URL. - Hubi couldn't open a connection. The URL might be wrong, the server might be down, or it might block traffic from outside its network. Verify the URL in a browser and try again.
- Authentication failed. Check the token / key. - the server returned 401 or 403. Re-check the token or API key, regenerate it if it might have expired, and re-save.
- Server didn't respond as MCP. Check the URL. - the URL is reachable but doesn't speak MCP. You might be pointing at a generic web page or the wrong endpoint path. Confirm the path with whoever runs the server.
- Something went wrong. Please try again. - a transient error on our side or the server's. Retry; if it keeps happening, contact support.
The same status (Connected, Failed: ..., Not validated) shows on the row pill so admins and members can see the live state without opening the dialog.
Privacy & Security
A few things worth knowing:
- Secrets stay encrypted. Bearer tokens and API keys are written to a managed secrets vault on save. They're never returned to clients - not in the list, not in the Edit dialog, not in API responses. The Edit dialog uses a dot-pattern placeholder to indicate "a value is stored" without revealing anything about it.
- Private network access is blocked. Hubi refuses to connect to private, loopback, or link-local addresses. This stops a malicious URL from reaching internal services on our infrastructure or yours.
- Outgoing calls are authenticated as Hubi. When a member uses a tool from your MCP server, the call goes out from Hubi with the credentials you stored - the server sees Hubi, not the member. Consider that when picking what credentials to use.
- Audit who can edit. Only workspace admins can add, edit, or delete MCP servers. Promote and demote admins from Workspaces.
Plan Requirement
Custom MCP servers are available on Starter and higher plans, the same as Integrations and Skills.