How to add auth-fetch-mcp to Claude Desktop
Let AI assistants fetch content from authenticated web pages via a real browser login. Paste the config into ~/Library/Application Support/Claude/claude_desktop_config.json and restart Claude Desktop.
Last updated June 14, 2026 ยท 30โ ยท stdio ยท no auth
Claude Desktop config for auth-fetch-mcp
claude mcp add --scope user auth-fetch -- npx auth-fetch-mcp@latest{
"mcpServers": {
"auth-fetch-mcp": {
"command": "npx",
"args": [
"auth-fetch-mcp@latest"
]
}
}
}Setup steps
- 1Open Claude Desktop โ Settings โ Developer โ Edit Config (this opens ~/Library/Application Support/Claude/claude_desktop_config.json).
- 2Paste the auth-fetch-mcp config below under the top-level "mcpServers" key.
- 3Fill in any placeholder secrets (API keys, paths) in the snippet.
- 4Save the file, then fully quit and reopen Claude Desktop.
- 5Open a chat and confirm auth-fetch-mcp's tools appear under the ๐ tools menu.
Before you start
- A local environment (does not work in web-based chat interfaces)
- Node.js with npx (server is run via `npx auth-fetch-mcp@latest`)
- Chromium is auto-installed on first run if not already present
- An MCP-compatible client using stdio transport (Claude Code, Cursor, Windsurf, etc.)
What auth-fetch-mcp can do in Claude Desktop
auth_fetchPrimary tool. Fetches page content using a real browser, opening a window for login if needed. Returns cleaned HTML with noise elements (nav, footer, scripts, etc.) stripped and media tags (<img>, <video>, <iframe>) preserved. Params: url (string, required, http/https only); wait_for (string, optional CSS selector to wait for before capturing, useful for SPAs).
download_mediaDownloads files from URLs using saved browser sessions โ use it to lazily download images, videos, or other files found in auth_fetch results; saved cookies handle authentication automatically. Params: urls (string[], required, http/https only); output_dir (string, optional subdirectory under ~/.auth-fetch-mcp/downloads/, absolute paths or escaping `..` rejected; defaults to a timestamped folder).
list_pagesLists all open tabs in the browser with their URLs and titles.
close_browserCloses the browser window. Login sessions are saved and will be reused next time.
Security
All data is stored locally under ~/.auth-fetch-mcp/ and nothing is sent to external servers; captured HTML is never written to disk (passed only over the stdio pipe). To prevent SSRF from prompt injection, both auth_fetch and download_media validate every URL: only http/https schemes are allowed, and the resolved IP is rejected if it falls in private, loopback, link-local, CGNAT, or multicast ranges. download_media also constrains output_dir to stay inside ~/.auth-fetch-mcp/downloads/. Private/LAN hosts can be opted in via AUTH_FETCH_ALLOW_PRIVATE or AUTH_FETCH_ALLOW_HOSTS, but doing so re-opens those hosts to any prompt the LLM processes.
auth-fetch-mcp + Claude Desktop FAQ
Where is the Claude Desktop config file?
Claude Desktop reads MCP servers from ~/Library/Application Support/Claude/claude_desktop_config.json. Paste the auth-fetch-mcp config there under the "mcpServers" key and restart the client.
Is auth-fetch-mcp safe to use with Claude Desktop?
All data is stored locally under ~/.auth-fetch-mcp/ and nothing is sent to external servers; captured HTML is never written to disk (passed only over the stdio pipe). To prevent SSRF from prompt injection, both auth_fetch and download_media validate every URL: only http/https schemes are allowed, and the resolved IP is rejected if it falls in private, loopback, link-local, CGNAT, or multicast ranges. download_media also constrains output_dir to stay inside ~/.auth-fetch-mcp/downloads/. Private/LAN hosts can be opted in via AUTH_FETCH_ALLOW_PRIVATE or AUTH_FETCH_ALLOW_HOSTS, but doing so re-opens those hosts to any prompt the LLM processes.
Do I have to log in every time?
No. Browser sessions (cookies, local storage) are saved locally under ~/.auth-fetch-mcp/browser-data/ and reused across restarts, so each service only needs a one-time manual login.
Is my page content or login data sent anywhere?
No. All data stays on your machine. Captured HTML is never written to disk โ it passes directly to the AI over the stdio pipe โ and sessions are stored locally as a standard Chromium profile.
Can it access a dev server or host on my LAN?
Private, loopback, and link-local hosts are blocked by default to prevent SSRF. You can opt in with AUTH_FETCH_ALLOW_PRIVATE=1 (most permissive) or a narrow AUTH_FETCH_ALLOW_HOSTS allowlist, but only in trusted environments since this re-opens those hosts to any prompt the LLM processes.