How to add Auto Browser to Claude Desktop
MCP-native browser control plane with human takeover, reusable auth profiles, approvals, and audit trails. Paste the config into ~/Library/Application Support/Claude/claude_desktop_config.json and restart Claude Desktop.
Last updated June 14, 2026 ยท 579โ ยท stdio ยท no auth
Claude Desktop config for Auto Browser
uvx auto-browser-mcp{
"mcpServers": {
"auto-browser": {
"command": "uvx",
"args": [
"auto-browser-mcp"
],
"env": {
"AUTO_BROWSER_BASE_URL": "http://127.0.0.1:8000/mcp",
"AUTO_BROWSER_BEARER_TOKEN": ""
}
}
}
}Requires `uv` (the Python package runner). Install it from https://docs.astral.sh/uv/ if `uvx` is not found.
Setup steps
- 1Open Claude Desktop โ Settings โ Developer โ Edit Config (this opens ~/Library/Application Support/Claude/claude_desktop_config.json).
- 2Paste the Auto Browser config below under the top-level "mcpServers" key.
- 3Fill in any placeholder secrets (API keys, paths) in the snippet.
- 4Save the file, then fully quit and reopen Claude Desktop.
- 5Open a chat and confirm Auto Browser's tools appear under the ๐ tools menu.
Before you start
- Docker and Docker Compose to run the controller and browser-node stack locally
- The Auto Browser controller running and reachable at http://127.0.0.1:8000/mcp
- uv / uvx installed to run the stdio bridge via `uvx auto-browser-mcp` (or Python 3.10+ to run scripts/mcp_stdio_bridge.py from a checkout)
- An MCP client such as Claude Desktop or Cursor
What Auto Browser can do in Claude Desktop
browser.create_sessionCreate a new browser session, optionally with a name, start_url, and a saved auth_profile to resume pre-authenticated.
browser.list_sessionsList active browser sessions.
browser.verify_witnessRead-only tool that walks the full hash-chained Witness receipt log for a session and reports the first divergent receipt if the log was altered, reordered, or truncated.
harness.list_runsRead-only convergence-harness tool (curated profile) to list harness runs.
harness.get_statusRead-only convergence-harness tool (curated profile) to inspect the status of a harness run.
harness.get_traceRead-only convergence-harness tool (curated profile) to fetch the recorded trace of a harness run.
harness.start_convergenceFull-profile tool that starts a convergence run against a live browser session (use workflow_profile=governed).
harness.list_candidatesFull-profile tool to list staged skill candidates produced by convergence runs.
Security
The MCP stdio bridge proxies the client to the local controller at http://127.0.0.1:8000/mcp; all published ports bind to 127.0.0.1 by default. The example config leaves AUTO_BROWSER_BEARER_TOKEN empty for local development. For real private deployments the README recommends setting APP_ENV=production, a strong API_BEARER_TOKEN (and the matching AUTO_BROWSER_BEARER_TOKEN on the bridge), REQUIRE_OPERATOR_ID=true, AUTH_STATE_ENCRYPTION_KEY (44-char Fernet) with REQUIRE_AUTH_STATE_ENCRYPTION=true, REQUEST_RATE_LIMIT_ENABLED=true, METRICS_ENABLED=true, and STEALTH_ENABLED=false. COMPLIANCE_TEMPLATE (strict or balanced) can apply a hardened posture at startup. Authorized workflows only; the project explicitly does not support CAPTCHA solving, unauthorized scraping, or bypass tooling.
Auto Browser + Claude Desktop FAQ
Where is the Claude Desktop config file?
Claude Desktop reads MCP servers from ~/Library/Application Support/Claude/claude_desktop_config.json. Paste the Auto Browser config there under the "mcpServers" key and restart the client.
Is Auto Browser safe to use with Claude Desktop?
The MCP stdio bridge proxies the client to the local controller at http://127.0.0.1:8000/mcp; all published ports bind to 127.0.0.1 by default. The example config leaves AUTO_BROWSER_BEARER_TOKEN empty for local development. For real private deployments the README recommends setting APP_ENV=production, a strong API_BEARER_TOKEN (and the matching AUTO_BROWSER_BEARER_TOKEN on the bridge), REQUIRE_OPERATOR_ID=true, AUTH_STATE_ENCRYPTION_KEY (44-char Fernet) with REQUIRE_AUTH_STATE_ENCRYPTION=true, REQUEST_RATE_LIMIT_ENABLED=true, METRICS_ENABLED=true, and STEALTH_ENABLED=false. COMPLIANCE_TEMPLATE (strict or balanced) can apply a hardened posture at startup. Authorized workflows only; the project explicitly does not support CAPTCHA solving, unauthorized scraping, or bypass tooling.
How does an MCP client connect to Auto Browser?
Start the stack locally (docker compose up --build), then point a stdio-first client like Claude Desktop at the bundled bridge via `uvx auto-browser-mcp`, with AUTO_BROWSER_BASE_URL set to http://127.0.0.1:8000/mcp. HTTP-capable clients can talk to the /mcp endpoint directly.
Which tools are available by default?
The default MCP_TOOL_PROFILE is `curated`, which keeps the browser surface compact and hides approval-admin, agent-queue, provider-introspection, and remote-access-admin tools. Read-only harness inspection tools are included. Set MCP_TOOL_PROFILE=full to expose the full surface, including harness.* convergence tools and the agent-queue tools.
How do I secure a non-local deployment?
Set APP_ENV=production, a strong API_BEARER_TOKEN (and the matching AUTO_BROWSER_BEARER_TOKEN on the bridge), REQUIRE_OPERATOR_ID=true, AUTH_STATE_ENCRYPTION_KEY with REQUIRE_AUTH_STATE_ENCRYPTION=true, rate limiting, and metrics. COMPLIANCE_TEMPLATE=strict or =balanced applies a preconfigured posture at startup.