How to add openapi-to-mcp to Cursor
Turn any OpenAPI spec into an MCP server, exposing your API endpoints as strongly typed tools. Paste the config into ~/.cursor/mcp.json and restart Cursor.
Last updated June 14, 2026 · 33★ · stdio · apikey
Cursor config for openapi-to-mcp
dotnet tool install --global openapi-to-mcp{
"mcpServers": {
"openapi-to-mcp": {
"command": "openapi-to-mcp",
"args": [
"https://petstore3.swagger.io/api/v3/openapi.json"
]
}
}
}Setup steps
- 1Open Cursor → Settings → MCP → Add new MCP server (or edit ~/.cursor/mcp.json directly).
- 2Paste the openapi-to-mcp config below into the "mcpServers" object.
- 3Fill in placeholder secrets, then save.
- 4Cursor reloads MCP servers automatically — check Settings → MCP for a green status dot.
- 5Ask Cursor to use one of openapi-to-mcp's tools to confirm it's connected.
Before you start
- .NET SDK (to install via `dotnet tool install`), or download a prebuilt executable from the releases page
- An OpenAPI 2.0 or 3.0 specification (JSON or YAML; OpenAPI 3.1 is not yet supported)
- Credentials (bearer token or OAuth2 client/refresh credentials) if the target API requires authentication
What openapi-to-mcp can do in Cursor
Dynamically generated per OpenAPI operationThere are no fixed tools. Each operation (endpoint) in the supplied OpenAPI spec is exposed as one MCP tool. Path/query/JSON-body parameters are derived from the operation's JSON schema, and the raw API response is returned. The tool name comes from the `x-mcp-tool-name` extension, the `operationId`, or `{httpMethod}_{escaped_path}`, per the chosen `--tool-naming-strategy`; the description comes from `x-mcp-tool-description`, `operation.description`, or `path.description`.
Security
Bearer tokens and OAuth2 client secrets/passwords are passed as command-line args in the MCP config and forwarded as the Authorization header on every call (including when fetching a remote spec). Avoid committing config files containing these credentials. The server forwards API responses as-is, so be mindful of which spec/host you point it at.
openapi-to-mcp + Cursor FAQ
Where is the Cursor config file?
Cursor reads MCP servers from ~/.cursor/mcp.json. Paste the openapi-to-mcp config there under the "mcpServers" key and restart the client.
Is openapi-to-mcp safe to use with Cursor?
Bearer tokens and OAuth2 client secrets/passwords are passed as command-line args in the MCP config and forwarded as the Authorization header on every call (including when fetching a remote spec). Avoid committing config files containing these credentials. The server forwards API responses as-is, so be mindful of which spec/host you point it at.
Which OpenAPI versions are supported?
OpenAPI 2.0 and 3.0 are supported. 3.1 is not (pending OpenAPI 3.1 support in microsoft/OpenAPI.NET). Specs may be JSON or YAML, local or remote, but only local $refs are supported.
What transports are supported?
Only STDIO transport is currently supported.
How does the server know which host to call?
It uses, in order: the `--host-override` option, the spec's first server URL if absolute, then the host of the remote OpenAPI URL provided. If none resolve to an absolute host, an error is thrown.