Skip to content

Connecting to the Faraday MCP Server

Instructions for connecting AI clients to the Faraday MCP server, which lets you interact with your Faraday data (workspaces, vulnerabilities, assets, services, remediations and more) using natural language from any MCP-compatible tool.

Prerequisites

  • Server URL: https://mcp.apps.faradaysec.com/mcp
  • Faraday instance URL: your Faraday server (e.g. https://your-faraday-instance.com)
  • Credentials: an API token, or a username + password

Note: Faraday never stores your credentials — your AI client sends them securely with each request.

Authentication headers

Every client connects to the same URL. Choose one of these two ways to sign in:

Method Headers
API token (recommended) X-Faraday-URL, X-Faraday-Token
Username / password X-Faraday-URL, X-Faraday-Username, X-Faraday-Password

X-Faraday-URL is the address of your Faraday instance. You can generate an API token from your Faraday instance under Settings → API Token.

The examples below use token authentication. To use a username and password instead, replace the X-Faraday-Token header with the X-Faraday-Username and X-Faraday-Password pair.


Claude Code

Run the following command to register the server:

claude mcp add --transport http faraday https://mcp.apps.faradaysec.com/mcp \
  --header "X-Faraday-URL: https://your-faraday-instance.com" \
  --header "X-Faraday-Token: your-api-token"

Username / password instead of a token:

claude mcp add --transport http faraday https://mcp.apps.faradaysec.com/mcp \
  --header "X-Faraday-URL: https://your-faraday-instance.com" \
  --header "X-Faraday-Username: your-username" \
  --header "X-Faraday-Password: your-password"

Claude Desktop

Claude Desktop can't reach a remote server like Faraday on its own, so it uses a small helper — mcp-remote — to make the connection and pass your credentials. You'll need Node.js installed, which provides the npx command used below.

Add the following to claude_desktop_config.json:

{
  "mcpServers": {
    "faraday": {
      "command": "npx",
      "args": [
        "-y", "mcp-remote",
        "https://mcp.apps.faradaysec.com/mcp",
        "--header", "X-Faraday-URL:https://your-faraday-instance.com",
        "--header", "X-Faraday-Token:your-api-token"
      ]
    }
  }
}

Username / password instead of a token — pass both credential headers:

{
  "mcpServers": {
    "faraday": {
      "command": "npx",
      "args": [
        "-y", "mcp-remote",
        "https://mcp.apps.faradaysec.com/mcp",
        "--header", "X-Faraday-URL:https://your-faraday-instance.com",
        "--header", "X-Faraday-Username:your-username",
        "--header", "X-Faraday-Password:your-password"
      ]
    }
  }
}

Note: Keep each header as Name:value with no space after the colon.

Config file location — open it from Settings → Developer → Edit Config (this creates the file and reveals its path). By default:

  • macOS: ~/Library/Application Support/Claude/claude_desktop_config.json
  • Windows: %APPDATA%\Claude\claude_desktop_config.json

After editing the config, fully quit and restart Claude Desktop.


Visual Studio Code (GitHub Copilot)

VS Code can use MCP servers from Copilot agent mode (requires VS Code 1.102 or later, with GitHub Copilot enabled). You can register the server for a single workspace or globally for your user.

Per-workspace

Create a .vscode/mcp.json file in the root of your workspace:

{
  "servers": {
    "faraday": {
      "type": "http",
      "url": "https://mcp.apps.faradaysec.com/mcp",
      "headers": {
        "X-Faraday-URL": "https://your-faraday-instance.com",
        "X-Faraday-Token": "your-api-token"
      }
    }
  }
}

To authenticate with a username and password instead of a token, replace the X-Faraday-Token header with the username/password pair:

{
  "servers": {
    "faraday": {
      "type": "http",
      "url": "https://mcp.apps.faradaysec.com/mcp",
      "headers": {
        "X-Faraday-URL": "https://your-faraday-instance.com",
        "X-Faraday-Username": "your-username",
        "X-Faraday-Password": "your-password"
      }
    }
  }
}

Instead of editing the file by hand, you can run MCP: Add Server from the Command Palette (Ctrl/Cmd+Shift+P), choose HTTP, and enter the URL and headers — VS Code scaffolds the .vscode/mcp.json for you.

Global (all workspaces)

To make Faraday available in every workspace, run MCP: Open User Configuration from the Command Palette (or choose Global when running MCP: Add Server). This opens your personal mcp.json, which works just like the workspace file — use the same servers block:

{
  "servers": {
    "faraday": {
      "type": "http",
      "url": "https://mcp.apps.faradaysec.com/mcp",
      "headers": {
        "X-Faraday-URL": "https://your-faraday-instance.com",
        "X-Faraday-Token": "your-api-token"
      }
    }
  }
}

Keep your credentials out of the file

To avoid hard-coding secrets, use an input so VS Code prompts for the value the first time and stores it securely:

{
  "inputs": [
    {
      "type": "promptString",
      "id": "faraday-token",
      "description": "Faraday API token",
      "password": true
    }
  ],
  "servers": {
    "faraday": {
      "type": "http",
      "url": "https://mcp.apps.faradaysec.com/mcp",
      "headers": {
        "X-Faraday-URL": "https://your-faraday-instance.com",
        "X-Faraday-Token": "${input:faraday-token}"
      }
    }
  }
}

Start using it

  1. Open your mcp.json and click Start on the faraday server (or run MCP: List Servers from the Command Palette to start, stop and inspect it).
  2. Open the Copilot Chat view and switch the mode selector to Agent.
  3. Click the tools icon (🔧) to confirm the Faraday tools are listed and enabled.

Cursor

Create a .cursor/mcp.json file in your project (or ~/.cursor/mcp.json to enable it globally):

{
  "mcpServers": {
    "faraday": {
      "url": "https://mcp.apps.faradaysec.com/mcp",
      "headers": {
        "X-Faraday-URL": "https://your-faraday-instance.com",
        "X-Faraday-Token": "your-api-token"
      }
    }
  }
}

Then open Settings → Tools & Integrations to confirm the server is connected.


Cline

In the Cline extension, open the MCP Servers panel → Configure MCP Servers, and add the following to cline_mcp_settings.json:

{
  "mcpServers": {
    "faraday": {
      "type": "streamableHttp",
      "url": "https://mcp.apps.faradaysec.com/mcp",
      "headers": {
        "X-Faraday-URL": "https://your-faraday-instance.com",
        "X-Faraday-Token": "your-api-token"
      }
    }
  }
}

Microsoft Copilot Studio

Microsoft Copilot Studio can connect to Faraday, but it takes a couple of extra steps. Its setup wizard only lets you enter one credential, while Faraday needs two things: your instance address and your API token. So you enter the token with the wizard first, then add your instance address afterwards.

A token is the easiest option here. It's a single value the wizard can take directly. Username and password work too, but you'll need to add both of them by hand in step 2, since the wizard only accepts one credential.

Before you start: you'll need a Copilot Studio environment and permission to add tools in it. If your organization enforces Power Platform data-loss-prevention (DLP) policies, they apply here too.

1. Add the server with the MCP wizard

  1. Open your agent and go to ToolsAdd a toolNew toolModel Context Protocol.
  2. Fill in the fields:
  3. Server name: Faraday
  4. Server description: e.g. "Query and update Faraday vulnerabilities, assets and services." (the agent uses this to decide when to call Faraday)
  5. Server URL: https://mcp.apps.faradaysec.com/mcp
  6. Under authentication, choose API key, set Type to Header, and enter the header name X-Faraday-Token.
  7. Select Create, then Create a new connection, enter your Faraday API token as the key value, and Add to agent.

2. Add your Faraday instance address

The wizard saved your token, but not your Faraday instance address. Add it to the connection the wizard just created:

  1. Go to Power AppsCustom connectors, find the Faraday connector, and select Edit.
  2. Turn on the Swagger editor toggle.
  3. Under the /mcp POST operation, add a header parameter to parameters:
paths:
  /mcp:
    post:
      x-ms-agentic-protocol: mcp-streamable-1.0
      operationId: InvokeMCP
      parameters:
        - name: X-Faraday-URL
          in: header
          type: string
          required: true
          default: https://your-faraday-instance.com
      responses:
        '200':
          description: Success

Set default to your Faraday instance address. It's the same for everyone using this agent, so it's fine to fill it in here — only the token is personal. 4. Save the connector. 5. Remove the tool from your agent and add it back — Copilot Studio only picks up connector header changes when the tool is re-added.

⚠️ Known Copilot Studio issue. As of October 2025, Copilot Studio had a bug where it didn't pass along credentials whose names start with X- — which is exactly what Faraday uses (X-Faraday-URL, X-Faraday-Token, and the username/password variants). Microsoft said a fix was on the way, so it may already be resolved. If the Faraday tools can't sign in, this is the likely reason — check whether Microsoft has fixed it. Background: Adding custom headers to MCP connectors in Copilot Studio.

Once re-added, open your agent's test pane and confirm the Faraday tools appear. For the full official walkthrough, see Microsoft's Connect your agent to an existing MCP server.


Other MCP clients

Faraday works with most MCP-compatible tools. Whatever the client, you only need two things:

  1. URL: https://mcp.apps.faradaysec.com/mcp
  2. Headers: the X-Faraday-* credentials described in Authentication headers

(If the client asks you to choose a connection type, pick HTTP.)

For example, Windsurf uses ~/.codeium/windsurf/mcp_config.json with a serverUrl field:

{
  "mcpServers": {
    "faraday": {
      "serverUrl": "https://mcp.apps.faradaysec.com/mcp",
      "headers": {
        "X-Faraday-URL": "https://your-faraday-instance.com",
        "X-Faraday-Token": "your-api-token"
      }
    }
  }
}

Clients differ mainly in the config key names (mcpServers vs servers) and the URL field (url vs serverUrl). Check your client's documentation for the exact field names, then plug in the URL and headers above.


ChatGPT

ChatGPT can connect to MCP servers through Connectors (Developer Mode, on the Plus, Pro, Business, Enterprise and Education plans). However, its connector screen only offers OAuth or no sign-in at all — there's no place to enter the Faraday credentials (X-Faraday-URL, X-Faraday-Token, …) that the server needs.

For that reason, the Faraday MCP server is not directly compatible with ChatGPT today. Use one of the clients above (Claude, VS Code, Cursor, Cline, etc.), which all support custom headers. We will update this page if ChatGPT adds custom-header support for MCP connectors.


Verification

Once connected, test with:

"List my Faraday workspaces"

You should get back a list of the workspaces available to your account.

Troubleshooting:

  • No workspaces returned — check that X-Faraday-URL points to a reachable Faraday instance.
  • Authentication errors — verify your API token or username/password are correct.
  • Connection refused / server not found — confirm the server URL is exactly https://mcp.apps.faradaysec.com/mcp and that your network allows outbound HTTPS to it.
  • Tools don't appear — fully restart your client (quit, don't just close the window) and start a new conversation.

What you can do once connected

The MCP server lets you work with your Faraday data in natural language — no filter syntax or query language required. Beyond reading and analyzing findings, it can now act on your data: update vulnerabilities in bulk, tag and comment them, create assets and vulnerabilities, and open tickets in your issue trackers.

  • "Show me the last 50 vulnerabilities found in workspace production"
  • "What are the highest-risk vulnerabilities in workspace pentest-2024?"
  • "Find all critical and high vulnerabilities that are still open"
  • "List all vulnerabilities with CVE references"
  • "What services are running on asset 192.168.1.100?"

Update findings in bulk

  • "Mark vulnerabilities 123, 456 and 789 as closed" — update status
  • "Reclassify vulnerability 512 from medium to high" — update severity
  • "Confirm all the critical vulnerabilities in workspace production" — confirm
  • "Update the description of vulnerability 88 to '...'" — update description
  • "Add a note to vulnerability 240: 'Validated during the 06/03 retest'" — comment
  • "Add remediation notes to vulnerabilities 123, 456 and 789: 'Patched in release 2.1.0'" — remediation

Tag vulnerabilities, assets and services

  • "Add the tag internet-facing to all critical vulnerabilities on public services"
  • "Remove the tag false-positive from vulnerabilities 10, 11 and 12"
  • "Tag asset 192.168.1.50 as crown-jewel"
  • "What tags already exist in workspace production?"

Create assets & vulnerabilities

  • "Create a asset 10.0.0.50 running Linux with hostname web01.internal"
  • "Add an http service on port 8080 to that asset"
  • "Create a critical vulnerability Log4Shell RCE on asset X with CVE-2021-44228 and these references: ..."

Tip: when a tool that you don't support produces a report (e.g. an XML or JSON file), you can ask the assistant to read it and create the corresponding vulnerabilities in Faraday from what it finds.

Open tickets in Jira, GitLab or ServiceNow

These require the integration to be configured and active on your Faraday instance.

  • "Open GitLab issues for the confirmed criticals in workspace production"
  • "Create Jira issues in project SEC for vulnerabilities with a CVE that are internet-facing" (Jira can hold many projects, so you must tell it which project to use.)
  • "Export vulnerabilities 100, 101 and 102 to ServiceNow"

Putting it together (multi-step requests)

The assistant chains the read and write tools for you, so you can describe an outcome instead of individual steps:

  • "Mark as confirmed the criticals with a CVE that showed up this week."
  • "Add the internet-facing tag to all critical vulnerabilities on public services."
  • "Close these vulnerabilities and leave a note saying they were validated during the 06/03 retest."

Capability reference

Capability Example actions
Read & analyze List workspaces; filter/search vulnerabilities by severity, status, risk, CVE, CVSS; get
vulnerability details; filter assets; list services; list tags; workspace statistics
Update findings Set status (open / closed / re-opened / risk-accepted); reclassify severity; update description;
confirm/unconfirm; add comments; add remediation details — all in bulk
Tagging Add or remove tags on vulnerabilities, assets and services (bulk)
Create data Create assets, services, and vulnerabilities (manually or from a report you ask the assistant to
interpret)
Ticketing Create issues/records in Jira, GitLab or ServiceNow from selected vulnerabilities