One MCP endpoint for every client, backend, and API key

Zephex gives you one secure `/mcp` surface for Cursor, Claude Code, VS Code, JetBrains, and Windsurf, with routing, usage controls, billing, and key management built in.

Start with one endpoint

How it works

What changes when you run MCP through Zephex

Instead of wiring each client and backend separately, you run one controlled entrypoint and manage it from one place.

Why this feels cleaner

One client config instead of per-backend wiring
One API key flow with revocation and rotation
One dashboard for requests, keys, and plan limits

Connect once

Point your editor or MCP-compatible client at one `/mcp` endpoint instead of maintaining a different setup for every backend.

Route safely

Zephex validates the API key, enforces request limits, and routes tool calls across the backends you have connected.

Operate with visibility

Track requests, keys, plan limits, and billing in one dashboard so teams can manage access without guessing.

Connect once

Paste one config and move on

Pick your client, copy the snippet, add your key, and point it at the Zephex endpoint. This is the part users should see early because it turns the product into something concrete immediately.

.cursor/mcp.json

{
  "mcpServers": {
    "zephex": {
      "url": "https://zephex.dev/mcp",
      "headers": {
        "Authorization": "Bearer {{API_KEY}}"
      }
    }
  }
}

MCP toolbox

A toolbox for faster, safer changes

Use these MCP tools to understand a repo, find the right code, and pull current docs — with clear guidance on when to use each tool.

get_project_context

Get a verified snapshot of the repo.

Summarizes the repo’s stack and key integration points (auth, hosting, billing, queues) based on what’s actually present in code and config.

When to use

You just opened a new repo
You need the stack + key entry points
You want a safe overview before changing code

View all tools API docs

Built for real workflows

Who gets the most out of it

Zephex fits teams that want MCP to feel operational, not experimental.

Solo developers

Keep your setup light when you switch repos, tools, or environments and do not want to rebuild MCP config every time.

Keep setup stable while repos and tools change.

Startups and product teams

Use one integration surface while your stack changes and avoid ad-hoc key sharing across local, staging, and production work.

Share one clean control layer across environments.

Platform and ops teams

Add rate limits, key lifecycle control, and usage visibility from one layer instead of patching them into every client.

Treat MCP access like infrastructure, not tribal knowledge.

Trust at a glance

Security and data use without hand-waving

These controls map to the current implementation and the policy surfaces users check before they trust a proxy.

API keys are not stored in plaintext

Server-side key validation uses hashing, and dashboard flows support revocation and rotation when a key is exposed or no longer needed.

Read security

Tier-based limits and abuse protection

Rate limiting and usage enforcement help protect infrastructure from abuse, accidental spikes, and runaway traffic.

Read API limits

Clear data handling policy

Data Use and Privacy pages explain what is processed to run the service and what is not used to train models.

Read data use

Plans

Pricing that feels like the billing dashboard

Start free, upgrade when usage becomes real, and keep the plan math obvious.

FREE

$0/mo

Best for evaluating one endpoint against a few backends.

Requests300 / mo

MCP Backends3

API Keys3

Key scopesFull access

SupportCommunity

Start free View full pricing

PRO

$7/mo

Best for day-to-day dev workflows that need cleaner control.

Requests3,000 / mo

MCP Backends10

API KeysUnlimited

Key scopesCustom scopes

SupportEmail

Choose Pro View full pricing

MAX

$19/mo

Best for teams that need higher ceilings and priority support.

Requests10,000 / mo

MCP Backends20

API KeysUnlimited

Key scopesCustom scopes

SupportPriority

Choose Max View full pricing

API access

API keys, without the vague explanation

This is the flow users care about: where the key is created, how it is sent, and what the first call looks like.

Create a key

Generate a key in the dashboard and keep one key per environment.

Send it once

Use the key as a Bearer token from your MCP client or direct API request.

Call MCP methods

Start with `tools/list`, then route actual `tools/call` traffic through Zephex.

Read API docs Create API key

Authenticate

Authorization: Bearer mcp_sk_••••••••••••••••••••••••••••••••

Call MCP

curl -X POST https://zephex.dev/mcp \
  -H "Authorization: Bearer mcp_sk_xxx" \
  -H "Content-Type: application/json" \
  -d '{"jsonrpc":"2.0","id":1,"method":"tools/list","params":{}}'

Key handling rules

Use separate keys for local, staging, and production
Rotate exposed keys immediately
Do not commit keys to repositories

FAQ

Questions before you connect

Quick answers for evaluation, setup, and security review.

How long does setup take?

Most users can connect in a few minutes: create a key, paste one config snippet, and call the MCP endpoint.

Which clients are supported?

Zephex provides setup guidance for Cursor, Claude Code, VS Code, Windsurf, JetBrains, and other MCP-compatible clients.

Do you train AI models on my tool content?

No. Zephex states that prompts, tool inputs, tool outputs, and code are not used to train AI models.

How should I handle API keys safely?

Treat keys like secrets: keep them out of public repos, rotate exposed keys immediately, and use separate keys per environment.