Was this page helpful?
Get Started
Connect Zephex to your editor in under 5 minutes. Only watching videos? Use Setup video first — no download required.
Should I download anything? Not to watch videos (0 MB). To connect an editor: paste config from the dashboard (0 MB if you paste config by hand · ~30–85 MB Node only if you run the setup wizard) or run setup once if you want the wizard. You do not need the Terminal CLI page for normal use.
Watch setup video first · Terminal commands (optional)
Four steps. About five minutes. Same flow for every editor.
Open Dashboard → API Keys → Create new key. Name it for the environment it belongs to, such as local-dev or production. Copy the full key now. If you lose it, rotate and create a new one.
Choose your editor, paste the config into the exact file or settings screen shown below, and replace YOUR_API_KEY_HERE with your real key.
Paste Location
Create .cursor/mcp.json in your project root.
Restart
Fully quit Cursor with Cmd+Q on macOS or Ctrl+Q on Windows/Linux, then reopen it.
{ "mcpServers": { "zephex": { "command": "npx", "args": ["-y", "zephex"], "env": { "ZEPHEX_API_KEY": "YOUR_API_KEY_HERE" } } }}After restarting the editor, run this curl command. It confirms that the endpoint is reachable and the Authorization header is correct before you debug anything inside the editor UI.
curl -X POST https://zephex.dev/mcp \ -H "Authorization: Bearer YOUR_API_KEY" \ -H "Content-Type: application/json" \ -d '{"jsonrpc":"2.0","id":1,"method":"tools/list","params":{}}'A successful response looks like this:
{ "jsonrpc": "2.0", "id": 1, "result": { "tools": [ { "name": "get_project_context", "description": "Compact, verified project brief before you change code." }, { "name": "read_code", "description": "Extract exact functions, classes, and symbols from source files." }, { "name": "find_code", "description": "Fast repo-wide search using ripgrep." }, { "name": "check_package", "description": "Verify an npm package and compare versions." }, { "name": "audit_package", "description": "Check CVEs, breaking changes, and migration guidance." }, { "name": "explain_architecture", "description": "Trace request, auth, and data flows across the app." }, { "name": "Zephex_dev_info", "description": "Expert KB: search then get vetted auth, DB, and security patterns." }, { "name": "scope_task", "description": "Return the minimum file set to read before coding." }, { "name": "audit_headers", "description": "Audit TLS, redirects, headers, and cookies." }, { "name": "keep_thinking", "description": "Create a structured investigation session with memory." } ] }}If you see 10 tools listed, the connection is working correctly. If you see unauthorized, the key or Bearer header format is wrong.
In your editor, open a repo and ask the agent to call get_project_context. This gives the model a grounded overview before it starts reading or changing files.
“Use the get_project_context tool and give me a compact overview of this project before you make any changes.”
A typical response looks like this:
Stack: Next.js 16, React 19, TypeScript, Bun, ExpressAuth: Bearer API keys (SHA-256 hashed) plus dashboard session authHosting: Vercel (public app), Render (proxy), Supabase (database)Key files: dashboard/src/app/api/mcp/route.ts, dashboard/src/lib/auth.ts, src/services/analyze-routes.tsIntegrations: Stripe (billing), Upstash Redis (rate limiting), Supabase (auth + DB), Sentry (monitoring)Environment variables: SUPABASE_URL, SUPABASE_ANON_KEY, STRIPE_SECRET_KEY, UPSTASH_REDIS_URLThis is the kind of output you should expect: concrete, structured, and grounded in the actual codebase.
unauthorized: The header must be exactly Bearer YOUR_KEY with a space after Bearer.rate_limit_exceeded: Check your monthly request usage in the dashboard. Free includes 555 requests per month.zephex.dev on port 443.