Mcp MCP Server

Storydoc MCP

Official Storydoc Model Context Protocol server. Lets any MCP-compatible client (Claude Desktop, Claude Code, Cursor, Windsurf, ChatGPT, claude.ai web, etc.) generate Storydocs through Storydoc's AI wizard.

Status: v0.4 — hosted on Cloud Run (staging + production) and available on npm. Six tools cover the full workflow: list templates, plan a version, create a version, generate from scratch, fetch analytics, plus a getter for full story detail.

Tools

storydoc_generate_story inputs

Returns url, shortUrl, editorUrl, IDs, and a _meta block (title, slide counts, brand-fetch flag, duration).

Typical flow

1. user: "Create a sales proposal for Pfizer"
2. model: storydoc_list_stories(search="Pfizer") OR (search="sales", onlyTemplates=true)
3. model picks a template, then storydoc_plan_version(storyId=…, title=…, values=…)
4. model shows the preview to the user, fills any missing required fields
5. storydoc_create_version(same args) → returns the public URL

For a deck where no template fits: skip steps 2–4 and call storydoc_generate_story directly. Recommend both paths so the user knows there's a choice.

Resources

• storydoc://presentation-types — JSON array of the closed list of supported presentationType values for storydoc_generate_story.
• storydoc://account — The authenticated org's { orgId, title }. Useful as context without a tool call.

Install

You need a Storydoc API token (Bearer JWT). Two ways to connect — pick whichever your client supports.

Option A — Hosted (recommended, works everywhere including web clients)

URL: https://storydoc-mcp-728346048498.europe-west1.run.app/mcp (staging — production URL TBD)

Claude Desktop / Claude Code

{
  "mcpServers": {
    "storydoc": {
      "type": "http",
      "url": "https://storydoc-mcp-728346048498.europe-west1.run.app/mcp",
      "headers": {
        "Authorization": "Bearer eyJhbGciOi..."
      }
    }
  }
}

Cursor (.cursor/mcp.json)

{
  "mcpServers": {
    "storydoc": {
      "url": "https://storydoc-mcp-728346048498.europe-west1.run.app/mcp",
      "headers": {
        "Authorization": "Bearer eyJhbGciOi..."
      }
    }
  }
}

claude.ai (web)

Settings → Connectors → Add custom connector:

• URL: https://storydoc-mcp-728346048498.europe-west1.run.app/mcp
• Authentication: Bearer token → paste your Storydoc JWT

ChatGPT / Gemini / Perplexity / n8n

Same idea — these clients also accept a URL + Authorization header. UI varies, payload doesn't.

Option B — Local (stdio via npm)

Use this if you specifically want the MCP to run on your own machine (offline, air-gapped, or you don't trust the hosted endpoint).

{
  "mcpServers": {
    "storydoc": {
      "command": "npx",
      "args": ["-y", "storydoc-mcp"],
      "env": {
        "STORYDOC_API_TOKEN": "eyJhbGciOi..."
      }
    }
  }
}

Option C — Local development (from source)

npm install
npm run build

# stdio (for testing against a desktop client)
STORYDOC_API_TOKEN=eyJ... node dist/index.js

# HTTP (for testing the hosted-server path locally)
node dist/http.js
# then POST http://localhost:8080/mcp with Authorization: Bearer ...

Point a client at the local stdio binary:

{
  "mcpServers": {
    "storydoc": {
      "command": "node",
      "args": ["/absolute/path/to/storydoc-mcp/dist/index.js"],
      "env": { "STORYDOC_API_TOKEN": "eyJ..." }
    }
  }
}

Environment variables

On Cloud Run (or any GCP runtime where K_SERVICE / GAE_SERVICE / GOOGLE_CLOUD_PROJECT is set), the MCP loads its config from the shared secrets Secret Manager blob at startup, using the same convention as dotell-backend (bin/secrets.js). The blob contents are loaded into process.env. Locally — or when STORYDOC_SKIP_GCP_SECRETS=1 is set — this step is skipped and process.env is used as-is.

If MCP_SIGNING_KEY ends up unset after loading the blob, OAuth endpoints are disabled and the server only accepts raw Storydoc JWTs as bearer tokens (Claude Desktop JSON-config path still works; claude.ai web Custom Connector path doesn't).

When MCP_SIGNING_KEY is set, OAuth is the only accepted path by default — raw Storydoc JWTs sent directly in Authorization: Bearer are rejected with 401 invalid_token. Set MCP_ALLOW_RAW_TOKEN=1 to keep the legacy passthrough working for clients that haven't migrated to the OAuth flow yet.

Deploying the hosted server

The MCP loads secrets the same way as dotell-backend — at startup it pulls the shared secrets blob from Secret Manager and loads it into process.env via dotenv. No per-secret --update-secrets flags, no env-var management in Cloud Run config. Add a key once to the shared blob and any service that loads it picks it up.

One-time infra setup

# 1. Grant the MCP's runtime service account read access to the shared secrets blob
#    (the same blob dotell-backend reads from bin/secrets.js)
gcloud secrets add-iam-policy-binding secrets \
  --project platform-staging-303007 \
  --member="serviceAccount:728346048498-compute@developer.gserviceaccount.com" \
  --role=roles/secretmanager.secretAccessor

# 2. Add MCP_SIGNING_KEY to the shared secrets blob.
#    Easiest path: open the secret in the Secret Manager UI, copy the current blob,
#    add a line like:
#
#      MCP_SIGNING_KEY=<base64-output-of-openssl-rand-base64-32>
#
#    and add a new version. STORYDOC_API_SECRET_STAGING is already in the blob —
#    no changes needed for that.

# Generate a fresh signing key value to paste:
openssl rand -base64 32

Deploy

Non-secret env vars (MCP_PUBLIC_URL, MCP_ALLOWED_HOSTS, MCP_ALLOWED_ORIGINS, NODE_ENV) live in a YAML file checked into the repo. Secrets (MCP_SIGNING_KEY, STORYDOC_API_SECRET) come from the Secret Manager blob at boot — not in the file.

gcloud config set project platform-production-303007    # or platform-staging-303007

gcloud run deploy storydoc-mcp \
  --source . \
  --region europe-west1 \
  --allow-unauthenticated \
  --port 8080 \
  --min-instances 0 --max-instances 10 \
  --memory 512Mi \
  --env-vars-file=env.production.yaml

This is the deploy command — env config and image build happen atomically in one call, so you never end up in the "container won't start because MCP_PUBLIC_URL is missing" state.

For staging, swap the project and use a env.staging.yaml with the staging host/URL.

Notes:

• --env-vars-file replaces all non-secret env vars on the service. The YAML must contain every non-secret var you want set. If you only need to tweak one var without a full redeploy, use --update-env-vars=KEY=VAL (merges, doesn't wipe) — but the next --env-vars-file deploy will overwrite it, so update the file too.
• No --update-secrets. The container pulls the shared blob from Secret Manager on startup using the runtime service account's credentials.
• NODE_ENV=staging (or production) controls which blob is fetched — staging at projects/728346048498/secrets/secrets/versions/latest, production at projects/59909522358/secrets/secrets/versions/latest — matching dotell-backend's bin/secrets.js.
• --allow-unauthenticated is correct — auth happens inside the server via the OAuth flow / Authorization header, not via Google IAM.

env.production.yaml:

NODE_ENV: production
MCP_PUBLIC_URL: https://mcp.storydoc.com
MCP_ALLOWED_HOSTS: mcp.storydoc.com,storydoc-mcp-59909522358.europe-west1.run.app
MCP_ALLOWED_ORIGINS: https://claude.ai,https://chatgpt.com,https://chat.openai.com,https://gemini.google.com,https://copilot.microsoft.com,https://chat.mistral.ai,https://www.perplexity.ai

Roadmap

• Phase 3 — OAuth flow (replace JWT paste with "Sign in with Storydoc"), public MCP registry submission, additional tools (analytics, version creation, PDF export).