OAuth
Profound MCP uses OAuth 2.1. When your client prompts for authentication, complete the browser sign-in with your Profound account. Every tool call runs as the authenticated user and returns only the data that user can access.OAuth is the recommended authentication method for all Profound MCP connections.
Long-lived Bearer token (API key)
Profound MCP supports a long-lived Bearer token authentication based on an API key. This is useful for setups that can’t complete a per-user OAuth flow each time, such as service accounts or internal tools.Requirements
- Profound enterprise plan
- Access to Profound API: contact our support team to get it.
Setup
1
Generate an API key
Follow the instructions in Getting Your API Key section of Profound API documentation.
2
Configure your MCP client's authentication settings
In your MCP client’s authentication settings for the Profound connection, select Bearer Token and enter:
Security notes
- Your API key is sensitive information. Treat it like a password: store it securely, never commit it to version control, and set an expiration date when you create it.
- Revoke keys you no longer use from the API Keys page in your Profound account settings.