Skip to main content
Locus exposes its capabilities as curated MCP tools for LLM agents. The tools are hand-defined (one per capability) and point at the same engine as the REST API — they are not a 1:1 mirror of the HTTP routes. Endpoint: https://mcp.locusmedical.fr/mcp · Transport: Streamable HTTP

Connect a client

Locus authenticates with a static lsk_… bearer token (OAuth is on the roadmap, not available yet). How you wire it up depends on whether your client can send a custom Authorization header.

Clients that support custom headers

Cursor, Cline, VS Code, Windsurf, and most config-file MCP clients can call the endpoint directly. Point them at the URL with your key as a bearer header: 
{
  "mcpServers": {
    "locus": {
      "url": "https://mcp.locusmedical.fr/mcp",
      "headers": { "Authorization": "Bearer ${LOCUS_API_KEY}" }
    }
  }
}

Claude (Desktop / claude.ai)

Claude’s native connectors expect OAuth 2.1, which Locus does not implement yet. Use the mcp-remote bridge — a small local proxy that injects your Authorization header over the connection — in claude_desktop_config.json: 
{
  "mcpServers": {
    "locus": {
      "command": "npx",
      "args": [
        "-y", "mcp-remote", "https://mcp.locusmedical.fr/mcp",
        "--header", "Authorization: Bearer ${LOCUS_API_KEY}"
      ]
    }
  }
}
Use the direct URL + headers form for header-capable clients; use mcp-remote for Claude until native OAuth lands.

Authentication

Every tool call is authenticated with the same lsk_… key as the REST API (see Authentication). The bearer travels in the request headers; a missing or invalid key makes the tool return an error result. OAuth 2.1 is on the roadmap; until then, API-key auth (direct header, or via mcp-remote for Claude) is the supported path.

Raw JSON-RPC

You can also drive the server directly. List the tools: 
curl -X POST https://mcp.locusmedical.fr/mcp \
  -H "Authorization: Bearer $LOCUS_API_KEY" \
  -H "Accept: application/json, text/event-stream" \
  -H "Content-Type: application/json" \
  -d '{"jsonrpc":"2.0","id":1,"method":"tools/list"}'
Call a tool: 
curl -X POST https://mcp.locusmedical.fr/mcp \
  -H "Authorization: Bearer $LOCUS_API_KEY" \
  -H "Accept: application/json, text/event-stream" \
  -H "Content-Type: application/json" \
  -d '{"jsonrpc":"2.0","id":2,"method":"tools/call",
       "params":{"name":"search","arguments":{"query":"HTA gravidique","limit":5}}}'

What tools return

Each tool returns both:
  • content — a readable text summary, for clients that show text.
  • structuredContent — the full JSON, typed by an advertised output schema.
See the tool catalogue for routing guidance and per-tool details.