Novelmint
Sign in

Model Context Protocol

Connect Novelmint to your AI client

Add Novelmint to Claude Desktop, Claude Code, Claude.ai, Cursor, or any MCP-compatible AI assistant. Browse your timeline, edit beats, generate prose, and manage characters from inside the AI — no copy-paste, no API key juggling.

Get started — sign up freeSee setup steps ↓

MCP server URL

https://novelmint.ai/api/mcp

Three steps to connect

Works the same in every MCP-compatible client.

  1. 1

    Add the MCP URL

    Open your AI client's MCP / Connectors settings. Add a new server with the URL above. The client discovers our OAuth metadata automatically.

  2. 2

    Approve in the browser

    You'll be sent to a Novelmint consent screen. Review the requested scopes (read / write / generate / delete) and approve. The client stores its tokens; we never see your AI client's session.

  3. 3

    Use the tools

    49 tools become available to the AI. Ask it to “show me the beats in chapter 3”, “create a new POV character”, or “regenerate prose for chapter 5”. Manage active connections at /account/mcp.

What the AI can do

49 tools across discovery, structural editing, generation, and ref-doc management.

Browse your timeline

Full read access to series, books, chapters, beats, threads, characters, locations, ref docs. The AI sees what you see in the Timeline editor.

Edit structurally

Create and edit beats with markdown content, attach characters and locations, manage POV markers, weave plot threads, reorder, move between chapters.

Manage entities + lore

Create characters and locations with typed bible sections. Attach ref docs to chapters, suppress noise, edit canonical names and aliases — entity-rollup runs server-side.

Generate from inside the AI

Trigger chapterspec / prose / editorial stages or kick off a full build_chapter run. Same credits, same pipeline, same artifacts as the web UI — debited under purpose=`mcp_<stage>`.

Save manual edits with concurrency

save_artifact takes a required version_tag — if the chapter changed in the web UI between read and write, you get version_conflict back with the current tag so you can re-fetch + retry.

Author intervention is structural

Generate tools deliberately have no `instructions` / steering param. Edit beats, voice notes, ref docs and regenerate — the same loop the web UI enforces. The AI helps you steer the structure, not the prompt.

Scopes you control

Approve only what each AI client needs. Revoke any time at /account/mcp.

read

Browse series, books, chapters, beats, characters, ref docs, build state. No writes.

list_series, get_chapter, render_chapter, get_beat, list_entities

write

Create + edit beats, threads, ref docs, characters, chapters. Save manually-authored artifacts.

create_beat, update_beat, create_entity, save_artifact, attach_ref_doc

generate

Trigger AI pipeline stages — chapterspec, prose, editorial, build_chapter. Debits credits.

generate_chapterspec, generate_prose, build_chapter, cancel_build

delete

Remove beats, threads, ref docs, characters. Destructive — most tools support dry_run.

delete_beat, delete_entity, apply_ref_doc_to_book (suppress/detach modes)

Same credits as the web UI

MCP-triggered generations debit the same credit balance as the web Timeline editor. No separate API plan. Read tools are free; generate tools cost the standard per-stage amount. Use the estimate_credits tool to preview cost before triggering anything.

See pricing →

Security by design

OAuth 2.0 + PKCE

Standard authorization code flow with PKCE. RFC 7591 Dynamic Client Registration so MCP clients self-register without a manual approval step.

Per-resource ownership

Every tool call verifies you own the series / book / chapter / beat / character it touches. Service-role bypasses Postgres RLS but ownership is checked explicitly in every handler.

Audit logging

Every write / delete / generate call writes one row to mcp_audit_log with a SHA-256-hashed param fingerprint. 90-day retention; raw beat content never lands in logs.

Per-token rate limits

Burst limits per access token. Refresh-token rotation with chain revocation on replay detection.

Revoke any time

Disconnect a client at /account/mcp and both access + refresh tokens drop immediately. The AI client has to re-authorize.

TLS enforced

HTTPS required at the route layer + Cloudflare. HSTS headers. Tokens never logged in plaintext.

FAQ

What is MCP?
Model Context Protocol (MCP) is an open standard for connecting AI assistants to apps. Once you authorize an MCP-compatible client (Claude Desktop, Claude Code, Cursor, etc.), the AI can call tools your app exposes — read your timeline, edit beats, generate prose — without any copy-paste from you.
Which AI clients work with Novelmint MCP?
Anything that supports MCP over Streamable HTTP with OAuth 2.0 + Dynamic Client Registration. Confirmed working: Claude Desktop, Claude Code, Claude.ai (web), Cursor. Other MCP clients should work too — the discovery metadata at /.well-known/oauth-authorization-server lets them self-configure.
How much does it cost?
MCP usage debits the same credit balance as the web UI. A `generate_prose` call from Claude Code costs the same as clicking the prose button in the Timeline editor. Read-only tools (get_chapter, list_beats, etc.) are free. Per-action ranges are surfaced via the `estimate_credits` tool — your AI can show you the cost before triggering a generate.
Can the AI delete my work?
Only if you grant the `delete` scope at OAuth approval time. Scopes are granular (`read`, `write`, `generate`, `delete`) and you can review what each client requested at /account/mcp. Destructive tools (delete_beat, delete_entity, etc.) accept a `dry_run` flag, and well-behaved AI clients call dry-run first to surface the impact before the live delete.
How do I revoke access?
Go to /account/mcp, find the client, and click Disconnect. Both the access token and the refresh token are revoked immediately — the AI client has to re-authorize before it can read or write again.
Is my data private?
Every tool call is gated by per-resource ownership checks (you can only read/edit your own series), audited (write/delete/generate calls land in mcp_audit_log with a SHA-256-hashed param fingerprint), and rate-limited per-token. No raw beat content or character bibles end up in audit logs. TLS enforced; tokens never logged.

Ready to try it?

Sign up free, create a series in the Timeline editor, then connect Claude or Cursor.

Create free accountOr see pricing