PapermarkDocs
MCP

Install

Install the Papermark MCP server.

Two transports, two install paths.

For local MCP clients (Claude Desktop, Claude Code, anything that spawns processes).

Requirements

  • Node 24+ (engines.node: ">=24")
  • A Papermark API token (pm_live_…) from the dashboard's Settings → API Tokens

Most clients spawn the server with npx, so you never have to install anything globally:

{
  "mcpServers": {
    "papermark": {
      "command": "npx",
      "args": ["-y", "@papermark/mcp-server"],
      "env": {
        "PAPERMARK_TOKEN": "pm_live_…"
      }
    }
  }
}

The -y flag skips the npm prompt. The package downloads the first time and caches forever after.

Global install

If you'd rather not pay the npx cold-start cost on every client restart:

npm install -g @papermark/mcp-server

Then point your client at the binary:

{
  "mcpServers": {
    "papermark": {
      "command": "papermark-mcp",
      "env": {
        "PAPERMARK_TOKEN": "pm_live_…"
      }
    }
  }
}

Pointing at a local Papermark

For self-hosted deployments or local development:

{
  "env": {
    "PAPERMARK_TOKEN": "pm_live_…",
    "PAPERMARK_API_URL": "http://localhost:3000/api"
  }
}

Verifying

After updating the client config, restart the client. In Claude Desktop, the gear icon in the chat input should show "papermark" in the connected-tools list. Ask "list my papermark documents" — if auth works, you'll see them.

If not, check the client's MCP server logs (Claude Desktop: ~/Library/Logs/Claude/mcp-server-papermark.log) — the most common failure is PAPERMARK_TOKEN missing or wrong.

For browser-hosted MCP clients (claude.ai Connectors, ChatGPT Apps) and remote servers.

Endpoint

https://mcp.papermark.com

This is the production endpoint. There's nothing to install — just point your client at the URL.

Auth

OAuth 2.1 device flow, same as the REST API. The client walks the user through approval; the resulting access token is attached to every MCP request as Authorization: Bearer ….

If you're building your own client, the discovery flow is:

  1. POST https://mcp.papermark.com/mcp without a token. (Don't probe with GET — the endpoint runs in stateless mode and returns 405 Method Not Allowed for GET regardless of auth, so you'd never see the 401.)
  2. Response is 401 Unauthorized with a WWW-Authenticate: Bearer resource_metadata="https://mcp.papermark.com/.well-known/oauth-protected-resource" header (RFC 9728).
  3. Fetch the protected-resource metadata to get the OAuth authorization_servers list, then fetch <issuer>/.well-known/openid-configuration to find the device authorization and token endpoints. See API Authentication for the full device flow.
  4. Use the resulting access token on every subsequent MCP call.

Transport details

  • Streamable HTTP (MCP 2025-11-25 spec)
  • JSON response mode (no SSE)
  • Stateless — no server-initiated notifications. GET /mcp returns 405 Method Not Allowed.

Self-hosting

If you're self-hosting Papermark, the HTTP MCP variant ships with the main app at /api/mcp. No separate process to run. Set PAPERMARK_BASE_URL and any reverse-proxy rewrites to expose it under your own subdomain.

Next

Pick your client and follow the per-client walkthrough:

MCP

Papermark's Model Context Protocol server, installable into any MCP client.

Tools

The 18 MCP tools Papermark exposes and what each one does.

On this page

RequirementsNo-install (recommended)Global installPointing at a local PapermarkVerifyingEndpointAuthTransport detailsSelf-hostingNext