Wire your site into Claude
Every PageMotor site ships with its own MCP server, reachable at /mcp/. It speaks the same protocol Claude uses to talk to any tool — meaning Claude can read, write, and manage your site directly, once you connect it. This walkthrough covers both ways in.
Pick your path
Both roads end at the same place — a validated bearer token — but which one you take depends on who (or what) is connecting.
One-click sign-in
For a person driving a browser: Claude Desktop, claude.ai. Paste your MCP URL, log in, approve. Nothing to copy, nothing to store.
- Recommended for most people
- No token to manage
Bearer token
For clients with no human at the wheel: Claude Code, the Claude API, CI jobs, scripts. You mint a static token once and hand it to the client.
- For developers & automation
- You create and revoke it
Add the connector
In Claude Desktop or claude.ai, add your site as a custom connector.
- 1Open Settings → Connectors → Add custom connector.
- 2Paste your site's MCP address:
https://<your-site>/mcp/ - 3Click Connect.
Sign in when prompted
Your browser opens on its own. If you aren't already signed in to your site, you'll land on its login page first.
Approve the connection
Once you're signed in, a consent screen appears asking Claude to connect. Click Approve — that's the whole flow. No API key, no terminal, no config file.
What just happened
You don't need to do any of this yourself — the client handles it — but here's what those three clicks triggered:
- 1Claude requests
/mcp/, gets turned away with a pointer to your site's auth metadata. - 2It reads your site's two discovery documents to learn how to authenticate.
- 3It registers itself automatically — no pre-shared key required.
- 4It opens the authorize page, where you log in and consent.
- 5It exchanges the result for an access token (with PKCE) and connects.
Your access, carried over
The connection acts as whoever approved it, at that person's access level. There's no separate scope to choose — approve as an admin, and the connection has admin access.
Each tier includes everything the ones after it can do.
Revoke anytime
Any admin can see every connected app and shut one off instantly.
- →Go to Manage API Access → Connected Apps on your site's admin area.
- →Revoking ends the connection immediately — its next refresh simply fails.
Connect headless clients
Claude Code, the Claude API, CI jobs, and scripts have no human to click Approve — so they connect with a static token you create once.
- 1As an admin, open Manage API Access (or a user's Edit User → API Tokens).
- 2Choose a tier, name the token, and copy it — it's shown once.
authorization_token on the /mcp/ entry inside mcp_servers.Behind nginx? Read this
Some hosting stacks (CloudPanel, Plesk, hand-rolled nginx) route all of /.well-known/ to a stock certificate-renewal rule — which quietly blocks the sign-in flow.
/mcp/ answers correctly, but the client 404s right after and can't finish signing in.Fix it by narrowing that rule to just the certificate-challenge path, or adding an explicit override for the discovery URLs.
Your site and Claude are connected
Claude can now read and manage your site through whichever door you chose. Revisit Connected Apps or Manage API Access whenever you need to check who's plugged in.