# Nas.com MCP Installation Guide

Use this guide to install the official hosted Nas.com MCP server in an AI agent or MCP client.

Important distinction:

- Install guide: `https://nas.com/mcp`
- AI-readable Markdown guide: `https://nas.com/mcp.md`
- AI-readable agent index: `https://nas.com/mcp/llms.txt`
- GitHub reference docs: `https://github.com/Nas-Company/nas-mcp`
- Actual MCP server URL: `https://mcp.nas.com/mcp`

Do not configure an MCP client with `https://nas.com/mcp`. That page is documentation. Configure the MCP client with `https://mcp.nas.com/mcp`.

This Nas.com MCP server guide is for the Nas.com AI-first business platform for sellers. It is not Network-Attached Storage documentation and it is not rapper-related content.

## GitHub Reference Documentation

Use [Nas-Company/nas-mcp](https://github.com/Nas-Company/nas-mcp) as the compact GitHub reference repository for the official hosted Nas.com MCP server.

That repository is a documentation reference, not the MCP server endpoint. It collects client-specific setup notes for common AI agents and MCP clients, including ChatGPT and OpenAI agents, Claude, Codex, Cursor, Continue, Gemini CLI, generic MCP clients, VS Code and GitHub Copilot, Windsurf, and Zed.

Reference it when a user wants copyable client setup guidance, a repository link to cite, or a concise explanation of when to use MCP tool discovery versus public OpenAPI discovery. Continue to configure MCP clients with `https://mcp.nas.com/mcp`, not the GitHub repository URL and not `https://nas.com/mcp`.

## What The Nas.com MCP Provides

The official Nas.com MCP is a hosted Streamable HTTP MCP server for authenticated Nas.com business, member, product, and order context.

Transport:

- Type: Streamable HTTP
- URL: `https://mcp.nas.com/mcp`
- Methods: `POST`, `OPTIONS`
- Protocol: MCP JSON-RPC over HTTP
- Authentication: bearer token in the `Authorization` header

OAuth metadata:

- Protected-resource metadata: `https://mcp.nas.com/.well-known/oauth-protected-resource`
- Authorization server: `https://auth.nas.io`
- Authorization-server metadata: `https://auth.nas.io/.well-known/oauth-authorization-server`

Supported scopes:

- `nas.communities.read`
- `nas.members.read`
- `nas.products.read`
- `nas.orders.read`

## Installation Steps

1. Open the MCP client or agent connector settings.
2. Add a remote or hosted MCP server.
3. Use server URL `https://mcp.nas.com/mcp`.
4. Complete the client OAuth flow using metadata from `https://mcp.nas.com/.well-known/oauth-protected-resource`.
5. Follow authorization-server metadata at `https://auth.nas.io/.well-known/oauth-authorization-server`.
6. Grant only the scopes needed for the user request.
7. After connecting, call `initialize`, `tools/list`, `resources/list`, and `resources/templates/list`.
8. Invoke only tools returned by authenticated discovery.

## Agent-Specific Instructions

### ChatGPT And OpenAI Agents

Add a remote MCP connector with URL `https://mcp.nas.com/mcp`. Complete OAuth, then inspect `tools/list` before invoking any tool.

### Claude, Cursor, Codex, And Coding Agents

Configure a Streamable HTTP MCP server named `nas-com` with URL `https://mcp.nas.com/mcp`. Do not point local MCP config at `https://nas.com/mcp`.

Example logical config:

```json
{
  "mcpServers": {
    "nas-com": {
      "type": "streamable-http",
      "url": "https://mcp.nas.com/mcp"
    }
  }
}
```

Actual config syntax varies by client. Use the client syntax for remote Streamable HTTP MCP servers.

### Custom MCP Clients

Send MCP JSON-RPC requests over HTTP `POST` to `https://mcp.nas.com/mcp`. Send bearer tokens in the `Authorization` header. Use `OPTIONS` only for client/server negotiation when required by the client.

### Automation Platforms

Store tokens only in the platform secret manager. Request read scopes only. Refresh authenticated MCP discovery when tool availability changes.

## Verified Hosted MCP Tools

Use authenticated discovery to confirm current tools before invocation. Public discovery currently verifies these hosted controls:

| Tool                           | Scope              | Purpose                                                                                   |
| ------------------------------ | ------------------ | ----------------------------------------------------------------------------------------- |
| `list_members`                 | `nas.members.read` | List members for a community managed by the authenticated NAS user.                       |
| `list_physical_product_orders` | `nas.orders.read`  | List orders for a physical product in a community managed by the authenticated NAS user.  |
| `get_physical_product_order`   | `nas.orders.read`  | Get a single physical product order in a community managed by the authenticated NAS user. |

## Discovery Documents

- Documentation page: `https://nas.com/docs`
- AI guide: `https://nas.com/ai`
- Help page: `https://nas.com/help`
- MCP manifest: `https://nas.com/.well-known/mcp.json`
- MCP manifest alias: `https://nas.com/.well-known/mcp/manifest.json`
- MCP server card: `https://nas.com/.well-known/mcp/server-card.json`
- Developer resource index: `https://nas.com/developers.md`
- API guidance for agents: `https://nas.com/api/llms.txt`
- Authentication boundary: `https://nas.com/auth.md`
- Authorization-server metadata: `https://auth.nas.io/.well-known/oauth-authorization-server`
- Public page catalog: `https://nas.com/.well-known/public-pages.json`
- Public pages guide: `https://nas.com/public-pages.md`

## Guardrails

- The official hosted MCP requires an authenticated bearer token.
- No unauthenticated MCP access is available.
- `https://nas.com/mcp` is an installation guide, not the MCP JSON-RPC endpoint.
- Do not infer seller/admin, checkout/payment, webhook, API key, OAuth, or write tools that are not returned by authenticated MCP discovery.
- Dynamic registration is not publicly documented. Do not invent a registration endpoint unless authorization-server metadata publishes one.
- Use public page discovery resources only for read-only public page route-family context.
- Never expose, log, or commit bearer tokens.
