Skip to main content
The Chat Playground is a fully-featured chat UI built into the GetMCP admin. Drop in an API key for any of the four supported providers, pick a model + an MCP server, and start asking questions. Tool calls fire against your real GetMCP server with your real auth, results render inline, and the assistant streams a final answer — exactly how Claude Desktop, Cursor, or any other MCP client behaves. Use it to:
  • Validate a new server end-to-end before you involve a desktop client
  • Compare provider behavior — ask the same prompt to Claude, GPT-4o, Llama, and Gemini and see which one nails your tool surface first try
  • Demo MCP to stakeholders without “let me share my screen with my desktop app” friction
  • Iterate on a tool description or schema — edit in the admin, reload chat, watch the assistant react in seconds
The Chat Playground is admin-only. Site administrators have access by default; other users must be added via the allowlist (covered below). API keys are encrypted on disk and only ever decrypted for your authenticated admin session.

Open the Playground

In the WordPress admin, navigate to GetMCP → Chats. The first time you open it, you’ll see two things to configure: an AI provider API key and MCP server credentials (only if your server is auth-protected).

Configure an AI Provider

Click the gear icon in the chat topbar to open Settings, then switch to the AI Providers tab. Four providers are supported:
ProviderModelsAPI key from
Claude (Anthropic)Claude Sonnet 4.5, Opus 4.1, Haiku 4.5console.anthropic.com
ChatGPT (OpenAI)GPT-4o, GPT-4o mini, GPT-4 Turbo, o1 miniplatform.openai.com
GroqLlama 3.3 70B, Llama 3.1 8B, Mixtral 8x7Bconsole.groq.com
Gemini (Google)Gemini 2.5 Pro, 2.5 Flashaistudio.google.com
Expand any provider, paste the key, and click out. The accordion shows a green Connected badge once a key is saved. Keys are encrypted at rest with libsodium.
Calls go directly from your browser to the provider — they never pass through the GetMCP backend. This saves a server hop on every turn and means your prompts and responses aren’t logged anywhere on the WordPress side beyond what the MCP server itself records.

Anthropic prompt caching

For Claude conversations the chat automatically attaches cache_control: { type: 'ephemeral' } to every request. After the first turn, the conversation prefix (tools + system + every prior message) is served from Anthropic’s cache at ~10% of normal input cost. OpenAI’s automatic prefix cache kicks in too once the prefix exceeds 1024 tokens. No configuration needed.

Configure MCP Server Credentials

Switch to the MCP Credentials tab in Settings. Every connected MCP server gets its own accordion with an auth-method selector:
MethodWhen to use
NoneOpen / public test servers
Bearer TokenStatic bearer tokens — paste once, the chat sends Authorization: Bearer … on every tool call
API Key HeaderCustom header name + value (e.g. X-API-KEY, X-FlowMattic-Key)
Basic AuthUsername + password, base64-encoded into Authorization
OAuth 2.1 (PKCE)Full discovery → DCR → PKCE → token flow. Same flow ChatGPT and Claude Desktop use
For all methods except OAuth, the token / value is stored encrypted at rest. For OAuth, see the next section.

OAuth Connect Flow

When you select OAuth 2.1 (PKCE) and click Connect, the chat performs the full MCP OAuth flow:
1

Probe the MCP endpoint

The chat sends an unauthenticated tools/list call and reads the WWW-Authenticate: Bearer resource_metadata="…" hint from the 401 response.
2

Walk discovery

Fetches RFC 9728 protected-resource metadata, then RFC 8414 authorization-server metadata to learn the authorization_endpoint, token_endpoint, and registration_endpoint.
3

Dynamic client registration

POSTs an RFC 7591 client registration with the chat’s stable redirect URI: {site}/wp-admin/admin.php?page=getmcp-chats&getmcp_oauth_cb=1.
4

Redirect with PKCE

Generates a code verifier + S256 challenge, persists the flow in sessionStorage keyed by state, then navigates the browser to the authorize URL with resource={server endpoint}.
5

Callback + token exchange

After the user grants consent, the AS redirects back to the chat URL with ?code=…&state=…. The chat exchanges the code at the token endpoint and persists the encrypted token bundle to getmcp_chat_settings.
6

Auto-refresh on 401

On any subsequent 401 from the MCP server, the chat silently calls the token endpoint with the refresh token, swaps the access token in place, and retries the original call — without bothering you.
You’ll see a green Connected state on the credential card once tokens are stored. To start fresh, click Disconnect (clears the access token, keeps the registered client) or change the auth method dropdown to None and back (forces fresh DCR).

Send Your First Message

Back on the main chat view:
  1. Pick a provider + model from the first dropdown in the topbar.
  2. Pick an MCP server from the second dropdown (shows the tool count as a chip).
  3. Type a question in the composer.
  4. Press Enter (or click the send button).
The assistant picks a tool based on your prompt, the chat fires a JSON-RPC tools/call against your MCP server with the configured auth, captures the response, and feeds it back. The whole round-trip renders inline:
  • Tool trace — “Discovering tools → Selecting → Calling”
  • Tool card (expandable) — input arguments + raw JSON output + latency
  • Final answer — streamed character-by-character if streaming is enabled

Settings Reference

The Settings modal has three tabs:

General

Behavior toggles, all persisted server-side per-site.
SettingDefaultWhat it does
Show suggestionsOnServer-aware prompt suggestions in the empty state
Suggestion count4How many suggestion cards to show (1–6)
Show tool traceOnStreams the “discovering → selecting → calling” trace before each tool call
Auto-approve tool callsOnWhen off, the chat pauses and asks before every tool call
Expand tool card by defaultOnNew tool cards open expanded; off keeps them collapsed
Stream repliesOnTypewriter-stream the final answer; off drops it in all at once
Show raw JSON outputOnShow the “View raw JSON” toggle on each tool result

AI Providers

Provider keys (covered above).

MCP Credentials

Per-server auth (covered above).

Allowlist: Who Can Chat?

Chat is gated to a per-site allowlist. Site administrators (anyone with manage_options) always have access — they can’t lock themselves out. Other admin-tier users (editors, etc.) need to be granted access individually.
1

Open GetMCP Settings

In the WordPress admin, navigate to GetMCP → Settings.
2

Switch to the Security tab

Find the Chat playground access section.
3

Tick the users who should have access

Check the box next to each user’s name. Use the filter to find people fast on busy sites.
4

Save

Click Save Changes. The Chats menu item appears in the React sidebar for allowlisted users; for everyone else the menu is hidden and the REST endpoints return 403.
The list lives in getmcp_settings.chat_allowed_users as an array of user IDs.
Chat sessions consume your AI provider’s API quota and execute MCP tools using stored credentials. Only grant access to users you trust with billable AI calls and tool-execution rights.

Audit Trail

The chat identifies itself to your MCP server via the standard MCP initialize handshake with clientInfo.name: "GetMCP Chat". Every tool call shows up in your call logs alongside Claude Desktop, ChatGPT, Cursor, and other clients — same logs page, filter by client type, replay any historical call inline.

Troubleshooting

Either you’re not logged in as a site administrator and haven’t been added to the allowlist, or the chat plugin file is in an inconsistent state. Site admins always have access — if you’re one and the menu is missing, deactivate + reactivate the plugin to refresh the menu registration.
A tool’s input schema is missing type: "object" at the root. The chat normalises this automatically — make sure you’re on plugin version 1.0 or later. If you wrote the schema by hand in the tool editor, add "type": "object" and a "properties": {} entry.
The redirect URL must be fragment-free — the AS appends ?code=…&state=… to the registered URI, and if that URI already has a #fragment, the query params get trapped inside the fragment and never reach the client. The chat handles this correctly by default. If you previously connected from an older build, click Disconnect then Connect again to force a fresh dynamic client registration with the corrected redirect URI.
Your MCP server is OAuth-protected, but the access token has expired and refresh failed (or the credential is misconfigured). Open Settings → MCP Credentials, click Reconnect on the server card to run the full OAuth flow again.
Your MCP server’s auth_type is set to oauth — Bearer tokens won’t validate against it. Either switch the server’s auth_type to bearer in the admin, or use the Chat’s OAuth flow.
The Chat REST endpoints require both getmcp_manage_servers capability AND allowlist membership. If you’re logged in as a non-admin user who isn’t on the allowlist, saves are silently rejected. Check the Network tab for 403 responses.

The Chat Playground is included in every GetMCP install — no add-on, no extra license. Bring your own AI provider key and you’re one click from a real AI client running against your real MCP server.