> ## Documentation Index
> Fetch the complete documentation index at: https://docs.getmcp.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Chat Playground

> Test your GetMCP servers with a real AI client — Claude, ChatGPT, Groq, or Gemini — directly inside the WordPress admin.

The **Chat Playground** is a fully-featured chat UI built into the GetMCP admin. Drop in an API key for any of the four supported providers, pick a model + an MCP server, and start asking questions. Tool calls fire against your real GetMCP server with your real auth, results render inline, and the assistant streams a final answer — exactly how Claude Desktop, Cursor, or any other MCP client behaves.

Use it to:

* **Validate a new server end-to-end** before you involve a desktop client
* **Compare provider behavior** — ask the same prompt to Claude, GPT-4o, Llama, and Gemini and see which one nails your tool surface first try
* **Demo MCP to stakeholders** without "let me share my screen with my desktop app" friction
* **Iterate on a tool description or schema** — edit in the admin, reload chat, watch the assistant react in seconds

<Note>
  The Chat Playground is admin-only. Site administrators have access by default; other users must be added via the allowlist (covered below). API keys are encrypted on disk and only ever decrypted for your authenticated admin session.
</Note>

***

## Open the Playground

In the WordPress admin, navigate to **GetMCP → Chats**.

The first time you open it, you'll see two things to configure: an **AI provider API key** and **MCP server credentials** (only if your server is auth-protected).

***

## Configure an AI Provider

Click the **gear icon** in the chat topbar to open Settings, then switch to the **AI Providers** tab. Four providers are supported:

| Provider               | Models                                    | API key from                                                         |
| ---------------------- | ----------------------------------------- | -------------------------------------------------------------------- |
| **Claude** (Anthropic) | Claude Sonnet 4.5, Opus 4.1, Haiku 4.5    | [console.anthropic.com](https://console.anthropic.com/settings/keys) |
| **ChatGPT** (OpenAI)   | GPT-4o, GPT-4o mini, GPT-4 Turbo, o1 mini | [platform.openai.com](https://platform.openai.com/api-keys)          |
| **Groq**               | Llama 3.3 70B, Llama 3.1 8B, Mixtral 8x7B | [console.groq.com](https://console.groq.com/keys)                    |
| **Gemini** (Google)    | Gemini 2.5 Pro, 2.5 Flash                 | [aistudio.google.com](https://aistudio.google.com/app/apikey)        |

Expand any provider, paste the key, and click out. The accordion shows a green **Connected** badge once a key is saved. Keys are encrypted at rest with libsodium.

<Note>
  Calls go **directly from your browser** to the provider — they never pass through the GetMCP backend. This saves a server hop on every turn and means your prompts and responses aren't logged anywhere on the WordPress side beyond what the MCP server itself records.
</Note>

### Anthropic prompt caching

For Claude conversations the chat automatically attaches `cache_control: { type: 'ephemeral' }` to every request. After the first turn, the conversation prefix (tools + system + every prior message) is served from Anthropic's cache at **\~10% of normal input cost**. OpenAI's automatic prefix cache kicks in too once the prefix exceeds 1024 tokens. No configuration needed.

***

## Configure MCP Server Credentials

Switch to the **MCP Credentials** tab in Settings. Every connected MCP server gets its own accordion with an auth-method selector:

| Method               | When to use                                                                                    |
| -------------------- | ---------------------------------------------------------------------------------------------- |
| **None**             | Open / public test servers                                                                     |
| **Bearer Token**     | Static bearer tokens — paste once, the chat sends `Authorization: Bearer …` on every tool call |
| **API Key Header**   | Custom header name + value (e.g. `X-API-KEY`, `X-FlowMattic-Key`)                              |
| **Basic Auth**       | Username + password, base64-encoded into `Authorization`                                       |
| **OAuth 2.1 (PKCE)** | Full discovery → DCR → PKCE → token flow. Same flow ChatGPT and Claude Desktop use             |

For all methods except OAuth, the token / value is stored encrypted at rest. For OAuth, see the next section.

***

## OAuth Connect Flow

When you select **OAuth 2.1 (PKCE)** and click **Connect**, the chat performs the full MCP OAuth flow:

<Steps>
  <Step title="Probe the MCP endpoint">
    The chat sends an unauthenticated `tools/list` call and reads the `WWW-Authenticate: Bearer resource_metadata="…"` hint from the 401 response.
  </Step>

  <Step title="Walk discovery">
    Fetches RFC 9728 protected-resource metadata, then RFC 8414 authorization-server metadata to learn the `authorization_endpoint`, `token_endpoint`, and `registration_endpoint`.
  </Step>

  <Step title="Dynamic client registration">
    POSTs an RFC 7591 client registration with the chat's stable redirect URI: `{site}/wp-admin/admin.php?page=getmcp-chats&getmcp_oauth_cb=1`.
  </Step>

  <Step title="Redirect with PKCE">
    Generates a code verifier + S256 challenge, persists the flow in `sessionStorage` keyed by `state`, then navigates the browser to the authorize URL with `resource={server endpoint}`.
  </Step>

  <Step title="Callback + token exchange">
    After the user grants consent, the AS redirects back to the chat URL with `?code=…&state=…`. The chat exchanges the code at the token endpoint and persists the encrypted token bundle to `getmcp_chat_settings`.
  </Step>

  <Step title="Auto-refresh on 401">
    On any subsequent 401 from the MCP server, the chat silently calls the token endpoint with the refresh token, swaps the access token in place, and retries the original call — without bothering you.
  </Step>
</Steps>

You'll see a green **Connected** state on the credential card once tokens are stored. To start fresh, click **Disconnect** (clears the access token, keeps the registered client) or change the auth method dropdown to None and back (forces fresh DCR).

***

## Send Your First Message

Back on the main chat view:

1. Pick a provider + model from the **first dropdown** in the topbar.
2. Pick an MCP server from the **second dropdown** (shows the tool count as a chip).
3. Type a question in the composer.
4. Press Enter (or click the send button).

The assistant picks a tool based on your prompt, the chat fires a JSON-RPC `tools/call` against your MCP server with the configured auth, captures the response, and feeds it back. The whole round-trip renders inline:

* **Tool trace** — "Discovering tools → Selecting → Calling"
* **Tool card** (expandable) — input arguments + raw JSON output + latency
* **Final answer** — streamed character-by-character if streaming is enabled

***

## Settings Reference

The Settings modal has three tabs:

### General

Behavior toggles, all persisted server-side per-site.

| Setting                     | Default | What it does                                                                |
| --------------------------- | ------- | --------------------------------------------------------------------------- |
| Show suggestions            | On      | Server-aware prompt suggestions in the empty state                          |
| Suggestion count            | 4       | How many suggestion cards to show (1–6)                                     |
| Show tool trace             | On      | Streams the "discovering → selecting → calling" trace before each tool call |
| Auto-approve tool calls     | On      | When off, the chat pauses and asks before every tool call                   |
| Expand tool card by default | On      | New tool cards open expanded; off keeps them collapsed                      |
| Stream replies              | On      | Typewriter-stream the final answer; off drops it in all at once             |
| Show raw JSON output        | On      | Show the "View raw JSON" toggle on each tool result                         |

### AI Providers

Provider keys (covered above).

### MCP Credentials

Per-server auth (covered above).

***

## Allowlist: Who Can Chat?

Chat is gated to a per-site allowlist. Site administrators (anyone with `manage_options`) always have access — they can't lock themselves out. Other admin-tier users (editors, etc.) need to be granted access individually.

<Steps>
  <Step title="Open GetMCP Settings">
    In the WordPress admin, navigate to **GetMCP → Settings**.
  </Step>

  <Step title="Switch to the Security tab">
    Find the **Chat playground access** section.
  </Step>

  <Step title="Tick the users who should have access">
    Check the box next to each user's name. Use the filter to find people fast on busy sites.
  </Step>

  <Step title="Save">
    Click **Save Changes**. The Chats menu item appears in the React sidebar for allowlisted users; for everyone else the menu is hidden and the REST endpoints return 403.
  </Step>
</Steps>

The list lives in `getmcp_settings.chat_allowed_users` as an array of user IDs.

<Warning>
  Chat sessions consume your AI provider's API quota and execute MCP tools using stored credentials. Only grant access to users you trust with billable AI calls and tool-execution rights.
</Warning>

***

## Audit Trail

The chat identifies itself to your MCP server via the standard MCP `initialize` handshake with `clientInfo.name: "GetMCP Chat"`. Every tool call shows up in your call logs alongside Claude Desktop, ChatGPT, Cursor, and other clients — same logs page, filter by client type, replay any historical call inline.

***

## Troubleshooting

<AccordionGroup>
  <Accordion title="The Chats menu item isn't showing up">
    Either you're not logged in as a site administrator and haven't been added to the allowlist, or the chat plugin file is in an inconsistent state. Site admins always have access — if you're one and the menu is missing, deactivate + reactivate the plugin to refresh the menu registration.
  </Accordion>

  <Accordion title="`Anthropic 400: input_schema.type: Field required`">
    A tool's input schema is missing `type: "object"` at the root. The chat normalises this automatically — make sure you're on plugin version 1.0 or later. If you wrote the schema by hand in the tool editor, add `"type": "object"` and a `"properties": {}` entry.
  </Accordion>

  <Accordion title="OAuth Connect redirects but the page errors out">
    The redirect URL must be **fragment-free** — the AS appends `?code=…&state=…` to the registered URI, and if that URI already has a `#fragment`, the query params get trapped inside the fragment and never reach the client. The chat handles this correctly by default. If you previously connected from an older build, click **Disconnect** then **Connect** again to force a fresh dynamic client registration with the corrected redirect URI.
  </Accordion>

  <Accordion title="Tool call returns an expired-access-token error">
    Your MCP server is OAuth-protected, but the access token has expired and refresh failed (or the credential is misconfigured). Open Settings → MCP Credentials, click **Reconnect** on the server card to run the full OAuth flow again.
  </Accordion>

  <Accordion title="OAuth error even when using a plain Bearer token">
    Your MCP server's `auth_type` is set to `oauth` — Bearer tokens won't validate against it. Either switch the server's `auth_type` to `bearer` in the admin, or use the Chat's OAuth flow.
  </Accordion>

  <Accordion title="Settings don't persist across reloads">
    The Chat REST endpoints require both `getmcp_manage_servers` capability AND allowlist membership. If you're logged in as a non-admin user who isn't on the allowlist, saves are silently rejected. Check the Network tab for 403 responses.
  </Accordion>
</AccordionGroup>

***

<Note>
  The Chat Playground is included in every GetMCP install — no add-on, no extra license. Bring your own AI provider key and you're one click from a real AI client running against your real MCP server.
</Note>
