Documentation Index
Fetch the complete documentation index at: https://developers.myhero.so/llms.txt
Use this file to discover all available pages before exploring further.
MCP clients authenticate to HERO with either a personal access token (works everywhere) or OAuth (when supported by your client). Pick the tab that matches your setup.
Personal access token
OAuth
Works with every stdio MCP client. Paste the token into your client’s config.Generate a token
Click Generate New Token. Copy the hero_at_* value — it’s shown once.
Paste into your client's config
Stdio MCP clients receive the token via the HERO_API_KEY environment variable in their server entry:{
"mcpServers": {
"hero": {
"command": "npx",
"args": ["-y", "@myhero/mcp-server"],
"env": { "HERO_API_KEY": "hero_at_..." }
}
}
}
HERO_API_KEY in your shell/application environment directly. Skip the manual token — @myhero/mcp-server signs you in automatically the first time it needs credentials. No paste, no rotate, no shell setup. If HERO_API_KEY is not set, the OAuth flow triggers on the next tool call.Browser opens automatically
The MCP server starts a short-lived listener on a free localhost port and launches your default browser at HERO’s sign-in page.
You don’t run anything yourself.
Sign in and approve
Sign in to HERO if you aren’t already, then approve access for the hero-mcp client.
Close the tab
HERO redirects back to the localhost listener and the page shows “Login successful! You can close this tab.” That’s the whole user-facing flow.
Done — credentials saved
The MCP server exchanges the authorization code for an access token (PKCE), writes it to ~/.hero/credentials.json with mode 0600, and refreshes automatically before expiry.
You won’t be prompted again unless the refresh token is revoked or you delete that file.
| Endpoint | URL |
|---|
| Authorization URL | https://app.myhero.so/oauth/authorize |
| Token URL | https://app.myhero.so/oauth/token |
