MCP Guide

The Transcend Model Context Protocol (MCP) server lets an AI agent call tools that talk to the Transcend privacy platform, listing data silos, triaging cookies, running assessments, and more. It works with any Model Context Protocol compatible client.

A guide for connecting the Transcend Model Context Protocol (MCP) servers to local AI clients (Cursor, Claude Desktop, etc.)

You can install one unified server with all 71 tools, or individual domain servers for narrower scopes (Consent only, Assessments only, etc.).

PackageToolsDomain
@transcend-io/mcp71Everything in one process
@transcend-io/mcp-server-admin8Org, users, teams, API keys
@transcend-io/mcp-server-assessment14Privacy assessments
@transcend-io/mcp-server-consent14Consent, cookies, data flows
@transcend-io/mcp-server-discovery4Data discovery, classification
@transcend-io/mcp-server-dsr12Data subject requests
@transcend-io/mcp-server-inventory10Data inventory, silos, vendors
@transcend-io/mcp-server-preferences6@transcend-io/mcp-server-preferences
@transcend-io/mcp-server-workflows3Workflow & email templates
  • Node.js ≥ 22.12 - verify with node --version. Use nvm (https://github.com/nvm-sh/nvm) if you need to switch.
  • A Transcend OAuth Client - generate one at OAuth Clients. Select a port number that is available on your device, for this example 5555, and add this redirect URI, http://127.0.0.1:5555/callback, to the OAuth Client.
  • An MCP-capable client - Cursor, Claude Desktop, or any other MCP client.

You do not need to clone the Transcend repo. The packages are published to npm and run on demand via npx.

The unified @transcend-io/mcp includes everything and is the easiest to start with. For production use, narrower domain servers help the AI pick the right tool faster and reduce token usage.

ScenarioRecommendation
Exploring what Transcend can doUnified server; everything available at once
Production agent with a narrow task (e.g. cookie triage)Single domain server (e.g. mcp-server-consent)
Agent that spans a few domains (e.g. inventory + assessments)Multiple domain servers running side by side
Minimizing token usage / tool-selection accuracyDomain servers — fewer tools means less noise

If using multiple different domain servers to define specific MCPs per product area, list each one under mcpServers:

{
  "mcpServers": {
    "transcend-consent": {
      "command": "npx",
      "args": ["-y", "@transcend-io/mcp-server-consent"],
      "env": {
        "TRANSCEND_OAUTH_CLIENT_ID": "your-client-id",
        "TRANSCEND_OAUTH_CLIENT_SECRET": "your-client-secret",
        // your-client-redirect-port is 5555 in the example above.
        "TRANSCEND_OAUTH_REDIRECT_PORT": "your-client-redirect-port"
      }
    },
    "transcend-assessment": {
      "command": "npx",
      "args": ["-y", "@transcend-io/mcp-server-assessment"],
      "env": {
        "TRANSCEND_OAUTH_CLIENT_ID": "your-client-id",
        "TRANSCEND_OAUTH_CLIENT_SECRET": "your-client-secret",
        // your-client-redirect-port is 5555 in the example above.
        "TRANSCEND_OAUTH_REDIRECT_PORT": "your-client-redirect-port"
      }
    }
  }
}

This step is optional, but recommended.

Without a version pin, npx -y @transcend-io/mcp resolves to whatever is currently @latest on npm. To freeze at a known version:

"args": ["-y", "@transcend-io/mcp@0.3.0"]

Check the latest published versions at any time with npm view @transcend-io/mcp version

VariableDefaultNotes
TRANSCEND_OAUTH_CLIENT_IDyour-client-idGenerate this information at the OAuth clients link above.
TRANSCEND_OAUTH_CLIENT_SECRETyour-client-secret 
TRANSCEND_OAUTH_REDIRECT_PORTyour-client-redirect-portThe port specified on the OAuth client in redirect URI, for the example at the top of the document the value is http://127.0.0.1:5555/callback
SOMBRA_URLhttps://multi-tenant.sombra.transcend.io (EU)See Regional endpoints above for the US override.
LOG_LEVELSet to debug to see GraphQL request logs

All env vars go inside the env block in the MCP config. Example for a US customer with debug logging:

"env": {
  "TRANSCEND_OAUTH_CLIENT_ID": "your-client-id",
  "TRANSCEND_OAUTH_CLIENT_SECRET": "your-client-secret",
  "TRANSCEND_OAUTH_REDIRECT_PORT": "your-client-redirect-port",
  "SOMBRA_URL": "https://multi-tenant.sombra.us.transcend.io",
  "LOG_LEVEL": "debug"
}

The fastest sanity check is to ask the AI to call the admin_test_connection tool:

Use the transcend MCP server's admin_test_connection tool to check the connection.

A healthy response returns connected: true for the GraphQL endpoint along with the URL it resolved against — useful for confirming you're hitting the right region:

{
  "success": true,
  "data": {
    "connected": true,
    "details": {
      "graphql": { "connected": true, "url": "https://api.transcend.io" }
    }
  }
}
SymptomLikely CauseFix
Cursor / Claude doesn't list Transcend toolsEdited config while client was runningFully quit (cmd+Q on Mac) and reopen — window reload isn't enough
First launch hangs for 10–30 secondsnpx is downloading the package on first useOne-time delay; subsequent launches are fast (cached)
MCP fails to initializeEnv mismatch with OAuth client credentialsVerify the env variables match the information for your client in the Transcend OAuth Client List.
command not found: npxNode.js isn't installed or isn't on PATHInstall Node.js ≥ 22.12 from nodejs.org
All tools return 401 / 403OAuth grant missing scopeRestart the MCP and consent to the required scopes.
Tool returns 400 Invalid inputAI passed the wrong shapeUsually self-correcting on retry; if persistent, share the exact tool name and arguments with the team
Inspect error(s)Add "LOG_LEVEL": "debug" to the env block; restart the client