How to wire Claude Code to the memex /mcp endpoint so it can use the
5 tools (capture_thought, semantic_search, get_thought,
delete_thought, list_recent) directly from inside a session.
~/.secrets exports these (already the case if you use scripts/memex.sh):
export MEMEX_URL=https://serverless-memex.mattjacobs.workers.dev
export MEMEX_CLIENT_ID=... # Cloudflare Access service token client ID
export MEMEX_CLIENT_SECRET=... # ... and its secretsource ~/.secrets
claude mcp add --transport http --scope user \
memex "$MEMEX_URL/mcp" \
--header "CF-Access-Client-Id: $MEMEX_CLIENT_ID" \
--header "CF-Access-Client-Secret: $MEMEX_CLIENT_SECRET"--scope user writes to ~/.claude.json (mode 600), not a project-level
config. The CLI expands the env vars at registration time and stores the
literal values in ~/.claude.json — there's no env-var indirection in
the config format. The tradeoff is acceptable for a personal machine
since the file is user-private; on a shared host, prefer a per-machine
service token bound to a stricter Access policy.
claude mcp list | grep memex
# expected: memex: <url> (HTTP) - ✓ ConnectedInside Claude Code, /mcp lists the connected servers and their tools.
Expect five under memex.
- Refresh in CF dashboard (Access → Service Auth → memex-cli → Refresh).
- Update
MEMEX_CLIENT_ID/MEMEX_CLIENT_SECRETin~/.secrets. - Re-register so the literal values in
~/.claude.jsonget updated:
claude mcp remove memex
source ~/.secrets
claude mcp add --transport http --scope user \
memex "$MEMEX_URL/mcp" \
--header "CF-Access-Client-Id: $MEMEX_CLIENT_ID" \
--header "CF-Access-Client-Secret: $MEMEX_CLIENT_SECRET"claude mcp remove memex