MCP Connectors

Beyond our featured Connectors, you can connect Le Chat to third-party and custom services built on the Model Context Protocol (MCP), an open standard for connecting tools to language models.

There are two ways to add an MCP Connector: pick one from the pre-configured directory, or point Le Chat at your own MCP-compatible server. Both require an administrator.

warning

MCP Connectors aren't Mistral products. We don't control third-party servers and can't guarantee their behavior or data handling. Connect only to servers you trust.

Browsing the directory

The MCP Connectors directory is a curated collection of pre-configured third-party Connectors your administrator can add to your organization.

Open the Connectors page.
Click + Add Connector.
Browse the directory or search for a specific Connector.
Click a Connector to view its details and add it to your organization.
Complete the authentication flow if required.

Some Connectors in the directory require additional configuration (a custom URL or API key). You'll be prompted during setup.

note

This is an administrator-only feature. On Free, Pro, and Student plans, the account owner is the administrator by default.

Configuring a custom Connector

Custom Connectors let you connect Le Chat to any MCP-compatible server. This is useful for internal tools, private APIs, or services that aren't in the directory.

Open the Connectors page.
Click + Add Connector and switch to the Custom MCP Connector tab.
Fill in the required fields:
- Connector name: a unique identifier (no spaces or special characters).
- Server URL: the full URL of your MCP-compatible server.
- Description (optional): a short explanation of what this Connector does.
Click Connect. The platform detects the server's authentication method automatically.
Complete the authentication flow if prompted.

Supported authentication methods

Our platform auto-detects the authentication method when you provide the server URL:

No authentication: for publicly accessible or trusted internal servers.
HTTP Bearer Token / Basic Auth: for servers that require credentials in the Authorization header.
OAuth 2.1 (with dynamic client registration): for servers using standard OAuth 2.1 delegated access. You'll be guided through the consent flow.

Per-function permissions

After setup, every user can control whether Le Chat asks for permission each time it calls a Connector function, or whether it should be pre-authorized.

Go to Connectors and select the My Connectors tab.
Click the Connector card to open its details.
Open the Functions tab.
Toggle Always Allow for each function you want to pre-authorize.

MCP Connectors expose two types of functions:

Read functions: retrieve information (list events, search files, get data). Lower risk.
Write functions: perform actions (send emails, create events, modify records). Higher risk.

tip

Pre-authorize read functions you use frequently to reduce approval prompts. Keep write functions on manual approval until you're confident in the Connector's behavior.

Security best practices

Since MCP Connectors connect Le Chat to servers we haven't reviewed, you're responsible for vetting them. Keep these practices in mind:

Vet every server you connect. Check the publisher, review documentation, and verify the server's purpose before adding it.
Watch for unexpected changes. Server developers can update tools at any time, which may change behavior. Monitor Connector outputs periodically.
Guard against prompt injection. A malicious server could attempt to inject hidden instructions. Le Chat has built-in protections, but review tool inputs and outputs for anything unexpected.
Grant only the permissions you need. Use the per-function Always Allow toggle deliberately. Start with manual approval and only pre-authorize functions you trust.

If you discover a malicious MCP server, report it to our support team.

Current limitations

Custom MCP Connectors don't yet support all MCP capabilities:

We plan to add support for these in future updates.

Troubleshooting

If you see "MCP connection requires additional information or is invalid", check the following:

Endpoint URL: make sure you're using the correct path (some servers use /mcp or /sse). Streamable HTTP is the current standard.
Server reachability: the server must be accessible over HTTPS with a valid TLS certificate.
Authentication: verify your credentials. OAuth servers should return a 401 with a WWW-Authenticate header; API key servers should return 200 on a valid request.
MCP handshake: the server must respond correctly to the initialize JSON-RPC call.

tip

Use the MCP Inspector to test your server's compatibility before configuring it in Le Chat.

Quick checks with curl

Test reachability:

curl -I https://your-server.example.com/mcp

curl -I https://your-server.example.com/mcp

Test API key authentication:

curl -H "Authorization: Bearer YOUR_API_KEY" https://your-server.example.com/mcp

curl -H "Authorization: Bearer YOUR_API_KEY" https://your-server.example.com/mcp

Test MCP initialize handshake:

curl -X POST https://your-server.example.com/mcp \
  -H "Content-Type: application/json" \
  -d '{"jsonrpc":"2.0","id":1,"method":"initialize","params":{"protocolVersion":"2025-06-18","capabilities":{}}}'

curl -X POST https://your-server.example.com/mcp \
  -H "Content-Type: application/json" \
  -d '{"jsonrpc":"2.0","id":1,"method":"initialize","params":{"protocolVersion":"2025-06-18","capabilities":{}}}'

A successful response includes "result" with the server's capabilities. An error response or timeout indicates a configuration issue on the server side.

Connectors: overview of all available Connectors and how to use them in chat.
Knowledge Connectors: set up Google Drive and Microsoft SharePoint for your organization.
Agents: attach MCP Connectors to Agents for context-aware assistants.