Connect 100Hires to Claude, ChatGPT, Cursor, and any AI assistant

What is MCP?

Model Context Protocol is an open standard from Anthropic that lets AI assistants connect to external systems through a uniform interface — think of it as USB-C for AI tools.

100Hires runs a remote MCP server, not a local one. There’s nothing to install, deploy or update on your machine — every client, including Claude Desktop and Cursor, points at https://mcp.100hires.com/mcp and authorizes via OAuth. New tools and bug fixes land server-side and reach all your assistants the next time they call tools/list.

What you can ask

Ten real prompts that work today, in plain English.

• “Show me all candidates who applied this week”
• “What's the status of our open jobs?”
• “Schedule an interview with Sarah for the Backend Engineer role”
• “Move all candidates in Phone Screen to Interview stage for the Sales Rep job”
• “Send a follow-up email to candidates who haven't responded in 5 days”
• “Reject inactive candidates on the Marketing Manager job with reason 'No response'”
• “Create a new job posting for Senior Product Designer in New York”
• “Show me pipeline analytics — how many candidates at each stage?”
• “Find all candidates from LinkedIn source with 'Python' in their profile”
• “Who has interviews scheduled for tomorrow?”

Quickstart

From zero to your first MCP prompt in under five minutes.

1. Prerequisites

   A 100Hires account on the Pro plan or higher. Free workspaces don’t expose the MCP endpoint.

2. Pick your AI client

   One-click install for Cursor and VS Code; copy a snippet for everything else. All clients connect to {{ endpointUrl }} over Streamable HTTP; stdio-only clients use the mcp-remote shim.

   Cursor VS Code Claude Desktop Claude Code ChatGPT Codex Other

   Install in Cursor

   Click Install in Cursor to add 100Hires MCP automatically. Or paste the snippet below into ~/.cursor/mcp.json.

   Install in VS Code

   Opens VS Code and registers the server. Or paste the snippet into .vscode/mcp.json in your workspace.

   Add the snippet to your Claude Desktop config and restart the app:

   • macOS: ~/Library/Application Support/Claude/claude_desktop_config.json
   • Windows: %APPDATA%\Claude\claude_desktop_config.json

   Run this in your terminal:

   ChatGPT Pro / Plus / Business / Enterprise / Education. In ChatGPT: Settings → Connectors → Add custom connector, then paste the URL below.

   OpenAI Codex CLI — requires experimental_use_rmcp_client = true in ~/.codex/config.toml.

   For stdio-only clients (Zed, Windsurf, n8n, older builds) use the mcp-remote shim. It’s a third-party open source bridge: github.com/geelen/mcp-remote.

   {{ clientCopyLabel }}

   {{ activeSnippet }}

   Full list of MCP-compatible clients: modelcontextprotocol.io/clients.

3. Authorize

   Your client opens the 100Hires consent screen. Sign in, review the requested scope, click Allow. Tokens are stored on the client; 100Hires never sees its credentials.

4. Verify

   Ask your assistant: “List all open jobs in 100Hires.” If you get a list back — you’re wired up. If not, see FAQ.

5. Next steps

   • Browse all 130 tools
   • Understand OAuth and scopes
   • Review the safety model

Tools

Keep human confirmation on for destructive tools. Feedback: support@100hires.com.

Authentication

OAuth 2.1 with PKCE and Dynamic Client Registration. Hosts onboard themselves — no API keys to copy and paste, no client secrets to leak.

Flow

AI client → GET  /.well-known/oauth-authorization-server   (RFC 8414)
          → POST /oauth/register                            (DCR, RFC 7591)
          → GET  /oauth/authorize  + PKCE                   (consent in 100Hires)
          → POST /oauth/token                               (code → access_token)
          → POST /mcp  Authorization: Bearer <token>

Scopes

A single scope, mcp:full, mirrors the permissions of the authorizing user.

Token lifetime & refresh

• Access tokens expire after 1 hour.
• Refresh tokens are issued automatically; clients refresh transparently.
• Tokens are bound to the authorizing user and revoked when they leave the workspace.

Manage sessions

Settings → Integrations → Connected AI clients lists every active session: client name (from DCR), last used, IP, scope, and a one-click Revoke.

Safety

• Access is controlled by your API key permissions.
• Read operations are always safe.
• Destructive actions (delete, reject) require explicit IDs.
• Rate limiting with automatic retry is built-in.
• API key is never sent to third-party hosts.

Access model

Every token — OAuth or API key — is bound to a single 100Hires user. The MCP server only ever sees data that user could see in the UI; cross-company access is impossible. Sessions are listed under Settings → Integrations → Connected AI clients.

Destructive tools

These tools modify or remove data and always require explicit IDs — assistants cannot batch-delete by query:

• hires_delete_*
• hires_reject_application
• hires_disqualify_candidate
• hires_batch_reject_applications

Best practices

• Don’t hand AI assistants a blanket “delete by filter” permission — keep human confirmation on for destructive tools.
• Use a separate token per client so you can revoke one without disrupting the others.
• Revoke unused sessions on a regular cadence.
• For CI, prefer a restricted API key over a personal token.

FAQ

rm -rf ~/.mcp-auth/100hires