Where does Cursor look for MCP server configuration?

Two locations. (1) ~/.cursor/mcp.json for user-level servers that load across all projects. (2) .cursor/mcp.json in a project root for project-scoped servers. Both files use the same JSON schema as Claude Code's MCP config. Cursor 2.0+ supports the same Streamable HTTP transport as Claude Code; older versions had SSE-only support.

How is Cursor's MCP support different from Claude Code's?

Functionally similar — same MCP protocol, same transports. The differences are in the user experience: Cursor exposes MCP tools through its chat sidebar and Composer; Claude Code surfaces them via the agent loop. Cursor's MCP UI also shows tool descriptions inline before invocation, which Claude Code doesn't. Both clients can connect to the same MCP servers without modification.

Can I share an MCP server config between Cursor and Claude Code?

The format is compatible — copy ~/.claude/mcp.json to ~/.cursor/mcp.json and most servers work. The exception is servers that depend on Claude-Code-specific environment variables or that expect Claude-Code's tool naming convention. For maintained servers (github, postgres, playwright), portability is reliable.

How many MCP servers should I install in Cursor?

Three. Eclipsesource's measurement (a single MCP server like mcp-omnisearch costs 14,214 tokens; 5+ active servers commonly burn 66,000+ tokens before user input) applies to Cursor the same way it applies to Claude Code. Pick three by job-to-be-done. Lazy-load the rest if Cursor's version supports it.

Does Cursor 2.0 support MCP authentication?

Yes. OAuth 2.1 with PKCE for remote MCP servers. Bearer tokens for stdio servers via env vars. The Cursor MCP UI shows the auth status of each configured server. Servers without auth get flagged as such in the UI starting in Cursor 2.1.

What's the most common Cursor MCP setup mistake?

Putting credentials directly in mcp.json instead of env vars. The config file is in your home directory and easy to commit. Use env-var references (${GITHUB_PAT}) and set the actual values via your shell or a secret manager. Second most common: leaving the archived modelcontextprotocol/server-postgres or server-github in the config because a 2024 tutorial said to.

Setting Up MCP in Cursor (10 Curated Servers)

Cursor supports Model Context Protocol natively. The setup is straightforward — a JSON config file lists the servers, Cursor connects to each on startup, and the tools appear in the chat sidebar and Composer. The harder question is which servers to install and how to scope them.

This page is the setup walkthrough plus the 10 MCP servers we'd install in a Cursor environment. The servers come from our broader best-of-2026 list, filtered for Cursor-specific compatibility and against the realistic constraint that you should run roughly 3 active servers at a time — context-overload is the same problem in Cursor that it is in Claude Code.

The setup

Cursor looks at two mcp.json files:

~/.cursor/mcp.json — user-level, applies to every project
.cursor/mcp.json in a project root — project-scoped

Both use the same schema. Project-scoped wins where there's a conflict.

Minimum viable config with one server:

{
  "mcpServers": {
    "github": {
      "command": "uvx",
      "args": ["github-mcp-server"],
      "env": {
        "GITHUB_PAT": "${GITHUB_PAT}"
      }
    }
  }
}

Three things to notice:

command and args are how the server is launched. Most modern MCP servers ship as Python packages (run via uvx), npm packages (run via npx), or Docker images. Pick whatever matches your local tooling. env carries credentials. Use ${VAR} interpolation from your shell environment rather than hard-coding secrets in the file. .cursor/mcp.json is easy to commit; secrets in it are an unforced error. Server keys (github in the example) are arbitrary. They become the namespace for that server's tools in Cursor's UI. Pick descriptive names.

For a multi-server config, just add entries:

{
  "mcpServers": {
    "github": { ... },
    "postgres": { ... },
    "playwright": { ... }
  }
}

Cursor reloads the config on next session start. The MCP servers connect lazily — they only start when first invoked, which keeps idle context low.

The 10 servers worth installing

The list, in order of how often we'd actually enable them.

1. github/github-mcp-server (official, post-archive replacement)

The canonical replacement for the archived @modelcontextprotocol/server-github. Read/write GitHub via fine-grained PAT. Detail at /topic/mcp-github.

"github": {
  "command": "uvx",
  "args": ["github-mcp-server"],
  "env": { "GITHUB_PAT": "${GITHUB_PAT}" }
}

Scope the PAT to specific repos. Never commit mcp.json with the PAT inline.

2. crystaldba/postgres-mcp (Postgres, replacement for archived reference)

Postgres MCP server with proper parameterization and read-only mode. Detail at /topic/mcp-postgres.

"postgres": {
  "command": "uvx",
  "args": ["postgres-mcp"],
  "env": {
    "DATABASE_URL": "${DATABASE_URL_READONLY}",
    "READ_ONLY": "true"
  }
}

Read-only by default. Create a dedicated Postgres role for the agent.

3. microsoft/playwright-mcp (browser automation)

Microsoft's official Playwright bridge. Browser navigation, snapshot, click, fill. Tighter sandbox than the archived Puppeteer reference server. Useful for visual review of changes and for testing skills.

"playwright": {
  "command": "npx",
  "args": ["-y", "@playwright/mcp@latest"]
}

No auth required (browser runs locally).

4. upstash/context7 (documentation lookup)

Read-only documentation MCP for thousands of libraries (React, Next.js, Prisma, Express, etc.). Helps Claude/Cursor reference current docs instead of training-cutoff information.

"context7": {
  "command": "npx",
  "args": ["-y", "@upstash/context7-mcp"]
}

Read-only by design. Sidesteps the lethal-trifecta concern.

5. brave/brave-search-mcp-server (web search)

Brave Search via MCP. Rate-limited at the API gateway so it can't be cost-blown.

"brave-search": {
  "command": "npx",
  "args": ["-y", "@brave/brave-search-mcp-server"],
  "env": { "BRAVE_API_KEY": "${BRAVE_API_KEY}" }
}

Brave's API has a generous free tier.

6. supabase-community/supabase-mcp (for Supabase-hosted projects)

Supabase REST/RPC wrapper with auth-aware queries. Use only for dev/test environments per Supabase's official caveat — the RLS story through MCP is not yet production-grade.

"supabase": {
  "command": "uvx",
  "args": ["supabase-mcp"],
  "env": {
    "SUPABASE_URL": "${SUPABASE_URL}",
    "SUPABASE_SERVICE_KEY": "${SUPABASE_SERVICE_KEY}"
  }
}

7. makenotion/notion-mcp-server (official Notion)

OAuth-gated, 18 tools, official Notion. Useful when your knowledge base lives in Notion.

"notion": {
  "command": "uvx",
  "args": ["notion-mcp-server"],
  "env": { "NOTION_TOKEN": "${NOTION_TOKEN}" }
}

8. linear.app/docs/mcp (official Linear remote MCP)

Hosted by Linear, OAuth 2.1 with PKCE. Configure the remote endpoint in Cursor:

"linear": {
  "url": "https://mcp.linear.app/mcp",
  "transport": "http"
}

The OAuth flow runs in the browser on first connect.

9. korotovsky/slack-mcp-server (Slack)

OAuth-scoped Slack MCP. Pick this over the official docs.slack.dev server for read-heavy workflows — korotovsky's scopes are more granular.

"slack": {
  "command": "uvx",
  "args": ["slack-mcp-server"],
  "env": { "SLACK_TOKEN": "${SLACK_TOKEN}" }
}

10. cyanheads/obsidian-mcp-server (Obsidian, for note-taking workflows)

Best of three Obsidian implementations. Use Cristian's "mirror vault" pattern from the Obsidian forum — never expose your personal vault directly.

"obsidian": {
  "command": "uvx",
  "args": ["obsidian-mcp-server"],
  "env": { "OBSIDIAN_VAULT_PATH": "${HOME}/notes/mirror" }
}

How to pick 3

You should run 3 at a time, not 10. The 3 you pick depend on the job.

Job: code review and PR work. github + playwright + context7. The agent reviews PRs (github), takes screenshots of UI changes (playwright), and references current API docs (context7). Job: data analysis and reporting. postgres + supabase + brave-search. The agent reads from your database (postgres or supabase), looks up reference data online (brave-search), produces structured output. Job: research and writing. brave-search + context7 + notion. The agent searches the web (brave), reads library docs (context7), writes back to your knowledge base (notion).

Don't pick by "which MCP server is coolest." Pick by what the agent needs to do.

Cursor-specific considerations

A few details that differ from Claude Code.

Composer mode loads MCP tools per-session. Cursor's Composer (the multi-file agent mode introduced in Cursor 2.0) decides which MCP tools to expose based on the user's prompt. You can override via explicit tool mentions. MCP tools are visible in the chat sidebar. Cursor surfaces each connected MCP server's tools as expandable items in the sidebar. Useful for confirming what's actually wired up; if a server is configured but not connected (env var missing, network error), it shows as such. The Cursor security model around MCP is similar to Claude Code's. No publish-time scanning. No re-approval on update. The same install-time checklist from /topic/skill-security-checklist applies to MCP servers — review the source, scope the auth, treat tool descriptions as untrusted. Cursor 2.0 deprecated SSE transport. Older MCP servers that only expose SSE will need updating. Streamable HTTP is the current standard; stdio for local subprocess servers.

Where this fails

The 10-server list is opinionated. Other servers are also good — atlassian/atlassian-mcp-server for Jira, docs.stripe.com for Stripe, Sentry official MCP for error monitoring. We curated for general developer workflows; replace any of the 10 with a vertical-specific server if your work demands it. Cursor's MCP UI changes frequently. Cursor ships fast and the MCP integration UI has been redesigned twice in 2026. Screenshots and step-by-step setup guides go stale; the mcp.json schema has been stable so we focused on that. Some servers require additional client config. A few MCP servers expect Cursor-specific environment variables (CURSOR_SESSION_ID, etc.) or behave differently when launched from Cursor vs Claude Code. Read the server's docs before assuming portability. The trifecta still applies. Three MCP servers running concurrently — github (writes), postgres (private data), brave-search (untrusted external content) — completes the lethal-trifecta in one session. Be deliberate about which servers run together for which task.

Sources

Cursor. "MCP documentation". The mcp.json schema and Cursor-specific behavior.
GitHub. github-mcp-server.
crystaldba. postgres-mcp.
Microsoft. playwright-mcp.
Upstash. context7-mcp.
Brave. brave-search-mcp-server.
Linear. "MCP documentation".
Eclipsesource. "MCP Context Overload". Tool-overload measurements.
Anthropic. "MCP Security Best Practices".
TrueFoundry. "Best MCP Servers for Claude Code". Companion list (different selections).