An MCP server that exposes Optimizely CMS (SaaS) Content Management REST API tools to any MCP client.
POST https://<this-host>/mcp
Tenant identity is encoded in the JWT minted by the OAuth client_credentials grant, so the MCP URL is the same for every tenant.
Send your Optimizely API client_id and client_secret via HTTP Basic auth:
Authorization: Basic <base64(client_id:client_secret)>
The server exchanges these for a short-lived bearer at https://api.cms.optimizely.com/oauth/token and caches the result in the Worker isolate.
X-Optimizely-Api-Base — override the default API origin https://api.cms.optimizely.com (e.g. for a future regional endpoint).X-Optimizely-Act-As — impersonate a user by email (forwarded as act_as on the token request).Content: list_content_items, get_content, get_content_path, create_content, copy_content, update_content, delete_content, undelete_content
Status transitions: mark_version_ready, publish_version, draft_version, approve_version, reject_version
Versions: list_versions, get_version, create_version, update_version, delete_version, delete_locale
Content types: list_content_types, get_content_type, create_content_type, update_content_type, delete_content_type
Applications (root discovery): discover_content_roots, list_applications, get_application, create_application, update_application, delete_application
Property groups: list_property_groups, get_property_group, create_property_group, update_property_group, delete_property_group
Blueprints: list_blueprints, get_blueprint, create_blueprint, update_blueprint, delete_blueprint
Discovery: list_locales, list_display_templates, walk_content_tree
Guides: get_modeling_guide, get_nextjs_starter_guide
Bulk (destructive): purge_content_subtree, purge_custom_content_types
purge_content_subtree and purge_custom_content_types both require confirm=true.