Do I need to rewrite my Next.js API routes to expose them as MCP tools?

No. wmcp.sh ingests an OpenAPI 3 spec describing your Route Handlers and generates MCP tool definitions automatically. Your existing GET/POST/PATCH handlers in app/api/**/route.ts stay untouched. The only required change is to publish an OpenAPI document at a public URL — most teams generate this with next-rest-framework or by hand-writing a tiny static spec.

Does this work with Next.js App Router and Edge Runtime?

Yes. wmcp.sh is transport-agnostic at the spec level — it doesn't care whether your handler runs on Node, the Vercel Edge Runtime, or as a static export with a separate API backend. As long as the handler responds at the URL in the OpenAPI spec, MCP clients can invoke it via the wmcp.sh proxy.

How do I authenticate agent traffic into my Next.js app?

Three patterns work today: (1) Pass-through bearer tokens — wmcp.sh forwards the Authorization header from the MCP client to your handler. (2) OAuth proxy via /mcp/ — if your app uses OAuth 2.1 with Dynamic Client Registration, wmcp.sh can act as a transparent proxy for MCP clients that can't drive OAuth flows themselves. (3) Per-tool API keys — declare them as securitySchemes in your OpenAPI spec and wmcp.sh prompts the agent at registration time.

Can wmcp.sh call server actions or only Route Handlers?

Server actions are RPC over POST, but they don't have a stable public URL or schema — they're an internal Next.js mechanism. For MCP exposure, wrap the same business logic in a Route Handler with a stable path and typed inputs. The function body can be one line that calls the existing server action.

What about rate limiting and cost control?

wmcp.sh applies its own per-token rate limits at the edge before traffic reaches your origin. For finer control, return standard 429 responses from your Route Handler with Retry-After headers and wmcp.sh surfaces them to the calling agent as MCP error responses.

integration · Next.js

Next.js MCP integration.

Your Next.js 15 app already has API routes; here's how to expose them as MCP tools without rewriting a single handler. Publish an OpenAPI spec, point wmcp.sh at it, and any MCP-compatible agent (Claude Desktop, Cursor, Codex) gets typed tools.

wmcp.sh is not affiliated with Vercel or Anthropic. App Router and Route Handlers are Next.js features.

The gap

You have the API. You don't have the MCP server.

What you have today

Route Handlers under app/api/**/route.ts serving your web app, with typed inputs (Zod, valibot, or hand-rolled), Vercel deployment, and probably some Zod-to-OpenAPI generator emitting a spec.

What agents need

A Model Context Protocol server exposing each route as a tool with JSON Schema inputs and structured outputs. wmcp.sh generates it from your existing OpenAPI doc — no new handler, no new framework.

The wiring

One Route Handler, exposed as a tool.

A real, runnable example. The handler is plain Next.js 15; the OpenAPI bit is what wmcp.sh ingests.

// app/api/quotes/route.ts — Next.js 15 App Router
import { NextResponse } from 'next/server';
import { z } from 'zod';

export const runtime = 'edge';

const QuoteInput = z.object({
  symbol: z.string().min(1).max(12),
  size: z.number().positive(),
});

export async function POST(req: Request) {
  const body = QuoteInput.parse(await req.json());
  const mid = await fetchMid(body.symbol);
  return NextResponse.json({
    symbol: body.symbol,
    bid: mid * 0.999,
    ask: mid * 1.001,
    size: body.size,
    issued_at: new Date().toISOString(),
  });
}

// Publish OpenAPI at /api/openapi (next-rest-framework, zod-to-openapi, or hand-rolled).
// Then point wmcp.sh at https://acme.example.com/api/openapi and every route
// becomes an MCP tool the agent can call.

Once the spec is live, register it once: curl 'https://wmcp.sh/api/v1/tools?url=https://acme.example.com/api/openapi'. See /integration/openapi for the full spec-ingest contract.

Side-by-side

Hand-rolled MCP server vs wmcp.sh ingest.

Capability	Hand-rolled MCP server	wmcp.sh + Next.js OpenAPI
Tool schema generation	⚠️ You write a tools.ts and keep it in sync with Route Handlers	✅ Auto-generated from the OpenAPI spec your build already emits
Streamable HTTP transport	⚠️ You implement the MCP spec server yourself	✅ Served at `https://wmcp.sh/mcp/<your-id>` with SSE + HTTP fallback
Authentication forwarding	⚠️ Custom middleware in every Route Handler	✅ Bearer / OAuth 2.1 / API-key passthrough configured per spec
Edge Runtime support	✅ Yes, if you keep the MCP server edge-compatible	✅ wmcp.sh runs on Cloudflare Workers; your origin can be Edge or Node
Per-tool rate limit	⚠️ Manual	✅ Token-bucket per MCP client at the proxy edge
Spec drift detection	❌ Silent breakage when handler diverges from tools.ts	✅ Spec is the source of truth; re-ingest on deploy

FAQ

Common questions from Next.js teams.

Do I need to rewrite my Route Handlers?

No. Your app/api/**/route.ts files stay as-is. wmcp.sh consumes an OpenAPI document describing them and generates MCP tool definitions. Most teams generate the spec with a Zod-to-OpenAPI library or hand-write a small static file.

Does this work with Edge Runtime and Vercel?

Yes. The wmcp.sh proxy doesn't care whether your origin runs on the Vercel Edge Runtime, Node, or a static export with a separate backend. If the URL responds, MCP clients can call it.

How does authentication work?

Three patterns: pass-through bearer (wmcp.sh forwards Authorization), OAuth 2.1 proxy at /mcp/<provider> for DCR-compliant origins, or per-tool API keys declared in your spec's securitySchemes.

What about Server Actions?

Server Actions are RPC over POST without a stable public URL or schema. For MCP exposure, wrap the same logic in a Route Handler with a typed input. The handler can be one line that calls the action.

Can I gate which routes become tools?

Yes — tag operations in your OpenAPI spec and pass &tag=public to the ingest URL. Untagged or excluded operations stay invisible to MCP clients.

What versions of Next.js are supported?

Next 13.4+ App Router works the same way (Route Handlers shipped GA in 13.4). The example targets Next 15 because that's current. Pages Router API routes work too if you can publish an OpenAPI spec for them.

Need this done for you?

Skip the wiring — we ship the OpenAPI + MCP for your Next.js app.

Audit your Route Handlers, emit a typed spec, deploy a hosted MCP at mcp.yourbrand.com. Starter $499 one-time setup; Managed Retainer $999/mo for ongoing maintenance; Enterprise $4,999+/mo for SLA + private deploy.

See /managed → Submit (free)

You have the API. You don't have the MCP server.

What you have today

What agents need

One Route Handler, exposed as a tool.

Hand-rolled MCP server vs wmcp.sh ingest.

Common questions from Next.js teams.

Other frameworks.

Skip the wiring — we ship the OpenAPI + MCP for your Next.js app.