aNotepad — AI Integration (MCP)

aNotepad exposes a Model Context Protocol (MCP) server so you can use AI assistants like Claude Desktop, Cursor, and ChatGPT to read, search, write, and organize your notes through natural conversation.

Endpoint: https://api.anotepad.com/mcp
Transport: Streamable HTTP  |  Auth: OAuth 2.1 (PKCE)  |  Required plan: Pro or Max

Quick Start

  1. Make sure your aNotepad account is on the Pro or Max plan.
  2. In your AI client's settings, add an MCP server with URL https://api.anotepad.com/mcp.
  3. The client opens a browser window for you to sign in to aNotepad and approve access.
  4. Done. Ask the assistant things like "summarize my recipe collection" or "find the note where I saved the link to that GitHub repo".

Connecting From Specific Clients

Claude Desktop supports remote MCP servers natively.

  1. Open Claude Desktop and go to Settings → Connectors (or Settings → Developer → Edit Config for older versions).
  2. Click Add custom connector and paste the URL: https://api.anotepad.com/mcp
  3. A browser window opens — sign in to aNotepad and approve.
  4. Back in Claude Desktop, the aNotepad tools appear under the connectors list.

For older Claude Desktop versions, the config file path is ~/Library/Application Support/Claude/claude_desktop_config.json on macOS or %APPDATA%\Claude\claude_desktop_config.json on Windows.

  1. Open Settings → MCP (or Ctrl+Shift+J → MCP tab).
  2. Click Add new MCP server.
  3. Set transport to HTTP / SSE and URL to https://api.anotepad.com/mcp.
  4. Save. A browser window opens for OAuth — sign in and approve.
  5. Tools appear in the Cursor chat tool picker.

ChatGPT supports MCP servers as Connectors (Plus / Pro / Team / Enterprise plans).

  1. In ChatGPT, click your name (bottom left) → Settings → Connectors → Connect more.
  2. Choose Add custom connector and paste https://api.anotepad.com/mcp.
  3. Approve the OAuth flow. The aNotepad tools become available in your conversations when relevant.

The official MCP Inspector lets you call tools manually and inspect responses.

npx @modelcontextprotocol/inspector
  1. The Inspector opens at http://localhost:6274.
  2. Set transport to Streamable HTTP and URL to https://api.anotepad.com/mcp.
  3. Click Connect. A browser window opens for OAuth.
  4. After approval, browse the tools list and invoke each manually.

Available Tools

Twenty-two tools across six groups. The AI can read your notes, organize them into collections, manage comments, retrieve historical versions, and email or download notes.

Notes

  • list_notes — list your notes (most recently updated first), metadata only
  • get_note — fetch a single note's content
  • search_notes — search your notes by title (case-insensitive substring)
  • create_note — create a PlainText, RichText, Task, or Markdown note
  • update_note — change title, content, access, or permission
  • delete_note — soft-delete (moves to recycle bin)

Versions

  • list_note_versions — list historical versions of a note
  • get_note_version — read a specific version's content
  • restore_note_version — replace current content with an older version

Export & Email

  • get_note_download_url — download URL for PDF, DOCX, DOC, ODT, HTML, or TXT
  • email_note — email a note as HTML, PDF, or DOCX to a single recipient

Collections

  • list_collections — list your note collections
  • create_collection — create a new collection
  • move_note_to_collection — assign a note to a collection (or unassign)
  • delete_collection — delete a collection (notes inside are kept, just unassigned)

Comments

  • list_comments — comments on a specific note
  • list_recent_comments — recent comments across all your notes
  • create_comment — add a comment as the note owner; pass parentCommentNumber to post a threaded reply
  • delete_comment — delete a comment from your note

Files & Bookmarks

  • list_note_files / get_note_file_download_url / delete_note_file — manage attachments
  • list_bookmarks_in_note / add_bookmark / remove_bookmark — manage Bookmark-type notes

Uploading new files is not supported via MCP — use the web app to attach files.

What's Not Exposed

Some operations are intentionally not available to AI to keep sensitive flows on the web app where you can review them visually:

  • Setting note passwords. Removing or clearing a password is fine, but setting a new password value via AI is blocked (it would land in chat transcripts).
  • Creator wallet setup. Switching a note INTO Paid access via AI is supported (pass paidPrice and paidPreview to update_note), but the underlying account must already have a verified email and a Creator wallet configured in the web app — those one-time setup steps cannot be done via AI.
  • File uploads. AI can list, download, and delete attachments, but new uploads must go through the web app.
  • Account / billing changes. Plan changes, payment methods, etc. are only available in the web app.

Authentication & Authorization

aNotepad uses standard OAuth 2.1 with PKCE and Dynamic Client Registration (RFC 7591). Your AI client registers itself the first time it connects, then runs an authorization-code flow:

  1. The client discovers the OAuth server via /.well-known/oauth-protected-resource.
  2. It registers via POST /connect/register (no manual setup needed).
  3. It opens a browser to /connect/authorize for you to sign in and approve.
  4. The token returned is bound to the https://api.anotepad.com/mcp resource (RFC 8707).

Tokens last 60 minutes and refresh automatically using a 30-day refresh token. You can revoke a client at any time from your account settings.

Rate Limits

Plan Tool calls / minute New notes / day Emails sent / hour
Pro 60 1,000 10
Max 300 5,000 10

Limits are per user, not per client. If you connect from multiple AI clients simultaneously, they share the same quota.

Privacy & Security

  • What the AI sees. Only your own notes and their comments. The AI cannot read other users' notes or your account/billing data.
  • Untrusted comment marking. Comments on your public notes are wrapped in <untrusted-comment> markers in tool responses, signaling to the AI that the text is data, not instructions — a defense against prompt injection from anonymous commenters.
  • Destructive action confirmation. Tools that delete data, change access settings, or send emails are marked as destructive — most AI clients require an extra approval prompt before executing them.
  • Single-recipient email. The email_note tool rejects comma- or semicolon-separated recipient lists. Each email goes to one address, by design.
  • No content in logs. Note content and passwords are never written to server logs. Tool calls are logged with user id, tool name, and target id only.

Troubleshooting

Your aNotepad account is on the Free or Plus plan. Upgrade to Pro or Max from the membership page in your account settings.

This usually means the OAuth callback URL the client uses isn't reachable from your browser. Make sure your browser allows pop-ups from anotepad.com and that localhost is reachable (for desktop clients that complete the flow on a local port).

You've made too many tool calls in the last minute. Wait a minute and try again, or upgrade to Max for a higher limit.

Disconnect and reconnect the server in your AI client's settings. Some clients cache the tool list and need a refresh.

By design — passing a password value through chat would put it in the transcript and your client's logs. Open the note in the web app to set a password. (The AI can remove an existing password.)

Have Questions?

Email support@anotepad.com.

Looking for the REST API instead? See the API documentation.