MCP Setup

How to connect Claude Desktop or other MCP clients to the Braking Lab Race Engineer.

The Race Engineer connects through the Model Context Protocol (MCP) using Streamable HTTP transport with OAuth 2.0 authentication. Setup takes less than 5 minutes.

Claude Desktop

The recommended client is Claude Desktop, which supports MCP natively.

Step 1: Open Configuration

In Claude Desktop, go to Settings > Developer > Edit Config to open claude_desktop_config.json.

Step 2: Add the Server

Add the following to your configuration:

{
  "mcpServers": {
    "braking-lab": {
      "url": "https://mcp.brakinglab.com/mcp"
    }
  }
}

Step 3: Authenticate

Save the config and restart Claude Desktop
Claude will detect the Race Engineer tools automatically
On first use, a browser window opens for authentication
Log in with your Braking Lab account (email/password, Google, or GitHub)
Once authenticated, the connection is established

That’s it. You can now ask Claude about your telemetry data, request coaching reports, or prepare for races.

How Authentication Works

Claude Desktop discovers the OAuth endpoints automatically through standard discovery protocols (RFC 9728 and RFC 8414). You don’t need to manage tokens or API keys — the client handles everything.

Cursor

Cursor has built-in MCP support:

Open Settings > MCP
Add a new server with URL: https://mcp.brakinglab.com/mcp
Save and authenticate when prompted

Windsurf

Windsurf supports MCP connections:

Open the MCP configuration in settings
Add the server URL: https://mcp.brakinglab.com/mcp
Authenticate through the browser when prompted

Other MCP Clients

Any client that supports MCP Streamable HTTP transport and OAuth 2.0 with PKCE can connect. The server URL is:

https://mcp.brakinglab.com/mcp

The server publishes standard discovery endpoints:

/.well-known/oauth-protected-resource — Resource metadata (RFC 9728)
/.well-known/oauth-authorization-server — Authorization server metadata (RFC 8414)

Your client should handle the OAuth flow automatically if it supports these standards.

OAuth Flow (Technical Reference)

For developers building custom clients, here’s the full authentication flow:

1. Client → POST /mcp (no token)
   ← 401 + WWW-Authenticate header with resource_metadata URL

2. Client → GET /.well-known/oauth-protected-resource
   ← Returns authorization_servers URL

3. Client → GET /.well-known/oauth-authorization-server
   ← Returns authorization_endpoint, token_endpoint, registration_endpoint

4. Client → POST /oauth/register (dynamic client registration)
   ← Returns client_id and client_secret

5. Client → GET /oauth/authorize (with PKCE code_challenge)
   → Opens browser: user logs in via Supabase auth
   ← Returns authorization code

6. Client → POST /oauth/token (code + code_verifier exchange)
   ← Returns access_token + refresh_token

7. Client → POST /mcp (with Bearer access_token)
   ← MCP response with tool results

The access token is a JWT that identifies the user. The refresh token allows silent re-authentication when the access token expires.

Troubleshooting

”Connection Failed” or Timeout

Verify the URL is exactly https://mcp.brakinglab.com/mcp
Check your internet connection
Restart the MCP client

Authentication Keeps Asking to Log In

Clear the client’s stored tokens and authenticate again
Verify your Braking Lab account is active
Check that browser pop-ups are not blocked

Tools Not Appearing

Restart the MCP client after saving the configuration
Check the client’s MCP logs for connection errors
Verify the server URL doesn’t have a trailing slash

Next Steps

Available Tools — See what the Race Engineer can do
Coaching — Get AI analysis of your driving