📘 Guides

Connect to Cursor

Give Cursor's AI access to your secret vault. Your AI coding assistant can retrieve database URLs and API keys during development, store credentials it generates, and check approval status — all without leaving the editor.

What this unlocks

🔑

Retrieve credentials on demand

Ask Cursor to connect to your database, call an API, or test an integration — it fetches the credentials directly from your vault.

💾

Store generated secrets

When Cursor generates an API key, webhook secret, or token, it can store it in the vault immediately — no copy-paste.

✅

Check approval status

Cursor can check whether a pending approval request has been granted before proceeding with a sensitive operation.

1
Get your agent API key
Log in to the Agent Secret Store dashboard and copy your agent key. For Cursor, we recommend creating a dedicated scoped agent (see below) rather than using your master key.
2
Add the MCP configuration to Cursor
You can configure MCP servers in Cursor two ways:
Option A — Settings UI
Open Cursor Settings → Features → MCP Servers and click Add new MCP server. Enter the config below.
Option B — Config file
Edit ~/.cursor/mcp.json directly.
~/.cursor/mcp.json
{ "mcpServers": { "agent-secret-store": { "command": "npx", "args": ["-y", "@agentsecretstore/mcp"], "env": { "ASS_AGENT_KEY": "ass_your_agent_key_here" } } } }
3
Restart Cursor
Quit Cursor completely and reopen it. The MCP server starts with the editor. You should see Agent Secret Store listed under Settings → Features → MCP Servers with a green connected indicator.
4
Test with a prompt in Composer
Open Cursor Composer (⌘I) and try:
Text
"List my Agent Secret Store secrets in the staging namespace"
Cursor will call list_secrets and display your vault contents in the Composer response.

Usage examples

Retrieve credentials during development

Python

# In Cursor chat or Composer:

"Connect to the database using our staging credentials"

# Cursor calls get_secret:
# namespace: "staging/database"
# key: "DATABASE_URL"

# Then uses it in generated code:
import asyncpg

async def get_db():
    # DB URL fetched from Agent Secret Store vault
    url = await vault.get_secret("staging/database/DATABASE_URL")
    return await asyncpg.connect(url)

Store a generated API key

Text

# In Cursor chat:

"Generate a new API key for the webhook integration and store it in the vault"

# Cursor generates a secure random key, then calls set_secret:
# namespace: "production/webhook"
# key: "API_KEY"
# value: "<generated-key>"
# secret_type: "api_key"
# access_tier: "sensitive"

# Response:
# ✓ Generated and stored webhook API key at production/webhook/API_KEY (v1)
# The key has been stored in your vault. Use vault.get_secret() to retrieve it.

Check approval status

Text

# In Cursor Composer:

"Check if my request for the Stripe production key was approved"

# Cursor calls get_approval_status:
# approval_id: "00000000-0000-4000-8000-000000000123"

# Response:
# Approval status: PENDING
# Requested by: agt_cursor_dev
# Requested 5 minutes ago — waiting on 1 of 2 approvers

Cursor auto-generates vault-aware code

lib/secrets.ts

// Cursor generates this code pattern automatically when it
// knows you're using Agent Secret Store:

import { AgentVault } from '@agentsecretstore/sdk';

const vault = new AgentVault({ agentKey: process.env.ASS_AGENT_KEY! });

// Development: reads from staging namespace
// Production: reads from production namespace
const namespace = process.env.NODE_ENV === 'production'
  ? 'production'
  : 'staging';

export async function getGeminiKey(): Promise<string> {
  return await vault.getSecret(`${namespace}/gemini/GEMINI_API_KEY`);
}

Create a scoped agent for Cursor

Cursor should only have access to development and staging namespaces — not production. Create a dedicated scoped agent:

Shell

# Create a dedicated agent for Cursor with dev/staging scopes
ass agents create \
  --name "cursor-dev" \
  --description "Cursor IDE MCP access — dev and staging only" \
  --scopes "secrets:read:staging/*,secrets:read:dev/*,secrets:write:dev/*"

# Do NOT give Cursor production write access unless absolutely necessary

Protect production

Don't give Cursor write access to your production namespace. Dev and staging scopes are sufficient for coding workflows. Use the CLI or dashboard for production secret management.

Troubleshooting

❓ MCP server shows as disconnected in Cursor settings

Verify Node.js is installed (node --version in terminal). Check the JSON config for syntax errors. Restart Cursor after any config change.

❓ Cursor says it can't find Agent Secret Store tools

Make sure the mcp.json file is in ~/.cursor/ (not the project directory). The tools only appear in Composer and Chat when the MCP server is connected.

❓ Permission denied when reading secrets

The agent key may lack permissions for that namespace. Check the scopes assigned to your agent in the dashboard or create a new agent with broader scopes.

Shell

# Cursor MCP logs (macOS)
tail -f ~/Library/Logs/Cursor/mcp-agent-secret-store.log

# Local smoke test with SSE transport
ASS_AGENT_KEY=ass_your_key npx -y @agentsecretstore/mcp --transport sse --port 3100
curl http://localhost:3100/health

Next steps

Claude Desktop →

Connect your vault to Claude Desktop too.

MCP Quick Start →

All MCP tools, transport options, and examples.

Scoped Tokens →

Issue fine-grained tokens for each use case.

What this unlocks

🔑

Retrieve credentials on demand

Ask Cursor to connect to your database, call an API, or test an integration — it fetches the credentials directly from your vault.

💾

Store generated secrets

When Cursor generates an API key, webhook secret, or token, it can store it in the vault immediately — no copy-paste.

✅

Check approval status

Cursor can check whether a pending approval request has been granted before proceeding with a sensitive operation.

{ "mcpServers": { "agent-secret-store": { "command": "npx", "args": ["-y", "@agentsecretstore/mcp"], "env": { "ASS_AGENT_KEY": "ass_your_agent_key_here" } } } }

Usage examples

Retrieve credentials during development

Python

# In Cursor chat or Composer:

"Connect to the database using our staging credentials"

# Cursor calls get_secret:
# namespace: "staging/database"
# key: "DATABASE_URL"

# Then uses it in generated code:
import asyncpg

async def get_db():
    # DB URL fetched from Agent Secret Store vault
    url = await vault.get_secret("staging/database/DATABASE_URL")
    return await asyncpg.connect(url)

Store a generated API key

Text

# In Cursor chat:

"Generate a new API key for the webhook integration and store it in the vault"

# Cursor generates a secure random key, then calls set_secret:
# namespace: "production/webhook"
# key: "API_KEY"
# value: "<generated-key>"
# secret_type: "api_key"
# access_tier: "sensitive"

# Response:
# ✓ Generated and stored webhook API key at production/webhook/API_KEY (v1)
# The key has been stored in your vault. Use vault.get_secret() to retrieve it.

Check approval status

Text

# In Cursor Composer:

"Check if my request for the Stripe production key was approved"

# Cursor calls get_approval_status:
# approval_id: "00000000-0000-4000-8000-000000000123"

# Response:
# Approval status: PENDING
# Requested by: agt_cursor_dev
# Requested 5 minutes ago — waiting on 1 of 2 approvers

Cursor auto-generates vault-aware code

lib/secrets.ts

// Cursor generates this code pattern automatically when it
// knows you're using Agent Secret Store:

import { AgentVault } from '@agentsecretstore/sdk';

const vault = new AgentVault({ agentKey: process.env.ASS_AGENT_KEY! });

// Development: reads from staging namespace
// Production: reads from production namespace
const namespace = process.env.NODE_ENV === 'production'
  ? 'production'
  : 'staging';

export async function getGeminiKey(): Promise<string> {
  return await vault.getSecret(`${namespace}/gemini/GEMINI_API_KEY`);
}

Create a scoped agent for Cursor

Cursor should only have access to development and staging namespaces — not production. Create a dedicated scoped agent:

Shell

# Create a dedicated agent for Cursor with dev/staging scopes
ass agents create \
  --name "cursor-dev" \
  --description "Cursor IDE MCP access — dev and staging only" \
  --scopes "secrets:read:staging/*,secrets:read:dev/*,secrets:write:dev/*"

# Do NOT give Cursor production write access unless absolutely necessary

Protect production

Don't give Cursor write access to your production namespace. Dev and staging scopes are sufficient for coding workflows. Use the CLI or dashboard for production secret management.

Troubleshooting

❓ MCP server shows as disconnected in Cursor settings

Verify Node.js is installed (node --version in terminal). Check the JSON config for syntax errors. Restart Cursor after any config change.

❓ Cursor says it can't find Agent Secret Store tools

Make sure the mcp.json file is in ~/.cursor/ (not the project directory). The tools only appear in Composer and Chat when the MCP server is connected.

❓ Permission denied when reading secrets

The agent key may lack permissions for that namespace. Check the scopes assigned to your agent in the dashboard or create a new agent with broader scopes.

Shell

# Cursor MCP logs (macOS)
tail -f ~/Library/Logs/Cursor/mcp-agent-secret-store.log

# Local smoke test with SSE transport
ASS_AGENT_KEY=ass_your_key npx -y @agentsecretstore/mcp --transport sse --port 3100
curl http://localhost:3100/health

What this unlocks

Retrieve credentials on demand

Store generated secrets

Check approval status

Get your agent API key

Add the MCP configuration to Cursor

Restart Cursor

Test with a prompt in Composer

Usage examples

Create a scoped agent for Cursor

Troubleshooting

Next steps

Claude Desktop →

MCP Quick Start →

Scoped Tokens →

What this unlocks

Retrieve credentials on demand

Store generated secrets

Check approval status

Get your agent API key

Add the MCP configuration to Cursor

Restart Cursor

Test with a prompt in Composer

Usage examples

Create a scoped agent for Cursor

Troubleshooting

Next steps

Claude Desktop →

MCP Quick Start →

Scoped Tokens →