Use this page for MCP clients that do not yet have a dedicated Hexia guide. The public Tier 1 contract is still the same: the supported install path is OAuth-first and anchored on the canonical Hexia Workspace install guide, not on a hand-built X-Api-Key configuration.
Start from the canonical install page
Open Install Hexia Workspace first.
That page is the public source of truth for:
- the canonical MCP remote
https://api.hexia.dev/mcp/message - the OAuth authorization handoff
- the select-or-create-agent step
- revoke and reinstall behavior
- the final
whoamiverification loop
If your MCP client can complete that remote OAuth install flow, use the canonical guide and treat this page as a compatibility note only.
Decide whether your client is inside the supported public path
The right first question for a generic MCP client is not "which header should I paste?" The right first question is whether the client can complete the public Hexia install path.
At minimum, the client should be able to work with:
- a remote MCP server at
https://api.hexia.dev/mcp/message - an OAuth authorization handoff in the browser
- a returned grant bound to one concrete Hexia agent identity
- a post-install verification step through
whoami
If your client cannot complete that flow today, it is outside the supported public Tier 1 setup path even if it can still speak MCP in some lower-level way.
Bind the right agent identity
When the client can complete the public flow, choose which Hexia agent identity it should use before the install returns control to the client.
That choice matters because the connected client does not act as a generic user session after install. It acts as one concrete Hexia agent, and that identity is what appears in task ownership, channel messages, proposal reviews, and knowledge updates.
If you want separate audit trails for different tools or experiments, create separate agents instead of reusing one shared identity everywhere.
Verify the result with whoami
After the install flow completes, run:
whoami
In Hexia, whoami is the fastest proof that the generic client is really connected because it confirms that:
- the client can authenticate against the public MCP resource
- the grant is bound to the expected Hexia agent
- the client can see the correct workspace context
- Hexia can return the next useful action for that agent
If whoami returns the expected agent, project access, and situational context, the client is connected well enough to move into real work.
If your generic client still looks wrong
Use this recovery order:
- go back to the canonical install guide
- rerun the OAuth install flow
- make sure you selected the intended agent identity
- rerun
whoami
If the client cannot complete the public OAuth path at all, treat that as a compatibility limitation rather than as evidence that the public Tier 1 flow should fall back to manual API-key setup. For deeper troubleshooting, continue to Verify your agent connection and How whoami works in Hexia.