Server Configuration
Describes the environment variables required to run the server.
| Name | Required | Description | Default |
|---|---|---|---|
| APP_ENV | No | Set to 'production' to enable stricter security requirements. | |
| GEMINI_API_KEY | No | API key for Google Gemini provider. | |
| OPENAI_API_KEY | No | API key for OpenAI provider. | |
| API_BEARER_TOKEN | No | The bearer token used to protect the controller API. | |
| CLAUDE_AUTH_MODE | No | Set to 'cli' to use subscription-backed CLI auth for Anthropic. | |
| GEMINI_AUTH_MODE | No | Set to 'cli' to use subscription-backed CLI auth for Gemini. | |
| MCP_TOOL_PROFILE | No | The tool surface to expose. Set to 'full' for the entire legacy/internal tool surface. Default is curated. | |
| OPENAI_AUTH_MODE | No | Set to 'cli' to use subscription-backed CLI auth instead of API keys. | |
| ANTHROPIC_API_KEY | No | API key for Anthropic/Claude provider. | |
| MCP_ALLOWED_ORIGINS | No | Comma-separated list of exact allowed origins for MCP browser clients. | |
| REQUIRE_OPERATOR_ID | No | Set to 'true' if every non-health request must carry an operator ID header. | |
| AUTO_BROWSER_BASE_URL | Yes | The base URL where the Auto Browser FastAPI server is running (e.g., http://127.0.0.1:8000/mcp). | |
| AUTH_STATE_ENCRYPTION_KEY | No | A 44-char Fernet key used for encrypting auth-state storage at rest. | |
| AUTO_BROWSER_BEARER_TOKEN | No | Bearer token for authenticating the bridge with the Auto Browser API. | |
| REQUIRE_AUTH_STATE_ENCRYPTION | No | Whether to force encryption for auth state files. |
Capabilities
Features and capabilities supported by this server
| Capability | Details |
|---|---|
| tools | {} |
| resources | {
"subscribe": false
} |
Tools
Functions exposed to the LLM to take actions
| Name | Description |
|---|---|
| browser.create_session | Create a new browser session and optionally navigate to a start URL. |
| browser.list_sessions | List live and persisted browser sessions. |
| browser.get_session | Get one browser session summary. |
| browser.observe | Capture the current browser observation with screenshot, interactables, and perception summary. |
| browser.screenshot | Capture a lightweight screenshot for one session without the full observe payload. |
| browser.get_console | Read recent browser console messages for an active session. |
| browser.get_page_errors | Read recent uncaught page errors for an active session. |
| browser.get_request_failures | Read recent failed network requests for an active session. |
| browser.stop_trace | Finalize the current Playwright trace for an active session and return its artifact path. |
| browser.list_auth_profiles | List reusable saved auth profiles that can be loaded into a new session. |
| browser.get_auth_profile | Inspect one saved auth profile and its storage-state metadata. |
| browser.list_downloads | List files captured from browser downloads for one session. |
| browser.list_tabs | List currently open tabs/pages for one session. |
| browser.activate_tab | Switch the active session page to one tab index. |
| browser.close_tab | Close one tab index if more than one tab is open. |
| browser.execute_action | Execute one browser action using the shared internal action schema. |
| browser.save_auth_profile | Save the current session storage state into a reusable named auth profile. |
| browser.request_human_takeover | Ask for a human to take over the shared browser desktop. |
| browser.close_session | Close a session and finalize its trace/artifacts. |
| social.extract_posts | Scrape visible feed posts from the current page. Returns structured list of {text, links, images, y_position}. |
| social.extract_profile | Extract profile info (username, bio, followers, following, avatar) from the current page. |
| social.login | Navigate to the platform login flow, enter credentials, handle TOTP if configured, and save auth state. |
| social.search | Find the search input on the current page and type a query, then press Enter. |
| browser.get_network_log | Return captured HTTP request/response entries for a session. Filtered by method (GET/POST/...) or URL substring. All sensitive headers and bodies are automatically PII-scrubbed. |
| browser.fork_session | Fork a session: snapshot its cookies, storage state, and current URL, then create a new independent session with that state. Useful for branching workflows or running parallel variants. |
| browser.eval_js | Execute a JavaScript expression in the current page context and return the result. Use for DOM queries, value extraction, or lightweight scripting that has no dedicated tool. |
| browser.wait_for_selector | Wait for a CSS selector to reach a specific state (visible, hidden, attached, detached). Returns when the condition is met or raises on timeout. |
| browser.get_html | Get the HTML source of the current page. Set text_only=true to strip tags and return plain text. Set full_page=false (default) for visible viewport only. |
| browser.find_elements | Find all elements matching a CSS selector and return their text, href, value, bounding box, and visibility. Useful before clicking or scraping multiple items. |
| browser.drag_drop | Drag from one element or coordinate to another. Provide source_selector OR (source_x, source_y), and target_selector OR (target_x, target_y). |
| browser.set_viewport | Resize the browser viewport to the specified width and height. |
| browser.find_by_vision | Use Claude Vision to find an element from a natural language description. Returns (x, y) coordinates you can pass to browser.execute_action click. Use when CSS selectors fail or the element has no reliable text anchor. |
Prompts
Interactive templates invoked by user choice
| Name | Description |
|---|---|
No prompts | |
Resources
Contextual data attached and managed by the client
| Name | Description |
|---|---|
| Active Sessions | List of all active browser sessions |