Substack Draft MCP Server
Server Configuration
Describes the environment variables required to run the server.
| Name | Required | Description | Default |
|---|---|---|---|
| HOST | No | HTTP bind host (default: 127.0.0.1 outside production, 0.0.0.0 in production) | |
| PORT | No | HTTP port (default: 8787) | |
| NODE_ENV | No | Node environment (e.g., production, development) | |
| AUTH_MODE | No | Authentication mode: noauth, static_bearer, or oauth | |
| LOG_LEVEL | No | Log level (e.g., info, debug) | |
| MCP_TRANSPORT | No | MCP transport mode: http or stdio | |
| MAX_BODY_BYTES | No | Max accepted body size for Markdown text and serialized blocks_v1 input | |
| OAUTH_JWKS_URL | No | JWKS endpoint URL for JWT verification (required for oauth mode) | |
| MAX_IMAGE_BYTES | No | Max accepted image payload size before upload | |
| MCP_PATH_SECRET | No | Optional single URL-safe path segment to move MCP endpoint from /mcp to /mcp/<secret> | |
| MCP_BEARER_TOKEN | No | Bearer token for static_bearer auth mode | |
| SUBSTACK_USER_ID | No | Positive numeric Substack user id for draft bylines | |
| MCP_PUBLIC_BASE_URL | No | Public HTTPS origin of this MCP server (required for oauth mode) | |
| SUBSTACK_USER_AGENT | No | Optional browser-like user agent for Substack requests | |
| OAUTH_JWT_ALGORITHMS | No | Comma-separated asymmetric JWT signing algorithms (default: RS256,ES256) | |
| PREVIEW_TOKEN_SECRET | No | HMAC secret for confirmation tokens; required for write operations | |
| SUBSTACK_SESSION_TOKEN | No | Substack session cookie value for authentication | |
| SUBSTACK_PUBLICATION_URL | No | Public HTTPS publication origin for Substack API client | |
| SUBSTACK_REQUEST_TIMEOUT_MS | No | Timeout in milliseconds for outbound Substack API requests and remote image fetches (default: 30000) | |
| CONFIRMATION_TOKEN_TTL_SECONDS | No | Positive confirmation token lifetime in seconds | |
| OAUTH_AUTHORIZATION_SERVER_URL | No | OAuth authorization server issuer URL (required for oauth mode) | |
| OAUTH_RESOURCE_DOCUMENTATION_URL | No | Optional documentation URL for OAuth protected resource metadata |
Capabilities
Server capabilities have not been inspected yet.
Tools
Functions exposed to the LLM to take actions
| Name | Description |
|---|---|
No tools | |
Prompts
Interactive templates invoked by user choice
| Name | Description |
|---|---|
No prompts | |
Resources
Contextual data attached and managed by the client
| Name | Description |
|---|---|
No resources | |
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/damienbenveniste/substack-mcp'
If you have feedback or need assistance with the MCP directory API, please join our Discord server