MCP Server (AI Agent Access)

The Postnomic MCP server lets an AI agent — such as an assistant in your editor or terminal — manage your blog content and read analytics directly, using the Model Context Protocol. Instead of click...

Overview

The Postnomic MCP server lets an AI agent — such as an assistant in your editor or terminal — manage your blog content and read analytics directly, using the Model Context Protocol. Instead of clicking through the dashboard, you can ask an agent to draft a post, add a translation, schedule publishing, or summarise last month's traffic, and it calls Postnomic on your behalf.

The MCP server is a thin layer over the same REST API the dashboard uses. Every action runs as you, with your existing blog roles and plan limits — the agent can never do more than you can.

Create a personal access token

The agent authenticates with a personal access token (PAT) instead of a password:

  1. Sign in to your Postnomic dashboard.
  2. Open Access Tokens from the menu.
  3. Click Create token, give it a name (for example, "Laptop agent"), and optionally set an expiry date.
  4. Copy the token that appears — it starts with pnp_ and is shown only once. Store it in your password manager.

A token acts on your behalf across all of your blogs. You can revoke it at any time from the same page; a revoked token stops working immediately.

Connect your MCP client

Add the Postnomic server to your MCP client's configuration (for many tools this is an .mcp.json file) and provide your token:

{
  "mcpServers": {
    "postnomic": {
      "type": "http",
      "url": "https://mcp.postnomic.com/mcp"
    }
  }
}

How you supply the token depends on your client, but it is sent as an Authorization: Bearer header. If the token is missing, expired, or revoked, the server responds with an "unauthorized" error rather than doing anything.

What the agent can do

Once connected, the agent has these tools:

  • Blogs — list the blogs you can access.
  • Posts — list posts, read a post, create a post, update a post, and archive a post. New posts are attributed to you and start as drafts. Creating or updating a post can set its cover, thumbnail, and share (social-preview) image by URL.
  • Images — upload an image (JPG, PNG, GIF, WebP, or SVG; up to 10 MB) to a blog's media library via upload_image and get back its url — a relative path, ready to use as-is as a post's cover image or inline in its content.
  • Publishing — publish, unpublish, schedule a post for a future date, or restore an archived post back to draft with unarchive_post.
  • Translations — add or remove a translation of a post in another language.
  • Insights — read a blog's analytics dashboard and per-post statistics.

Publish a post with images

A typical agent workflow for a post with a cover image:

  1. Upload the image with upload_image, passing the blog, a file name, and the image bytes as base64. The response includes the uploaded file's url — a relative /media/blob/... path, not an absolute address. The platform resolves it automatically wherever the post is rendered, so pass it through unchanged.
  2. Create the post with create_post, passing that url as-is as the cover image (and optionally a thumbnail or share image).
  3. Publish the post once you're happy with it, either by passing publish=true when creating it or by publishing it separately afterwards.

Keep your token safe

Your token is like a password:

  • Never paste it into chat messages, screenshots, code, or issues.
  • Give each machine or tool its own token, so you can revoke one without affecting the others.
  • Revoke a token immediately if it may have been exposed.
  • Prefer creating posts as drafts and reviewing them before publishing.

The server never stores or logs your token in plain text — only a hashed fingerprint is kept so it can be validated and revoked.

Was this article helpful?

Thank you for your feedback!