API Reference

Zephex exposes one hosted MCP endpoint. Every request is a POST to the same URL using JSON-RPC 2.0 over HTTPS.

Property	Value
URL	https://zephex.dev/mcp
Method	POST
Protocol	JSON-RPC 2.0 over Streamable HTTP
Content-Type	application/json
Auth	Authorization: Bearer YOUR_API_KEY

ABOUT STREAMABLE HTTP

Zephex uses JSON-RPC 2.0 over HTTPS with chunked transfer encoding. This is the MCP HTTP transport. You do not need stdio, local bridge packages, or websockets. If your editor or client supports MCP over HTTP with custom headers, it works with Zephex out of the box.

For most clients you can treat responses as normal JSON responses. If your client supports streamed chunks, read the body incrementally until the JSON-RPC message is complete and then parse it as usual.

AUTHENTICATION

Every request requires a Bearer token. Generate keys in Dashboard → API Keys, rotate exposed keys immediately, and keep separate keys for local, staging, and production.

Authorization: Bearer YOUR_API_KEY

KEY FORMAT

API keys follow the format mcp_<environment>_<id>.<secret>. Example: mcp_prod_abc123-xy78z. Only the prefix is visible in the dashboard — the full key is shown only once when created. If you lose a key, rotate it and create a new one.

REQUEST FORMAT

List the available tools:

curl -X POST https://zephex.dev/mcp \  -H "Authorization: Bearer YOUR_API_KEY" \  -H "Content-Type: application/json" \  -d '{"jsonrpc":"2.0","id":1,"method":"tools/list","params":{}}'

Call a tool:

curl -X POST https://zephex.dev/mcp \  -H "Authorization: Bearer YOUR_API_KEY" \  -H "Content-Type: application/json" \  -d '{    "jsonrpc": "2.0",    "id": 1,    "method": "tools/call",    "params": {      "name": "get_project_context",      "arguments": {        "path": "/path/to/repo"      }    }  }'

RESPONSE FORMAT

{  "jsonrpc": "2.0",  "id": 1,  "result": {    "content": [      {        "type": "text",        "text": "..."      }    ]  }}

SDK EXAMPLES

JavaScript / TypeScript (fetch)

const response = await fetch('https://zephex.dev/mcp', {  method: 'POST',  headers: {    'Authorization': 'Bearer YOUR_API_KEY',    'Content-Type': 'application/json',  },  body: JSON.stringify({    jsonrpc: '2.0',    id: 1,    method: 'tools/call',    params: {      name: 'get_project_context',      arguments: { path: '/path/to/repo' }    }  })}) const data = await response.json()console.log(data.result.content[0].text)

Python (requests)

import requests response = requests.post(    'https://zephex.dev/mcp',    headers={        'Authorization': 'Bearer YOUR_API_KEY',        'Content-Type': 'application/json',    },    json={        'jsonrpc': '2.0',        'id': 1,        'method': 'tools/call',        'params': {            'name': 'get_project_context',            'arguments': {'path': '/path/to/repo'}        }    })print(response.json()['result']['content'][0]['text'])

ERROR CODES

Code	Meaning
400	Malformed JSON-RPC request or invalid arguments
401	Invalid or missing API key
429	Rate limit exceeded for your plan or tier
500	Internal server error

RATE LIMITS

Rate limit headers are returned on every response.

X-RateLimit-Limit: 300X-RateLimit-Remaining: 247X-RateLimit-Reset: 1775001600

Plan	Requests/month	Per-minute cap	Backends
Free	300	10	3
Pro	3,500	60	10
Max	10,000	200	20

When the limit is exceeded, the response looks like this:

{  "error": "rate_limit_exceeded",  "message": "Monthly limit of 300 requests reached. Upgrade to Pro for 3,500 requests.",  "reset_at": "2026-05-01T00:00:00Z",  "upgrade_url": "https://zephex.dev/pricing"}

Property

Value

URL

https://zephex.dev/mcp

Method

POST

Protocol

JSON-RPC 2.0 over Streamable HTTP

Content-Type

application/json

Auth

Authorization: Bearer YOUR_API_KEY

curl -X POST https://zephex.dev/mcp \ -H "Authorization: Bearer YOUR_API_KEY" \ -H "Content-Type: application/json" \ -d '{ "jsonrpc": "2.0", "id": 1, "method": "tools/call", "params": { "name": "get_project_context", "arguments": { "path": "/path/to/repo" } } }'

const response = await fetch('https://zephex.dev/mcp', { method: 'POST', headers: { 'Authorization': 'Bearer YOUR_API_KEY', 'Content-Type': 'application/json', }, body: JSON.stringify({ jsonrpc: '2.0', id: 1, method: 'tools/call', params: { name: 'get_project_context', arguments: { path: '/path/to/repo' } } })}) const data = await response.json()console.log(data.result.content[0].text)

import requests response = requests.post( 'https://zephex.dev/mcp', headers={ 'Authorization': 'Bearer YOUR_API_KEY', 'Content-Type': 'application/json', }, json={ 'jsonrpc': '2.0', 'id': 1, 'method': 'tools/call', 'params': { 'name': 'get_project_context', 'arguments': {'path': '/path/to/repo'} } })print(response.json()['result']['content'][0]['text'])

Code

Meaning

400

Malformed JSON-RPC request or invalid arguments

401

Invalid or missing API key

429

Rate limit exceeded for your plan or tier

500

Internal server error

Plan

Requests/month

Per-minute cap

Backends

Free

300

Pro

3,500

Max

10,000

200

{ "error": "rate_limit_exceeded", "message": "Monthly limit of 300 requests reached. Upgrade to Pro for 3,500 requests.", "reset_at": "2026-05-01T00:00:00Z", "upgrade_url": "https://zephex.dev/pricing"}