MCP (Model Context Protocol) is a protocol that enables LLMs to access custom tools and services. An MCP client (Cascade, in this case) can make requests to MCP servers to access tools that they provide. Cascade now natively integrates with MCP, allowing you to bring your own selection of MCP servers for Cascade to use. See the official MCP docs for more information.

Enterprise users must manually turn this on via settings

Adding a new MCP plugin

New MCP plugins can be added by going to the Settings > Tools > Windsurf Settings > Add Server section.

If you cannot find your desired MCP plugin, you can add it manually by clicking View Raw Config button and editing the raw mcp_config.json file.

When you click on an MCP server, simply click + Add Server to expose the server and its tools to Cascade.

Cascade supports two transport types for MCP servers: stdio and /sse.

For /sse servers, the URL should reflect that of the endpoint and resemble https://<your-server-url>/sse.

Make sure to press the refresh button after you add a new MCP plugin.

mcp_config.json

The ~/.codeium/mcp_config.json file is a JSON file that contains a list of servers that Cascade can connect to.

The JSON should follow the same schema as the config file for Claude Desktop.

Here’s an example configuration, which sets up a single server for Google Maps:

{
  "mcpServers": {
    "google-maps": {
      "command": "npx",
      "args": [
        "-y",
        "@modelcontextprotocol/server-google-maps"
      ],
      "env": {
        "GOOGLE_MAPS_API_KEY": "<YOUR_API_KEY>"
      }
    }
  }
}

Be sure to provide the required arguments and environment variables for the servers that you want to use.

See the official MCP server reference repository or OpenTools for some example servers.

Notes

  • Since MCP tool calls can invoke code written by arbitrary server implementers, we do not assume liability for MCP tool call failures. To reiterate:
  • We currently only support tools, not prompts nor resources. In other words, Cascade will be able to request and use a server’s tools, but not the other endpoints that a server exposes.