How to Deploy

Deploying an MCP server on Vinkius Cloud means taking an existing API, a spec file, or even plain text knowledge — and making it discoverable and callable by AI models. The platform handles runtime, authentication, protocol translation, and governance. You focus on what the server exposes; Vinkius Cloud handles everything else.

The entire deployment process takes less than 60 seconds regardless of which mode you choose.

THREE PATHS
Spec. Code. Knowledge.
Choose your starting point.
Every deployment starts from the same wizard — Servers → Create Server — and branches based on how your tools are defined.

The deployment wizard

VINKIUS CLOUD SETUP
Deploy MCP Server.
How would you like to configure your server?
OpenAPI / Swagger
One URL in, every tool out. Auto-discovers endpoints and generates MCP tools instantly.
Auto-generates toolsMCP annotations
Manual API
Start from scratch. Name your server, set the base URL, and add endpoints when you are ready.
Agent Skills
Define reusable knowledge and instructions that AI agents can discover and follow.
Progressive disclosureSKILL.md standard

The wizard adapts based on the mode you select. Each mode has a dedicated guide with step-by-step instructions and screenshots:

Choosing a deployment mode

O
OPENAPI IMPORT
From spec to tools in 60 seconds
Paste an OpenAPI or Swagger spec URL. The platform reads it, auto-discovers every endpoint, generates MCP tool descriptions with parameter schemas, and assigns semantic annotations (read-only, destructive, idempotent).
BEST FOR
REST APIs with a published OpenAPI/Swagger specification — Stripe, Twilio, any service with a public .yaml or .json spec.
Full guide →
M
MANUAL API
Full control, no spec needed
Name your server, provide a base URL, and configure authentication. You define endpoints individually — each one becomes an MCP tool that AI models can invoke.
BEST FOR
Internal APIs without a public spec, custom endpoints, or services where you want to expose only specific routes rather than the entire surface area.
Full guide →
S
AGENT SKILLS
Knowledge blocks, no API required
Write procedures, playbooks, FAQs, and decision trees as text. AI agents discover them through progressive disclosure — calling a skill returns structured knowledge the model can act on.
BEST FOR
Operational knowledge, support playbooks, onboarding guides, and any structured text that AI agents should follow — without needing an API backend.
Full guide →

Quick comparison

OpenAPI ImportManual APIAgent Skills
InputSpec URLBase URL + endpointsText content
Tool generationAutomaticManual per-endpointAutomatic per-skill
Auth configDuring wizardDuring wizardNot required
Best forPublished REST APIsInternal/partial APIsKnowledge & procedures
Time to deploy~30 seconds~2 minutes~1 minute
PROVISIONING
What happens when
you hit Deploy.

The deployment lifecycle

When you click Deploy, the platform executes a provisioning pipeline that transforms your input — whether it's a spec URL, an API config, or skill text — into a running MCP server. Here's what happens in sequence:

01
Spec parsing and validation
For OpenAPI deployments, the platform fetches your spec, validates syntax and schema, resolves $ref references, and extracts endpoint metadata. For Manual API, it validates your base URL and auth configuration. For Skills, it parses SKILL.md structure.
02
Tool generation
Each endpoint or skill becomes an MCP tool with a structured name, description, and input schema derived from your spec's parameters and request bodies. The platform also assigns semantic annotations — marking GET endpoints as read-only, DELETE as destructive, and inferring idempotency from HTTP verbs.
03
Credential encryption
If you configured authentication (Bearer token, Basic Auth, or Custom Header), the credentials are encrypted at rest and stored in the server's vault. They are decrypted only at request time, injected into the upstream request, and never written to logs or exposed in the Dashboard.
04
Governance auto-setup
The Egress Firewall activates automatically. DLP (Data Loss Prevention) scans are enabled by default — every response will be inspected for PII before reaching AI models. FinOps Guard sets an initial payload budget. SSRF protection blocks internal network requests from the upstream API.
05
V8 Isolate provisioning
The server is deployed into a V8 Isolate sandbox — the same technology that powers Cloudflare Workers. Each server has its own isolated memory, no shared state between servers, and zero cold-start latency. The connection token is generated and the MCP URL becomes live immediately.

Automatic governance

Every deployment activates a set of security and governance features by default. You don't need to configure them — they're part of the platform:

● DLP
Data Loss Prevention
Scans every API response for PII — emails, phone numbers, credit card numbers, social security numbers — and redacts them in-place before the data reaches the AI model. The Dashboard tracks total redactions.
FINOPS
FinOps Guard
Enforces a payload size budget. When an API response exceeds the threshold, FinOps Guard truncates it to prevent the AI model from wasting tokens parsing excessively large payloads.
SSRF
SSRF Protection
Blocks requests to private IP ranges, localhost, and internal cloud metadata endpoints. This prevents a malicious upstream API from using the platform as a proxy to scan your internal network.
AUDIT
Audit logging
Every deployment, configuration change, token generation, and tool invocation is recorded. The Audit Logs tab on each server shows the full history — who changed what, and when.

Customize after deployment

All governance features can be fine-tuned after deployment. Toggle DLP on or off per server, adjust FinOps thresholds, or enable TOON compression from the server's Settings tab. See Security and Governance for details.

FOR DEVELOPERS
Build with Vurb.ts.
Deploy with one command.
If you're building custom MCP servers with code, Vurb.ts is the open-source TypeScript framework — and it ships with a direct deployment path to Vinkius Cloud.

Deploying from code with vurb deploy

Vurb.ts is the open-source TypeScript framework for building MCP servers. When your server is ready for production, a single CLI command deploys it to Vinkius Cloud:

bash
npx vurb deploy

This command:

  1. Bundles your server into a self-contained Fat Bundle (IIFE format) — all dependencies (Zod, MCP SDK, your tools) are included.
  2. Compresses the bundle with gzip and computes a content hash for integrity verification.
  3. Uploads the bundle to Vinkius Cloud Edge, where it runs in a V8 Isolate — the same runtime used by all other deployment modes.

The CLI reads configuration from .vurbrc in your project root:

json
{
  "remote": "https://cloud.vinkius.com",
  "serverId": "srv_abc123"
}

Set your deploy token as an environment variable — typically in CI:

bash
export VURB_DEPLOY_TOKEN=tok_xxxx
npx vurb deploy

When to use vurb deploy vs. the Dashboard

Use the Dashboard's wizard (OpenAPI Import, Manual API, Agent Skills) when you want to deploy without writing code — the platform generates the MCP server for you. Use vurb deploy when you've built a custom server with Vurb.ts and want full control over tool logic, middleware, presenters, and the MCP lifecycle. Both paths end up running in the same V8 Isolate runtime with the same governance features.

What makes this different

Unlike the Dashboard wizard modes, vurb deploy gives you access to the entire Vurb.ts ecosystem:

Custom middleware
Auth, rate limiting, logging, caching — middleware runs before every tool call, giving you full request lifecycle control.
Presenter layer
Shape tool responses for AI consumption — select fields, transform data, add context — separating business logic from AI presentation.
Governance lockfile
vurb.lock captures every tool's behavioral contract — SOC2-auditable, PR-diffable, and verifiable in CI.
DEPLOYMENT COMPLETE
Deployed. Connected.
Ready for traffic.

What happens after deployment

Every deployment ends with a success screen that gives you everything needed to connect AI clients immediately:

01
MCP URL
Your server's unique endpoint with the auth token embedded. Copy it and paste into any MCP client — the connection is live immediately.
02
Config JSON
A ready-to-paste JSON block formatted for Claude Desktop, VS Code, and other MCP clients. No manual formatting needed — just copy and paste into your client's config file.
03
Cursor deep link
One click opens Cursor and auto-configures the MCP connection. No copying, no pasting, no editing config files — the server is connected to your IDE in a single action.

Server quota

Each plan has a server limit. When you reach it, the wizard shows a message with a link to upgrade. See Settings and Billing for plan details.

Next steps

Frequently Asked Questions

What deployment methods does Vinkius Cloud support?

Vinkius Cloud offers three ways to deploy an MCP server: OpenAPI Import (paste a spec URL to auto-generate all tools), Manual API (connect any HTTPS endpoint and define tools individually), and Agent Skills (deploy text-based knowledge, procedures, and playbooks without any API backend).

How fast is the deployment process?

All three methods deploy in under 60 seconds. OpenAPI Import is the fastest: paste a spec URL, select auth, click Deploy. The server is live on the global edge with DLP, FinOps Guard, and HMAC-authenticated connection tokens already configured.

What happens behind the scenes when I click Deploy?

The platform provisions an isolated V8 sandbox, configures the security layer (AES-256 credential encryption, SSRF protection), activates data protection (DLP and FinOps Guard), and distributes the server to the global edge. You receive an MCP URL, a Config JSON block, and a connection token.

Can I mix deployment methods on the same account?

Yes. Each server is independent. You can have an OpenAPI-imported server for your public API, a Manual API server for internal tools, and an Agent Skills server for company policies — all managed from the same dashboard.

Do I need to redeploy when I add or change tools?

No. After the initial deployment, you can add new tools, edit existing ones, or toggle them on and off from the server detail page. Changes take effect immediately without any redeployment or downtime.

What security features are included with every deployment?

Every server automatically includes DLP (PII redaction for emails, SSNs, credit cards, phone numbers), FinOps Guard (smart array truncation to reduce token consumption), SSRF protection (blocks requests to private networks), and AES-256 credential encryption with runtime-only decryption.