Last updated: July 10, 2026
Cursor's OAuth flow doesn't complete with many remote MCP servers — it opens the resource URL and shows “unauthorized”. Milago supports API-key auth that connects reliably in Cursor (and in headless cloud agents): generate a key, add one JSON block, and Cursor can search your meetings, read summaries, and manage tasks. No browser sign-in.
mk_live_… value — it is shown once. API keys are available on any paid plan, including Starter.{
"mcpServers": {
"milago": {
"url": "https://milago.ai/api/mcp",
"headers": {
"Authorization": "Bearer mk_live_YOUR_KEY_HERE"
}
}
}
}The endpoint is Milago's hosted MCP server (Streamable HTTP) at https://milago.ai/api/mcp. Authentication is just the Authorization: Bearer mk_live_… header — which is why the same config works in Cursor's headless cloud agents and in CI, where an OAuth browser flow is impossible.
Cursor gets the same nine Milago tools as every MCP client: search_meetings, get_meeting_summary, search_knowledge, get_pending_tasks, get_sprint_tasks, get_design_feedback, create_task, update_task_status, log_completion. In practice that means: search meetings and extracted knowledge, pull a full meeting summary into your editor context, list pending tasks, read the kanban board, create tasks, update task status, and log completed work back to Milago. Full tool descriptions and example prompts are on the Claude integration page — the tool set is identical.
Milago's MCP endpoint supports OAuth sign-in, and clients with a working OAuth flow (like Claude and Claude Code) should use it — one URL, no key to manage. Cursor's OAuth handshake for remote MCP servers, however, is unreliable: it opens the resource URL instead of the login page and reports “unauthorized”. Rather than leave Cursor users stuck, Milago issues personal API keys so the connection is deterministic. If Cursor's OAuth fixes land later, the OAuth path will already work — the endpoint accepts both.
Milago is an AI notetaker: send its bot to Zoom, Google Meet, or Microsoft Teams calls — or record locally in the browser, the desktop app, or mobile — and it transcribes the meeting and extracts summaries, tasks, decisions, and knowledge. See the full MCP setup guide for troubleshooting, or pricing for plans.
Cursor's OAuth handshake for remote MCP servers is unreliable — it often opens the resource URL instead of a login page and shows "unauthorized". An API key in the Authorization header skips the browser handshake entirely, so the connection works on the first try. Claude, whose OAuth flow works well, connects with plain OAuth instead — see milago.ai/integrations/claude.
Any paid plan, including Starter. API keys are generated in Milago under Settings → API Keys; the Free plan cannot generate keys, but you can upgrade anytime on the pricing page.
Yes. In Milago, open Settings → API Keys and revoke the key — it stops working immediately (requests using it get a 401). You can generate a new key at any time and update the header in Cursor.
Yes — that is the point of header-based auth. Headless environments (Cursor background/cloud agents, CI pipelines, any MCP client that cannot open a browser) cannot complete an OAuth sign-in, but they can send an Authorization header. The same URL + Bearer key works everywhere.
No. Milago never uses your data for AI training. Data is encrypted in transit with TLS and API keys are hashed with SHA-256; you own your data and can export or delete it anytime.