Official MCP server for Brilliant Directories — manage members, posts, leads, reviews, and more.
Config is the same across clients — only the file and path differ.
{
"mcpServers": {
"brilliant-directories": {
"url": "https://brilliantmcp.com",
"headers": {
"X-Api-Key": "ENTER_API_KEY",
"X-BD-Site-URL": "https://www.your-site.com"
}
}
}
}Are you the author?
Add this badge to your README to show your security score and help users find safe servers.
Universal AI integration for your BD site. Give any AI agent full access to your Brilliant Directories site with one API key.
Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.
npx -y 'ENOENT' 2>&1 | head -1 && echo "✓ Server started successfully"
After testing, let us know if it worked:
Five weighted categories — click any category to see the underlying evidence.
No known CVEs.
Checked ENOENT against OSV.dev.
Be the first to review
Have you used this server?
Share your experience — it helps other developers decide.
Sign in to write a review.
Others in productivity
Dynamic problem-solving through sequential thought chains
Persistent memory using a knowledge graph
mini cli search engine for your docs, knowledge bases, meeting notes, whatever. Tracking current sota approaches while being all local
Official Notion MCP Server
MCP Security Weekly
Get CVE alerts and security updates for io.github.brilliantdirectories/brilliant-directories-mcp and similar servers.
Start a conversation
Ask a question, share a tip, or report an issue.
Sign in to join the discussion.
Universal AI integration for your BD site. Give any AI agent full access to your Brilliant Directories site with one API key.
Manage members, posts (single-image and multi-image), leads, reviews, top and sub categories, email templates, pages (homepage, landing pages), 301 redirects, smart lists, widgets, menus, forms, tags, membership plans, and more — across every resource BD exposes via its REST API.
This guide walks you through connecting your AI of choice (Claude, Cursor, etc.) to your BD site. Pick your AI app below, paste two things, restart. Most setups take under 5 minutes.
Your BD site URL. Use the full canonical URL exactly as it loads in a browser — include https:// (or http:// if your site has no SSL), include www. if your site uses it, no trailing slash.
https://www.mysite.com (most BD sites)https://mysite.com (only if your site has no www.)http://mysite.com (HTTP-only sites — protocol respected)mysite.com (missing protocol)https://mysite.com/ (trailing slash)https://mysite.com if the site actually serves at www.mysite.com — use the form your site canonically responds atYour BD API key.
BD Admin → Developer Hub → Generate API Key → copy it.
Node.js — only for the Advanced path (see below). Not needed for the Easy path. If you need it, one-time install from nodejs.org (click Get Node.js® to download, then click Windows Installer (.msi) — Mac: macOS Installer — double-click the downloaded file to install, Next through the prompts).
New BD API keys ship locked down — only member read/write is enabled by default.
Every other resource (web pages, forms, menus, tags, email templates, reviews, leads, categories, post types, widgets, etc.) lives behind an "Advanced Endpoints" toggle and returns 403 API Key does not have permission to access this endpoint until you flip it on.
This catches almost every first-time user. If your AI can list members but can't create a page or update a form, stop debugging — it's this.
Turn on Advanced Endpoints:
The change is immediate — no key rotation, no AI restart needed. Re-run the failed request and it'll succeed.
Want to stop the AI from deleting anything? Uncheck every
deleteaction under Advanced Endpoints. The AI will still be able to read, create, and update — but anydelete*tool call will return 403 instead of wiping data. Good baseline for production sites where the AI shouldn't be trusted with destructive operations.
Why BD locks it down by default: least-privilege. A leaked key with baseline-only permissions can only read/write members on your site, not rewrite your whole directory. Once you've decided which endpoints your agent actually needs, you can pare the permissions back down to just those.