Guesty MCP Server
Guesty MCP Server lets MCP-compatible AI assistants connect to Guesty through a controlled, authenticated tool interface. It is designed for customers and partners who want assistants such as Cursor or Claude Desktop to help retrieve and reason about Guesty data they are authorized to access.
Beta — read-only: Guesty MCP Server is currently in beta. During this beta, the server exposes read endpoints only — assistants can look up and summarize data, but cannot create, update, or delete Guesty records. Tool coverage, schemas, and availability may change before general availability.
Overview
The server exposes supported Guesty capabilities as Model Context Protocol tools. Assistants do not receive unrestricted API access; they can only call tools made available by the MCP server and authenticated with your Guesty API credentials.
During the beta, all exposed tools are read-only — they map to Guesty GET operations for retrieving data. Write operations (create, update, delete) are not available through the MCP server in this phase.
Typical use cases include:
- Looking up supported Guesty records from an assistant.
- Summarizing reservation, listing, or guest information.
- Helping investigate operational questions using authorized Guesty data.
- Reducing manual lookups while keeping API credentials out of chat prompts.
Hosted Endpoint
https://mcp.guesty.com/v1Getting A Guesty Token
Before connecting, you need a Guesty API bearer token. You can obtain one by exchanging your Guesty OAuth client credentials for an access token.
Token Exchange
curl -s -X POST https://open-api.guesty.com/oauth2/token \
-H "Content-Type: application/x-www-form-urlencoded" \
-d "grant_type=client_credentials" \
-d "client_id=your-client-id" \
-d "client_secret=your-client-secret" \
-d "scope=open-api"Successful response:
{
"token_type": "Bearer",
"access_token": "eyJ...",
"expires_in": 86400
}Use the access_token value as your bearer token. Tokens expire after expires_in seconds (typically 24 hours). Request a new token before it expires.
Your client_id and client_secret are available from your Guesty account under API access or integration settings. Do not share them — they are used only to obtain tokens and should never appear in MCP client configuration or assistant conversations.
Connect Your MCP Client
Choose the setup that matches your MCP client.
Cursor
Cursor supports an Authorization header in mcp.json. Set it once and the agent never needs to see or handle your token:
{
"mcpServers": {
"guesty": {
"url": "https://mcp.guesty.com/v1",
"headers": {
"Authorization": "Bearer your-guesty-token"
}
}
}
}The server reads the token from the header when the MCP session is initialized. Each session is isolated — one customer's token never affects another session.
After saving, restart Cursor and verify the Guesty server appears as connected in Cursor Settings → MCP.
Claude Desktop And Other MCP Clients
Claude Desktop and most other MCP clients do not support a headers field in their config. Use the set_token tool instead:
- Add the server URL with no auth config:
{
"mcpServers": {
"guesty": {
"url": "https://mcp.guesty.com/v1"
}
}
}- After connecting, tell the assistant your token in the conversation:
My Guesty token is eyJ... — please authenticate- The assistant calls the
set_tokentool on your behalf, which stores the token for the current session. All subsequent Guesty tool calls in that session use it automatically.
Note: you will need to repeat this once per session unless your client persists conversation context across sessions.
How The Server Uses The Token
When a token is supplied via Authorization header, the server binds it to the MCP session at initialization time. When supplied via set_token, it is stored immediately and used for the remainder of the session.
All Guesty API calls made by the server in that session use the token bound to that session. Sessions are isolated from each other.
Managed Deployments
For dedicated deployments where Guesty provisions credentials server-side, customers connect with only the URL and no token configuration is needed on the client side:
{
"mcpServers": {
"guesty": {
"url": "https://mcp.guesty.com/v1"
}
}
}Contact Guesty to set up a managed deployment.
How To Use
Once connected and authenticated, ask your assistant questions about supported Guesty data. The assistant discovers the available Guesty tools from the MCP server and calls the appropriate tool when your request requires Guesty data.
Example prompts:
- "Find the reservation for confirmation code ABC123."
- "Summarize this guest's current booking details."
- "Look up the property details for this listing."
The exact tools and fields available depend on your account permissions and the current beta tool coverage. Requests that would require a write operation are not supported in this beta.
Security Notes
- Keep your Guesty bearer token secure. It grants API access to your Guesty account.
- Prefer the
headersapproach (Cursor) so the token is never visible in chat. - If using
set_token, avoid pasting tokens in shared or recorded sessions. - Do not pass tokens as URL query parameters. Query parameters are commonly logged by proxies and gateways.
- Rotate credentials according to your organization's security policy.
Beta Status
Guesty MCP Server is currently beta software.
- Read-only in beta: only read (GET) endpoints are exposed. Assistants cannot create, update, or delete Guesty data through the MCP server during this phase.
- Tool coverage is limited and may expand over time, including write operations in a future release.
- Tool names, parameters, and responses may change before general availability.
- Hosted service availability may be subject to beta support limitations.
- A full OAuth 2.0 authorization flow (no manual token handling) is planned for general availability.
Licensing
Unless Guesty publishes a separate license for this package, Guesty MCP Server is proprietary Guesty software. Use is subject to your agreement with Guesty and any terms that apply to the beta program.
Updated about 12 hours ago