by longbridge
# Add to your Claude Code skills
git clone https://github.com/longbridge/longbridge-mcpGuides for using mcp servers skills like longbridge-mcp.
Last scanned: 5/30/2026
{
"issues": [],
"status": "PASSED",
"scannedAt": "2026-05-30T17:05:34.454Z",
"npmAuditRan": true,
"pipAuditRan": true
}longbridge-mcp is an open-source mcp servers skill for AI coding assistants such as Claude Code, Codex CLI, and ChatGPT, built by longbridge. It has 7 GitHub stars.
Yes. longbridge-mcp passed SkillsLLM's automated security scan — a dependency vulnerability audit plus prompt-injection heuristics — with no high-severity issues. You can read the full report in the Security Report section on this page.
Clone the repository with "git clone https://github.com/longbridge/longbridge-mcp" and add it to your Claude Code skills directory (see the Installation section above).
longbridge-mcp is primarily written in Rust. It is open-source under longbridge on GitHub, so you can review or fork the full source.
Yes. SkillsLLM lists many other MCP Servers skills you can browse and compare side by side. Open the MCP Servers category from the badge at the top of this page, or use the Related Skills and comparison links further down to weigh longbridge-mcp against similar tools.
No comments yet. Be the first to share your thoughts!
Top skills in this category by stars
Official MCP server for the Longbridge brokerage. 145 tools across real-time quotes, options, order routing, fundamentals, analyst ratings, calendars, IPO, price alerts, DCA plans, portfolio analytics and community sharelists — covering US and HK markets. Built with Rust using rmcp and axum.
Longbridge operates a hosted endpoint at https://openapi.longbridge.com/mcp, so most users don't need to run their own server — just point your MCP client at it and complete OAuth when prompted. Authorization is auto-discovered via RFC 9728.
Add to ~/Library/Application Support/Claude/claude_desktop_config.json (macOS) or the equivalent on your OS:
{
"mcpServers": {
"longbridge": {
"url": "https://openapi.longbridge.com/mcp"
}
}
}
Restart Claude Desktop. On first tool invocation it will open a browser to complete the Longbridge OAuth flow.
claude mcp add --transport http longbridge https://openapi.longbridge.com/mcp
Add to your Zed settings.json (open with zed: open settings):
{
"context_servers": {
"longbridge": {
"url": "https://openapi.longbridge.com/mcp"
}
}
}
On first use, Zed will open a browser to complete the Longbridge OAuth flow.
Point the client at https://openapi.longbridge.com/mcp using transport streamable-http. OAuth is auto-discovered via RFC 9728; no manual token required.
Prefer running your own instance? Use Docker or build from source.
docker run -p 8443:8443 \
-v /path/to/certs:/certs:ro \
ghcr.io/longbridge/longbridge-mcp \
--bind 0.0.0.0:8443 \
--base-url https://mcp.example.com \
--tls-cert /certs/cert.pem \
--tls-key /certs/key.pem
Important: When deploying to a public network, you must set
--base-urlto the externally reachable URL of your server (e.g.https://mcp.example.com). This URL is returned in the OAuth protected resource metadata and used by MCP clients to discover the authorization server. If not set, it defaults tohttp://localhost:{port}which will not work for remote clients.
cargo build --release
./target/release/longbridge-mcp
Create a config file at ~/.longbridge/mcp/config.json (optional):
{
"bind": "127.0.0.1:8000",
"base_url": "https://mcp.example.com",
"log_dir": "/var/log/longbridge-mcp"
}
| Option | Config Key | CLI Flag | Default | Description |
|---|---|---|---|---|
| Bind address | bind |
--bind |
127.0.0.1:8000 |
HTTP server listen address |
| Base URL | base_url |
--base-url |
auto | Public base URL for resource metadata |
| Log directory | log_dir |
--log-dir |
(stderr) | Directory for rolling log files |
| TLS certificate | tls_cert |
--tls-cert |
(none) | PEM certificate file for HTTPS |
| TLS private key | tls_key |
--tls-key |
(none) | PEM private key file for HTTPS |
CLI arguments override config file values. The config file is read from ~/.longbridge/mcp/config.json (override with LONGBRIDGE_MCP_CONFIG_DIR).
When tls_cert and tls_key are both set, the server runs HTTPS. Otherwise it falls back to HTTP. The base_url defaults to https://localhost:{port} with TLS or http://localhost:{port} without.
These are advanced settings — most users do not need to change them. They are primarily useful for connecting to non-production Longbridge environments or debugging SDK internals.
| Variable | Default | Description |
|---|---|---|
LONGBRIDGE_MCP_CONFIG_DIR |
~/.longbridge/mcp |
Config file directory |
LONGBRIDGE_HTTP_URL |
https://openapi.longbridge.com |
Longbridge API base URL (also used for OAuth metadata) |
LONGBRIDGE_QUOTE_WS_URL |
wss://openapi-quote.longbridge.com/v2 |
Quote WebSocket endpoint |
LONGBRIDGE_TRADE_WS_URL |
wss://openapi-trade.longbridge.com/v2 |
Trade WebSocket endpoint |
LONGBRIDGE_LOG_PATH |
(none) | SDK internal log path |
The server expects a Longbridge OAuth access token in the Authorization: Bearer <token> header. On missing or invalid auth, it returns 401 with a WWW-Authenticate header pointing to the protected resource metadata endpoint, which in turn directs MCP clients to the Longbridge OAuth authorization server.
The one-liner in Connect → Claude Code gets you connected. Below are the extra commands you'll reach for while developing against this server.
# Hosted — use this unless you have a reason not to
claude mcp add --transport http longbridge https://openapi.longbridge.com/mcp
# Local self-hosted instance (see Self-hosting above)
claude mcp add --transport http longbridge-local http://localhost:8000/mcp
# Inspect
claude mcp list # registered servers
claude mcp get longbridge # config + auth status of one server
claude mcp remove longbridge # unregister
# Re-trigger OAuth (e.g. after token revocation on the Longbridge side)
claude mcp logout longbridge
On the first tool invocation, Claude Code reads the WWW-Authenticate challenge from the server, fetches /.well-known/oauth-protected-resource (RFC 9728), and opens your browser for the Longbridge OAuth flow. Access tokens are cached per-session and refreshed automatically.
| Method | Path | Description |
|---|---|---|
| GET | /.well-known/oauth-protected-resource |
Protected Resource Metadata (RFC 9728) |
| GET | /metrics |
Prometheus metrics |
| POST/GET/DELETE | /mcp |
MCP Streamable HTTP endpoint (requires Bearer token) |
| Category | Count | Description |
|---|---|---|
| Quote | 32 | Real-time and historical quotes, candlesticks, depth, brokers, options, warrants, watchlists, capital flow, market temperature, short positions, option volume |
| Trade | 14 | Order submission/cancellation/replacement, positions, balance, executions, cash flow, margin |
| Fundamental | 19 | Financial statements, business segments, institutional views, industry peers, earnings snapshot, dividends, EPS forecasts, valuations, company info, shareholders, corporate actions |
| Market | 10 | Market status, industry rank, broker holdings, A/H premium, trade statistics, anomalies, index constituents |
| IPO | 8 | IPO subscriptions, calendar, listed stocks, order detail, profit/loss analysis |
| Content | 8 | News, discussion topics, filing details |
| DCA | 9 | Dollar-cost averaging plan create/update/pause/resume/stop, execution history, statistics, and support check |
| Sharelist | 8 | Community sharelist CRUD, member add/remove/sort, popular lists |
| Alert | 5 | Price alert CRUD (add, delete, enable, disable, list) |
| ATM | 3 | Bank cards, withdrawal records, deposit records |
| Portfolio | 3 | Exchange rates, profit/loss analysis with optional date range |
| Search | 2 | News search, community topic search |
| Statement | 2 | Account statement listing and export |
| Calendar | 1 | Finance calendar events (earnings, dividends, IPOs, macro data, market closures) |
| Utility | 1 | Current UTC time |
| Metric | Type | Description |
|---|---|---|
mcp_tool_calls_total |
Counter | Total tool invocations (label: tool_name) |
mcp_tool_call_duration_seconds |
Histogram | Tool call latency (label: tool_name) |
mcp_tool_call_errors_total |
Counter | Tool call error count (label: tool_name) |
src/
main.rs