Setup in Cursor
Before configuring, choose a distribution (Docker or npm) and set up authentication (API key or OAuth 2.0). Then add the matching configuration below.
Axe MCP server can be added at either the project or global level:
- Project-level: Create a file at
.cursor/mcp.jsonin your project's root directory - Global-level: Open Cursor settings, go to Features > MCP, and click Add New MCP Server. This will open your global configuration file.
If you already have other servers defined, add the axe-mcp-server block inside the existing mcpServers object.
Docker
API key
One-click install
Click the link below to install the axe MCP server directly in Cursor:
Install axe MCP server in Cursor
Cursor will prompt you to confirm the installation. Alternatively, follow the manual setup below.
Manual setup
{
"mcpServers": {
"axe-mcp-server": {
"command": "docker",
"args": [
"run",
"--add-host=host.docker.internal:host-gateway",
"-i",
"--rm",
"-e",
"AXE_SERVER_URL",
"-e",
"AXE_API_KEY",
"dequesystems/axe-mcp-server:latest"
],
"env": {
"AXE_API_KEY": "${env:AXE_API_KEY}"
}
}
}
}The configuration uses "AXE_API_KEY": "${env:AXE_API_KEY}" for secure input handling. The ${env:AXE_API_KEY} syntax instructs Cursor to pull the value from your system variables. For more information, see the Cursor MCP documentation.
Using a regional, private cloud, or on-premises axe instance? Add AXE_SERVER_URL to the env block with your instance's base URL:
"env": {
"AXE_API_KEY": "${env:AXE_API_KEY}",
"AXE_SERVER_URL": "https://your-axe-instance.example.com"
}If omitted, the server defaults to https://axe.deque.com (Deque's shared US SaaS instance). See Configuration Reference for details.
OAuth 2.0
Before configuring, complete Step 1: Authenticate in the Authentication guide.
This uses @deque/axe-auth token to obtain a fresh access token each time the server starts.
{
"mcpServers": {
"axe-mcp-server": {
"command": "sh",
"args": [
"-c",
"docker run --add-host=host.docker.internal:host-gateway -i --rm -e \"AXE_ACCESS_TOKEN=$(npx -y @deque/axe-auth token)\" dequesystems/axe-mcp-server:latest"
]
}
}
}Using a regional, private cloud, or on-premises axe instance? Add AXE_SERVER_URL to the Docker command and an env block with your instance's base URL:
"args": [
"-c",
"docker run --add-host=host.docker.internal:host-gateway -i --rm -e AXE_SERVER_URL -e \"AXE_ACCESS_TOKEN=$(npx -y @deque/axe-auth token)\" dequesystems/axe-mcp-server:latest"
],
"env": {
"AXE_SERVER_URL": "https://your-axe-instance.example.com"
}If omitted, the server defaults to https://axe.deque.com (Deque's shared US SaaS instance). See Configuration Reference for details.
This configuration uses sh -c to allow shell substitution. $(npx -y @deque/axe-auth token) runs at server startup and injects a valid access token into the Docker container. The -y flag skips the first-run "Ok to proceed?" prompt that npx would otherwise ask in a non-interactive shell. Do not set AXE_API_KEY alongside AXE_ACCESS_TOKEN.
Windows users: This configuration uses a POSIX shell (sh) and command substitution ($(...)), which is not available in cmd.exe or PowerShell by default. Run your editor from a Git Bash or WSL shell so that sh is on your PATH.
npm
The npm distribution runs on Node.js. Use an active Node.js LTS release — older releases may not be supported.
The npm distribution needs a Chromium browser — either install one via Playwright or point at an existing binary. See Choosing a Distribution.
API key
Create a .cursor/mcp.json file in your project's root directory (project-level) or add the server through Cursor's global MCP settings:
{
"mcpServers": {
"axe-mcp-server": {
"command": "npx",
"args": ["-y", "axe-mcp-server"],
"env": {
"AXE_API_KEY": "your-api-key-here"
}
}
}
}Your configuration contains a credential in its env block. Project-level files like .cursor/mcp.json live in your repository — add them to .gitignore, or keep credentials in your global configuration instead.
OAuth 2.0
OAuth 2.0 is supported with the npm distribution as well — set AXE_ACCESS_TOKEN instead of AXE_API_KEY, injecting a fresh token from @deque/axe-auth token at startup. See Authentication for the full flow.
Set either AXE_API_KEY or AXE_ACCESS_TOKEN — not both. The server will fail at startup if both variables are set.
Usage and verification
Once added, the status indicator in Cursor Settings should show that the server is running:
- Open Cursor Settings
- Go to Features > MCP
- You should see axe-mcp-server listed under Installed MCP Servers with the analyze, remediate, and igt tools available.
For recommended custom instructions that guide Cursor through the analyze-then-remediate workflow, see Configuring Your AI Agent.
