Deploy & operate
Ship your server to a governed, identity-gated MCP URL. Environments, access modes, secrets, variables, and rollback.
Local development needs no account. When you are ready to share a server, sign in and deploy it to a governed, multi-tenant runtime.
noodle login
noodle deploynoodle deploy compiles your server, uploads the portable artifact, and prints an identity-gated MCP
URL that works across assistants. By default it deploys to your default org, uses the project name as
the app, and the prod environment.
Tenancy: org, app, env
Deployments live in an Org > App > Env > Deployment hierarchy, and hosted servers are served under a
path like /o/{org}/{app}/mcp. Use noodle link to bind a directory to a specific target, or pass
flags on deploy:
noodle link --org acme --app support --env prod
noodle deploy --org acme --app support --env stagingAccess modes
Every deployment has an access mode. It defaults to owner-only; change it at deploy time or later.
| Mode | Who can call it |
|---|---|
owner-only | Just you (default). |
org-members | Members of the org. |
authenticated | Any authenticated identity. |
customers | Your customers via a customer auth bridge. Alpha |
noodle deploy --access org-members
noodle access set org-members # change an existing deploymentSecrets and variables
Keep credentials and config out of server.ts. Author them as secret("NAME") / variable("NAME")
and set the values with the CLI, scoped to an org, app, or env.
noodle secrets set WEATHER_API_KEY --scope app --value "sk_..."
noodle variables set REGION --scope env --value "us-east-1"Secrets are encrypted at rest and resolved per tenant by the credential broker at call time. They never appear in manifests, logs, or artifacts.
Operate
noodle status # deployment status
noodle open # open the latest deployment URL
noodle inspect # hosted metadata (no secret material)
noodle smoke # hosted readiness diagnostics
noodle rollback <deploymentId> # roll back to a previous deploymentEject
noodle export manifest compiles your server locally and writes the portable manifest JSON, so you
are never locked in.
noodle export manifest --output manifest.jsonSee the CLI reference for every command and its flags.
Embed an assistant in your SaaS
Deploy a Noodle Seed assistant, exchange your existing signed-in user on the backend, and mount the published browser SDK without exposing credentials.
Analytics & observability
See how AI clients use your server — volume, sessions, latency percentiles, two-tier errors, per-tool usage — from the CLI and the console.