Overview
The Sales Layer MCP Server can be used with any client that supports the Model Context Protocol and can connect to remote MCP servers securely.
This article explains the general configuration values to use when connecting Sales Layer to MCP-compatible clients that do not have a dedicated Sales Layer setup guide.
Note: Before following this article, check whether there is already a specific Sales Layer article for your client, such as Claude Web, Claude Desktop, Microsoft Copilot Studio, ChatGPT, Cursor, VS Code, Google Gemini, or n8n. Client-specific articles should be followed first.
Before you start
Before connecting another MCP-compatible client to Sales Layer, make sure you have:
- An MCP-compatible client that supports remote MCP servers or local MCP server configuration.
- Support for OAuth 2.0 with PKCE if you are using the remote Sales Layer MCP Server.
- Access to the Sales Layer catalog you want to use.
- Your Sales Layer Catalog Token.
- Permission from your organization to connect external AI tools to your product catalog data.
At the moment, the Catalog Token is not obtained from an API/Tokens section inside the Sales Layer PIM. To get it, contact Sales Layer Support or your Sales Layer account representative.
Warning: Do not paste your Sales Layer Catalog Token as a bearer token or API key in a remote MCP client. For the remote MCP Server, the Catalog Token is entered in the Sales Layer authorization screen during the OAuth flow.
Choose the connection type
MCP clients can connect to Sales Layer in different ways depending on what the client supports.
| Connection type | Use it when | Authentication |
|---|---|---|
| Remote MCP Server | Your client can connect directly to a remote MCP server URL. | OAuth 2.0 with PKCE. |
| Remote MCP through local bridge | Your client supports local command-based MCP servers but does not support remote OAuth directly. | Browser authorization flow started by the local bridge. |
| Local MCP package | Your client supports local MCP packages, such as Claude Desktop extensions. | Catalog Token entered during local package setup. |
| Direct REST API | Your workflow does not need MCP tools and only needs fixed API calls. | X-API-KEY header. |
If your client supports remote MCP with OAuth 2.0 and PKCE, use the remote MCP Server option. If it does not, check whether a local bridge or local package is supported.
Choose the access mode
Use the access mode that matches what the MCP client should be allowed to do with your Sales Layer catalog.
| Mode | Server URL | Use it when |
|---|---|---|
| Default remote connection | https://mcp.saleslayer.com/mcp | You want to use the standard Sales Layer MCP endpoint. |
| Read-only | https://mcp.saleslayer.com/onlyread/mcp | The client only needs to inspect, query, or analyze catalog data. |
| Full access | https://mcp.saleslayer.com/full/mcp | The client needs to create or update Sales Layer data through MCP tools. |
For most first-time setups, start with Read-only. Use Full access only for trusted workflows where the AI client is expected to modify catalog data.
Option 1: Connect using a remote MCP Server URL
Use this option when the client supports remote MCP servers and OAuth 2.0 with PKCE.
- Open your MCP-compatible client.
- Go to the section for tools, connectors, extensions, agents, or MCP servers.
- Add a new MCP server.
- Enter a clear server name, for example Sales Layer MCP.
- Enter the Sales Layer MCP Server URL.
- Select OAuth 2.0 if the client asks for an authentication method.
- Use Dynamic discovery if the client supports it.
- Save or connect the server.
Use this URL for the standard remote setup:
https://mcp.saleslayer.com/mcp
Manual OAuth values
If the client does not support Dynamic discovery and asks for manual OAuth values, use the following configuration:
| Field | Value |
|---|---|
| Authorization URL | https://mcp.saleslayer.com/oauth/authorize |
| Token URL | https://mcp.saleslayer.com/oauth/token |
| Registration URL | https://mcp.saleslayer.com/oauth/register |
| Discovery URL | https://mcp.saleslayer.com/.well-known/oauth-authorization-server |
| Protected resource metadata | https://mcp.saleslayer.com/.well-known/oauth-protected-resource |
| Grant type | Authorization Code with PKCE |
| Code challenge method | S256 |
| Client secret | Leave empty unless your client requires a value generated during dynamic registration. |
| Scope | Leave empty unless your client requires a value. |
Note: If the client does not support Authorization Code with PKCE and S256, it may not be compatible with the remote Sales Layer MCP Server.
Option 2: Connect through a local bridge
Some MCP clients support local command-based servers but do not support remote MCP OAuth directly. In this case, your technical team may use a local bridge such as mcp-remote, if allowed by your organization.
Example configuration:
{
"mcpServers": {
"sales-layer": {
"command": "npx",
"args": ["-y", "mcp-remote", "https://mcp.saleslayer.com/mcp"]
}
}
}This setup starts a local MCP process and connects it to the remote Sales Layer MCP Server. It usually requires Node.js, npx, and permission to run local commands on the computer.
Option 3: Use a local MCP package
Some clients support local MCP packages. In this setup, the MCP server runs locally and the Catalog Token is entered during package setup.
Use this option only when Sales Layer provides a local package for the client or when the client supports compatible MCP package installation.
- Download the Sales Layer local MCP package from the Sales Layer MCP page or from the location provided by Sales Layer Support.
- Install the package in your MCP-compatible client.
- Enter your Sales Layer Catalog Token during the package configuration step.
- Restart the client if required.
- Test the connection with a simple prompt.
Complete the Sales Layer authorization flow
For remote MCP connections, the client should open the Sales Layer authorization screen in your browser.
- Wait for the Sales Layer authorization screen to open.
- Select the access profile if the screen asks you to choose one.
- Enter your Sales Layer Catalog Token.
- Validate the token and continue.
- Return to your MCP client when the authorization flow is complete.
Test the connection
After the MCP Server is connected, test the connection before using it for real catalog work.
Start with:
What Sales Layer tools are available?
Then test with a catalog-related prompt:
Show me a summary of my Sales Layer catalog.
If the connection is working, the client should be able to call the Sales Layer MCP tools and return information from your catalog.
Example prompts
Once the connection is ready, you can ask:
- Show me the available Sales Layer tools.
- Search for products with missing descriptions.
- Summarize the catalog structure.
- Check product data quality for a specific category.
- Find items with incomplete technical attributes.
If you are using read-only access, the client can query and analyze Sales Layer data, but it cannot create or update records.
When to use the REST API instead
Use the Sales Layer REST API directly when your workflow does not need MCP tools or when the client cannot complete the required OAuth flow for remote MCP.
For direct REST API calls, use the X-API-KEY header with your Sales Layer Catalog Token:
X-API-KEY: your_catalog_token
For example, API 2.0 REST catalog queries use URLs such as:
https://api2.saleslayer.com/rest/Catalog/Products
This is not an MCP connection. It is useful for fixed, predictable automations where the workflow already knows which endpoint to call.
Troubleshooting
| Issue | Likely cause | What to do |
|---|---|---|
| The client does not have an MCP option | The client may not support MCP or the feature may not be enabled. | Use a supported MCP client or the Sales Layer REST API directly. |
| OAuth does not start | The client may not support remote MCP OAuth, or browser popups may be blocked. | Allow popups and redirects. If needed, use a local bridge such as mcp-remote. |
| invalid_token | The Catalog Token was used as a direct bearer token instead of being entered in the Sales Layer authorization screen. | Remove any bearer token configuration and complete the Sales Layer authorization flow again. |
| PKCE or S256 is not available | The client does not support the OAuth security method required by the Sales Layer MCP Server. | Use another MCP-compatible client or a local bridge if your organization allows it. |
| No Sales Layer tools are available | The server did not load correctly, or authorization did not complete. | Reconnect the MCP Server, complete authorization again, and restart the client if needed. |
| Read operations work, but updates fail | The connection is using read-only access. | Use full access only if the workflow must update Sales Layer data and your organization allows it. |
| The local bridge does not run | Node.js, npx, or command execution may not be available on the computer. | Ask your IT team to confirm whether local command-based MCP servers are allowed. |
What to send to Sales Layer Support
If the issue continues, contact Sales Layer Support and include:
- The MCP client name and version.
- The connection type you are using: remote MCP, local bridge, local package, or REST API.
- The server URL you configured.
- The authentication method selected in the client.
- The exact error message shown by the client.
- A screenshot of the error, with sensitive token values hidden.
- Whether the Sales Layer authorization screen opened.
- Whether you selected read-only or full access.
Never send your full Catalog Token in a screenshot, ticket, email, or chat conversation.
Best practices
Use a client-specific Sales Layer article when one is available. Generic MCP setup should be used only when the client does not have a dedicated guide.
Start with read-only access when the client only needs to query or analyze catalog data. Use full access only for controlled workflows that are expected to modify data.
Use Dynamic discovery when the client supports it. If manual OAuth setup is required, carefully review each endpoint and confirm that PKCE with S256 is supported.
Keep your Catalog Token secure. Do not paste it into configuration files, screenshots, support tickets, public templates, or shared repositories.
If your client cannot support remote MCP authentication, do not force the setup by sending the Catalog Token as a bearer token. Use a compatible client, a local bridge approved by your organization, or the Sales Layer REST API directly.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article