launchdarkly · ari-launchdarkly · May 30, 2026 · May 29, 2026
@@ -21,11 +21,11 @@ Orchestrates LaunchDarkly setup in an existing codebase: on kickoff, show a **ro
   - **Step 5 (SDK keys):** If MCP is not configured (or the user declined it), account status becomes relevant at D7 when the user needs to provide keys. If they cannot provide keys, offer the resolved signup link (see [Source Attribution](#source-attribution)).
   - This eliminates the upfront "Do you have an account?" question and lets the workflow itself surface whether the user needs to sign up.
 - **Keys and tokens (defer until needed):** Collect these only when the path requires them.
-  - **Step 4 -- MCP:** **Hosted MCP** uses OAuth; no API token or SDK key needed to configure it. **Local `npx` MCP** (federal/EU, etc.): API access token per [mcp-configure](mcp-configure/SKILL.md) and [MCP Config Templates](mcp-configure/references/mcp-config-templates.md).
+  - **Step 4 -- MCP:** **Hosted MCP** uses OAuth; no API token or SDK key needed to configure it.
   - **Step 5 -- SDK:** **SDK keys / client-side ID / mobile key** when wiring env in [Apply code changes](sdk-install/apply/SKILL.md), after the integration plan is confirmed. **`ldcli` / REST** for discovery: use **`ldcli login`** or an access token when you first run those commands, not at hello.
   - **Key type must match the integration:** server-side SDK -> **SDK key**; browser/client-side SDK -> **Client-side ID**; mobile -> **Mobile key**. Env variable names and bundler rules: [Apply code changes](sdk-install/apply/SKILL.md).
 
-**MCP (preferred):** Complete **Step 4** via [mcp-configure/SKILL.md](mcp-configure/SKILL.md) before SDK work when possible. If MCP is unavailable or the user opts out, use **ldcli** / **REST** fallbacks described in that skill (including [MCP Config Templates](mcp-configure/references/mcp-config-templates.md) for local `npx` fallback when hosted MCP does not apply) -- onboarding must still be completable.
+**MCP (preferred):** Complete **Step 4** via [mcp-configure/SKILL.md](mcp-configure/SKILL.md) before SDK work when possible. If MCP is unavailable or the user opts out, use **ldcli** / **REST** fallbacks described in that skill -- onboarding must still be completable.
 
 **Optional MCP tools (when configured):**
 
@@ -116,7 +116,6 @@ Do NOT treat the user's initial request (e.g. "onboard me," "set up LaunchDarkly
 
 | ID | Location | Question |
 |----|----------|----------|
-| D4-LOCAL | Step 4 (local MCP) | User chooses whether to handle the access token themselves (recommended) or let the agent help |
 | D5-NOAPP | Step 5 -- detect | No runnable app found: user points to app or requests demo |
 | D5-UNCLEAR | Step 5 -- detect | Weak evidence: user confirms the correct app folder |
 | D5 | Step 5 -- detect | SDK confirmation / one-vs-both-SDKs scope choice |
@@ -322,7 +321,7 @@ This is **not** the same file as `LAUNCHDARKLY_ONBOARDING.md`. The onboarding lo
 
 - [mcp-configure/SKILL.md](mcp-configure/SKILL.md) -- hosted MCP, verify, edge cases (**follow this first**)
 - [MCP UI links](mcp-configure/references/mcp-ui-links.md) -- HTTPS + `command:` links to open MCP settings per editor
-- [MCP Config Templates](mcp-configure/references/mcp-config-templates.md) -- per-agent JSON; **Local server via `npx`** when hosted MCP is unavailable
+- [MCP Config Templates](mcp-configure/references/mcp-config-templates.md) -- per-agent JSON for hosted MCP
 
 **Step 5 -- SDK install (nested skills)**
 

@@ -12,7 +12,7 @@ metadata:
 
 Configures the LaunchDarkly hosted MCP server so flag management skills and onboarding can use MCP tools. Uses OAuth for authentication — no API keys needed for the hosted server.
 
-This skill is nested under [LaunchDarkly onboarding](../SKILL.md); the parent skill's **Step 4** hands off here. **Hosted MCP** is the default. For **federal/EU** or other cases where hosted is unavailable, use the **Local server via `npx`** section in [MCP Config Templates](references/mcp-config-templates.md) and [local MCP server docs](https://launchdarkly.com/docs/home/getting-started/mcp-local).
+This skill is nested under [LaunchDarkly onboarding](../SKILL.md); the parent skill's **Step 4** hands off here. **Hosted MCP** is the default and the only supported option for this onboarding flow.
 
 ## Prerequisites
 
@@ -94,37 +94,6 @@ After adding the config, the user needs to enable and authorize the server. MCP
 3. **If restart doesn't help**, fall back to ldcli/API for Steps 5-6. Note the fallback in the onboarding log. Do **not** block the rest of onboarding.
 4. If the failure looks like a config issue (wrong file path, missing OAuth, server not enabled), mention the likely cause so the user can fix it on their own time — but do not block progress.
 
-For **local `npx` server** verification, see [MCP Config Templates — Verify (local server)](references/mcp-config-templates.md#verify-local-server).
-
-## Local MCP: Access Token Setup
-
-When the user needs the **local `npx` server** (federal/EU or other cases where hosted MCP is unavailable), the server requires a `LAUNCHDARKLY_ACCESS_TOKEN`. This is a sensitive credential.
-
-First, tell the user how to create a token if they don't already have one:
-
-> Create an API access token at [app.launchdarkly.com/settings/authorization/tokens/new](https://app.launchdarkly.com/settings/authorization/tokens/new). Give it a descriptive name (e.g. "MCP server") and at minimum the **Reader** role. Copy the token — you won't be able to see it again after leaving the page.
-
-Then ask how they want to add the token to the MCP config:
-
-**D4-LOCAL -- BLOCKING:** Call your structured question tool now.
-- question: "The local MCP server needs an API access token to authenticate with LaunchDarkly. You can create one at app.launchdarkly.com/settings/authorization/tokens/new. Once you have the token, how would you like to add it to your MCP config? We recommend adding it yourself — there is a non-zero risk when an agent handles secrets, as tokens may persist in conversation history, logs, or model context."
-- options:
-  - "I'll add the token to the config myself — just tell me which file and variable"
-  - "I have the token ready — go ahead and help me wire up the config"
-- STOP. Do not write the question as text. Do not write any token value to a config file before the user selects an option.
-
-**If the user adds the token themselves:**
-1. Tell them the config file path for their agent (see [MCP Config Templates](references/mcp-config-templates.md))
-2. Tell them to set `LAUNCHDARKLY_ACCESS_TOKEN` as the value — either as an environment variable or directly in the config file
-3. Remind them to add the config file to `.gitignore` if the token is inline
-4. Wait for them to confirm, then proceed to Step 5 (Enable and Verify)
-
-**If the user wants agent-assisted setup:**
-1. Ensure the config file is in `.gitignore` before writing
-2. Write the config per [MCP Config Templates](references/mcp-config-templates.md)
-3. Remind the user that the token will be visible in the config file and conversation history
-4. Proceed to Step 5 (Enable and Verify)
-
 ## Edge Cases
 
 - **User already has MCP configured:** Verify by checking for existing LD MCP entries in the config.
@@ -140,19 +109,17 @@ Then ask how they want to add the token to the MCP config:
 
     If they agree, remove the deprecated entries and ensure the unified `mcp/launchdarkly` config is present. See [MCP Config Templates](references/mcp-config-templates.md). If they decline, note the deprecation and continue.
 - **User has the old npx-based local server:** Migrate them. Remove the old `npx @launchdarkly/mcp-server` entry and any `LD_ACCESS_TOKEN` env vars. Replace with the hosted server config. See [MCP Config Templates — Migration](references/mcp-config-templates.md#migrating-from-old-configurations).
-- **Federal or EU instances:** The hosted MCP server is not available for federal or EU environments. Use [local MCP server docs](https://launchdarkly.com/docs/home/getting-started/mcp-local) and the **Local server via `npx`** section in [MCP Config Templates](references/mcp-config-templates.md). Follow the [Local MCP: Access Token Setup](#local-mcp-access-token-setup) flow for token handling.
 - **Agent not in known list:** Provide the generic pattern: the user needs to add an MCP server entry pointing to `https://mcp.launchdarkly.com/mcp/launchdarkly` using whatever format their agent expects.
 - **User opts out of MCP during onboarding:** Document that choice and continue with the parent skill's ldcli/API fallbacks for environments and flags; do not block SDK work.
 
 ## What NOT to Do
 
-- Don't configure the old npx-based local server by default. Prefer the hosted server for standard regions.
+- Don't configure the old npx-based local server. Use the hosted server.
 - Don't ask for or store API keys for the hosted server. The hosted server uses OAuth.
 - Don't configure the old separate FM/AgentControl servers. Use the unified `mcp/launchdarkly` server.
-- Don't handle the access token for local MCP without asking the user first via the D4-LOCAL decision point.
 
 ## References
 
 - [MCP UI links](references/mcp-ui-links.md) — HTTPS + `command:` links to open MCP settings (Cursor, VS Code, Claude Code, Windsurf, GitHub)
-- [MCP Config Templates](references/mcp-config-templates.md) — hosted OAuth JSON per agent; **Local server via `npx`** fallback; migration from old local server
+- [MCP Config Templates](references/mcp-config-templates.md) — hosted OAuth JSON per agent; migration from old configurations
 - [Official MCP docs](https://launchdarkly.com/docs/home/getting-started/mcp-hosted) — full hosted setup guide
@@ -124,100 +124,3 @@ If the user has either endpoint configured, **ask before removing** — see the
 ```
 
 **Replace with the single unified server** (see sections above).
-
-## Local server via `npx`
-
-Use the local MCP server when hosted MCP is not available — for example, **EU or Federal** environments — or when your setup requires it. See [local MCP server docs](https://launchdarkly.com/docs/home/getting-started/mcp-local). This path uses **`LAUNCHDARKLY_ACCESS_TOKEN`** (API access token) instead of OAuth.
-
-### Security: Protect tokens in MCP config files
-
-Most editors (Cursor, VS Code, Claude Desktop) require **literal tokens** in MCP config — they don't expand `${VAR}` syntax. To prevent accidental commits:
-
-1. **Add MCP config files to `.gitignore`:**
-   ```
-   .cursor/mcp.json
-   .vscode/mcp.json
-   ```
-2. **Or use user-level config** (outside the repo) where the editor supports it
-
-**Exception:** Claude Code supports `${LAUNCHDARKLY_ACCESS_TOKEN}` env var syntax — use it when available.
-
-### Claude Code (project `.mcp.json`)
-
-```json
-{
-  "mcpServers": {
-    "launchdarkly": {
-      "type": "stdio",
-      "command": "npx",
-      "args": ["-y", "@launchdarkly/mcp-server"],
-      "env": {
-        "LAUNCHDARKLY_ACCESS_TOKEN": "${LAUNCHDARKLY_ACCESS_TOKEN}"
-      }
-    }
-  }
-}
-```
-
-Set `LAUNCHDARKLY_ACCESS_TOKEN` in the environment or use your agent’s secret mechanism per [Claude Code MCP docs](https://docs.claude.com/en/docs/claude-code/mcp). For user-wide config, merge the same `mcpServers.launchdarkly` entry into `~/.claude/settings.json` if appropriate.
-
-### Cursor (`.cursor/mcp.json`)
-
-**Add `.cursor/mcp.json` to `.gitignore`** — Cursor requires a literal token value.
-
-```json
-{
-  "mcpServers": {
-    "launchdarkly": {
-      "command": "npx",
-      "args": ["-y", "@launchdarkly/mcp-server"],
-      "env": {
-        "LAUNCHDARKLY_ACCESS_TOKEN": "YOUR_ACCESS_TOKEN"
-      }
-    }
-  }
-}
-```
-
-### Claude Desktop (`claude_desktop_config.json`)
-
-Claude Desktop config is user-level (not in repos), so token exposure risk is lower.
-
-```json
-{
-  "mcpServers": {
-    "launchdarkly": {
-      "command": "npx",
-      "args": ["-y", "@launchdarkly/mcp-server"],
-      "env": {
-        "LAUNCHDARKLY_ACCESS_TOKEN": "YOUR_ACCESS_TOKEN"
-      }
-    }
-  }
-}
-```
-
-### VS Code / Copilot (`.vscode/mcp.json`)
-
-**Add `.vscode/mcp.json` to `.gitignore`** — VS Code requires a literal token value.
-
-```json
-{
-  "servers": {
-    "launchdarkly": {
-      "command": "npx",
-      "args": ["-y", "@launchdarkly/mcp-server"],
-      "env": {
-        "LAUNCHDARKLY_ACCESS_TOKEN": "YOUR_ACCESS_TOKEN"
-      }
-    }
-  }
-}
-```
-
-Replace `YOUR_ACCESS_TOKEN` with the user’s LaunchDarkly API access token. After editing, enable the server in the editor's MCP settings. A restart may be required if tools don't appear.
-
-### Verify (local server)
-
-1. If you have MCP tool access, call **`list-feature-flags`** with the user’s `projectKey` (e.g. `request: { "projectKey": "YOUR_PROJECT_KEY" }`). A normal response confirms the server and token.
-2. If MCP tools are not visible yet, have the user run **`ldcli flags list`** (or curl the REST API) to validate credentials independently while waiting for MCP tools to appear.
@@ -85,18 +85,7 @@ Install the [LaunchDarkly MCP server](https://github.com/launchdarkly/mcp-server
 - **Run experiments** — Set up A/B tests and monitor results through your agent.
 - **Manage configs** — Update model configurations and prompts managed by LaunchDarkly.
 
-**Two setup options:**
-
-- **[Hosted MCP](https://launchdarkly.com/docs/home/getting-started/mcp-hosted)** — Uses OAuth; no tokens stored in config files
-- **[Local MCP](https://launchdarkly.com/docs/home/getting-started/mcp-local)** — Uses API access token; required for EU/Federal environments
-
-If using local MCP, add your editor's MCP config file to `.gitignore` since it will contain your access token:
-
-```
-# Add to .gitignore (if using local MCP with tokens)
-.cursor/mcp.json
-.vscode/mcp.json
-```
+**Setup:** Use the [Hosted MCP](https://launchdarkly.com/docs/home/getting-started/mcp-hosted) server, which uses OAuth — no tokens stored in config files.
 
 See the [MCP server docs](https://github.com/launchdarkly/mcp-server) for editor-specific setup instructions.