GuideJune 2, 20266 min read

How to Share MCP Server Configs Across Machines

MCP servers extend your AI tools with custom capabilities. Here's how to sync their configuration — including API keys and server URLs — across every machine securely.

What MCP Servers Are and Why Config Matters

MCP (Model Context Protocol) servers extend AI coding tools like Claude Desktop and Claude Code with custom capabilities. A filesystem MCP server gives Claude access to read and write files. A database server lets it query your PostgreSQL instance. A GitHub server lets it manage issues and pull requests. You can build custom servers for internal tools, documentation systems, or anything else you need Claude to interact with.

Each MCP server is defined in a configuration file with a command to start it, arguments, and often environment variables containing API keys or connection strings. Once you have five or ten MCP servers configured, manually recreating that setup on a new machine is tedious and error-prone. Worse, these configs contain secrets that should never be stored in plaintext or committed to version control.

Where MCP Configs Live

Claude Desktop stores MCP server definitions in its main config file. On macOS, that is ~/Library/Application Support/Claude/claude_desktop_config.json. On Linux, it is ~/.config/Claude/claude_desktop_config.json. Claude Code stores its MCP settings within ~/.claude/.

Example Claude Desktop MCP config
{ "mcpServers": { "filesystem": { "command": "npx", "args": ["-y", "@modelcontextprotocol/server-filesystem", "/Users/jane/projects"] }, "github": { "command": "npx", "args": ["-y", "@modelcontextprotocol/server-github"], "env": { "GITHUB_PERSONAL_ACCESS_TOKEN": "ghp_xxxxxxxxxxxx" } }, "slack": { "command": "npx", "args": ["-y", "@modelcontextprotocol/server-slack"], "env": { "SLACK_BOT_TOKEN": "xoxb-xxxxxxxxxxxx" } } } }

Notice the API keys inline in the config. This is why syncing MCP configs requires encryption — these are not files you want sitting in plaintext anywhere.

Syncing with ConfigSync

ConfigSync has dedicated modules for both Claude Desktop and Claude Code that handle encryption automatically. When you add these modules, any config files containing secrets are encrypted before they leave your machine.

Add Claude modules
# Claude Desktop — encrypts the config file containing MCP server definitions configsync add module claude-desktop # Claude Code — encrypts credentials, stores settings as plain text configsync add module claude-code # Push to sync configsync push -m "MCP server configs"
Automatic encryption: ConfigSync detects that MCP configs contain sensitive data and encrypts them using AES-128 (Fernet) with your master password. The encrypted files are decrypted only on your machines, never on the server.

Handling Machine-Specific Paths with Templates

MCP configs often reference local filesystem paths. A filesystem server might point to /Users/jane/projects on your Mac but /home/jane/projects on your Linux workstation. ConfigSync template variables handle this automatically.

Template variables in MCP configs
{ "mcpServers": { "filesystem": { "command": "npx", "args": [ "-y", "@modelcontextprotocol/server-filesystem", "{{home}}/projects" ] }, "custom-docs": { "command": "node", "args": ["{{home}}/tools/docs-server/index.js"], "env": { "DOCS_PATH": "{{home}}/documentation" } } } }

The {{home}} variable resolves to the correct home directory on each machine. On macOS it becomes /Users/jane, on Linux /home/jane. You can define custom variables too for paths that differ in more complex ways between machines.

Team Sharing: Identical MCP Setups for Everyone

One of the strongest use cases for syncing MCP configs is team standardization. When your team uses the same MCP servers — a shared documentation server, internal API server, or database query server — you want everyone to have the same setup.

Team MCP config workflow
# Team lead sets up the canonical MCP configuration configsync add module claude-desktop configsync push -m "team MCP servers" # Each teammate pulls the config configsync pull # MCP servers are configured identically across the team # API keys are encrypted — each person uses their own master password

The team lead maintains the canonical MCP server configuration. When a new server is added or an existing one is updated, they push the change and everyone pulls. API keys in the config are encrypted with each person's master password, so sharing the config does not mean sharing credentials. Each team member sets their own API keys after the initial pull if the keys are personal.

For shared team API keys, store them as ConfigSync secrets and reference them with template variables. This way the key is encrypted in the vault and injected into the config at pull time.

Keeping MCP Configs in Sync Long-Term

MCP server configs evolve as you add new servers, update API keys, and modify parameters. ConfigSync tracks these changes over time with version history, so you can see what changed and roll back if needed.

Check what changed
# See differences between local and synced config configsync diff # View version history configsync log # Roll back to a previous version configsync rollback --to 3

This is particularly valuable for MCP configs because a misconfigured server can break your Claude workflow entirely. If an update introduces a problem, rolling back to the last working configuration takes seconds instead of manual debugging.

Ready to try ConfigSync?

Sync your entire dev environment across machines in minutes. Free forever for up to 3 devices.

Get StartedRead the Docs