Claude Connector Directory Submission: Requirements, Annotations, and How to Pass Review
Getting your Claude Connector listed in the Connectors Directory.
TL;DR: Tool annotations are the single biggest reason Claude Connector submissions get rejected (30% of denials). Every tool needs readOnlyHint or destructiveHint. You also need both claude.ai and claude.com callback URLs, a published privacy policy, documentation with at least three examples, and a test account. Test locally with sunpeak before submitting to catch issues early.
You built a Claude Connector. It works locally, it works connected to Claude through ngrok, and now you want to get it into the Connectors Directory so anyone can install it with one click. The submission process is straightforward, but the review is manual and Anthropic rejects submissions that miss specific requirements. Here is what you need to know before you submit.
The Submission Process
Anthropic accepts submissions through the MCP Directory Server Review Form. Review takes roughly two weeks. Anthropic is upfront that they cannot promise to accept or respond to every submission individually because of the volume of interest.
The form asks for server basics, connection details, data and compliance information, a list of tools and resources, documentation links, support channels, test account credentials, branding materials, and a confirmation that your server is production-ready.
Tool Annotations: The #1 Rejection Reason
Missing tool annotations cause 30% of all Directory rejections. This is the most common mistake, and it is the easiest to fix.
Every tool on your MCP server must include safety annotations that tell Claude whether the tool reads data or modifies it. The two annotations that matter most:
readOnlyHint: truefor tools that only read: search, get, list, fetch, query operationsdestructiveHint: truefor tools that create, update, delete, or send data, make external API requests, or create temporary files
This is not optional. It is a hard requirement from the MCP Directory Policy.
In a sunpeak project, annotations go in your tool config:
import type { AppToolConfig } from 'sunpeak/mcp';
export const tool: AppToolConfig = {
resource: 'user-profile',
title: 'Get User Profile',
description: 'Retrieve the authenticated user profile',
annotations: { readOnlyHint: true },
};For a tool that modifies data:
export const tool: AppToolConfig = {
resource: 'send-message',
title: 'Send Message',
description: 'Send a message to a channel',
annotations: { destructiveHint: true },
};There are additional annotations you can use. idempotentHint: true marks tools where repeated calls with the same arguments have no additional effect (useful for update operations). openWorldHint: true marks tools that interact with external APIs or the web. Include all applicable annotations, but readOnlyHint or destructiveHint is the minimum every tool needs.
Tool descriptions also have requirements: they must be clear, specific, and accurately describe what the tool does and when it should be called. Vague descriptions like “interact with the service” will cause problems. Write descriptions that match what the tool actually does and nothing more.
OAuth Callback URLs
If your connector requires authentication, this is the second most common rejection cause. Claude operates under two domains, and you must allowlist both callback URLs in your OAuth provider:
https://claude.ai/api/mcp/auth_callback
https://claude.com/api/mcp/auth_callbackIf you only register the claude.ai URL, some users will hit OAuth errors when they try to authorize your connector. The OAuth authentication guide covers the full setup, including provider-specific instructions for Google, GitHub, and Okta.
For local development, you also need:
http://localhost:6274/oauth/callback
http://localhost:6274/oauth/debugOne thing to keep in mind: pure client credentials flow (machine-to-machine OAuth without user interaction) is not supported. Every user must complete an interactive consent flow to authenticate.
Privacy Policy
If your connector collects any user data or connects to a remote service, you need a published privacy policy. Missing policies result in immediate rejection.
The policy needs to cover:
- What data you collect and how
- How you use the collected data
- How and where you store it
- Whether you share data with third parties
- How long you retain data
- How users can contact you
For remote servers, include the privacy policy URL in your documentation and submission form. For local connectors distributed as .mcpb bundles, the policy must appear in two places: a “Privacy Policy” section in your README.md and a privacy_policies array in your manifest.json (requires manifest_version 0.2 or later).
Documentation Requirements
Your submission needs documentation that goes beyond a README with install instructions. Anthropic requires:
- A clear server description and feature list
- Setup instructions
- Authentication details (if applicable)
- At least three working usage examples with actual prompts users can try
- A privacy policy link
- Support contact information or channel
Reviewers test your connector with real prompts, and they need to know what to try. Write examples that demonstrate your connector’s core value and show what a successful response looks like.
Testing Before You Submit
Pre-submission testing prevents roughly 80% of delays. Here is a checklist:
Local testing with sunpeak:
pnpm add -g sunpeak
sunpeak new
sunpeak devThe sunpeak inspector lets you test your connector’s tool behavior, resource rendering, and data flow against a local replica of the Claude runtime. You do not need a paid Claude account, and you avoid the 4-click manual refresh cycle on every code change. Write simulations to cover your tool’s expected inputs and outputs, then run them in CI to catch regressions.
Real Claude testing:
Before submitting, verify your connector works in a real Claude session:
- Deploy your server or expose it with ngrok
- Add it as a custom connector in Claude Settings > Connectors
- Test each tool in a conversation
- If you have OAuth, test the full authorization flow
If you want automated end-to-end testing against real Claude sessions, the live testing guide covers Playwright setup with sunpeak handling auth and iframe access.
Cross-host testing:
If your connector also works in ChatGPT, test it there too. sunpeak’s inspector includes both Claude and ChatGPT host replicas, so you can switch between them from a single dev server. Cross-host portability is a selling point if your connector works on multiple platforms.
What Gets Your Connector Removed After Listing
Getting listed is not permanent. Anthropic conducts ongoing reviews and can remove connectors that:
- Stop working or become unreliable
- Violate the MCP Directory Policy (safety, privacy, IP issues)
- Enable financial transactions (transferring money, crypto, or executing trades)
- Generate media content (images, video, audio) unless it is design-focused output like diagrams or charts
- Orchestrate cross-service automation without explicit user notification
- Manipulate Claude into calling other servers or circumvent safety guardrails
Maintain your server, respond to issues within reasonable timeframes, and keep your privacy policy and documentation current.
Submission Checklist
Before you fill out the form:
- Every tool has
readOnlyHintordestructiveHintannotations - Tool descriptions are specific and accurate
- Both
claude.aiandclaude.comOAuth callback URLs are allowlisted (if applicable) - Privacy policy is published and covers required topics
- Documentation includes at least three usage examples
- Support channel or contact information is available
- Test account with sample data is ready for reviewers (if auth is required)
- Server is production-ready, not beta
- HTTPS with valid TLS certificate (for remote servers)
- Streamable HTTP transport is supported
- Maximum tool response size is under 25,000 tokens
- Tested locally with sunpeak simulations
- Tested against real Claude with each tool
- Tool names are under 64 characters
Get these right and you clear the hurdles that block most submissions. If you have not built your connector yet, start with the Claude Connectors tutorial and use sunpeak to scaffold, test, and iterate before you go through the submission process.
Get Started
pnpm add -g sunpeak && sunpeak new
Further Reading
- Claude Connectors tutorial - build and deploy a connector end to end
- Claude Connector authentication - OAuth flow, callback URLs, and token lifecycle
- What are Claude Connectors - data access, auth, and troubleshooting
- Claude Connectors vs Claude Apps - standard vs interactive connectors
- Claude Connector Framework - sunpeak overview
- MCP App Framework - cross-host portability
- Connectors Directory FAQ - official requirements from Anthropic
- Remote MCP Server Submission Guide - Anthropic help center
- sunpeak documentation - quickstart and API reference
Frequently Asked Questions
How do I submit a Claude Connector to the Connectors Directory?
Submit through the MCP Directory Server Review Form on Google Forms. You need a production-ready MCP server with tool annotations, a privacy policy, documentation with at least three usage examples, and a test account with sample data if your connector requires authentication. Anthropic reviews submissions manually, and the process typically takes about two weeks.
What are tool annotations in Claude Connectors?
Tool annotations are metadata properties on your MCP tools that tell the host whether a tool reads data or modifies it. Every tool must include either readOnlyHint: true (for search, get, list, fetch operations) or destructiveHint: true (for create, update, delete, send operations). Missing tool annotations account for 30% of Connectors Directory rejections.
Why do Claude Connector submissions get rejected?
The most common rejection reasons are missing tool annotations (30% of rejections), OAuth callback URL errors (forgetting the claude.com URL), missing or incomplete privacy policies, incomplete documentation, and submitting servers that are still in beta rather than production-ready. Addressing these before submission prevents approximately 80% of delays.
What OAuth callback URLs do I need for the Claude Connectors Directory?
You must allowlist both https://claude.ai/api/mcp/auth_callback and https://claude.com/api/mcp/auth_callback as redirect URIs in your OAuth provider. Claude operates under both domains, and missing one of them causes auth failures for some users. This is the second most common submission rejection after missing tool annotations.
Do I need a privacy policy to submit a Claude Connector?
Yes. If your connector collects any user data or connects to a remote service, you need a published privacy policy covering data collection methods, usage, storage, third-party sharing, retention periods, and contact information. For local connectors (.mcpb files), the policy must appear in both README.md and manifest.json. Missing privacy policies result in immediate rejection.
How do I test my Claude Connector before submitting to the Directory?
Use sunpeak to test your connector locally against the Claude inspector without needing a paid Claude account. Run sunpeak dev to start your connector, test tool behavior and resource rendering, then verify against real Claude by adding your server as a custom connector via ngrok. Essential pre-submission testing prevents approximately 80% of submission delays.
What documentation is required for a Claude Connector Directory submission?
You need a server description, feature list, setup instructions, authentication details (if applicable), at least three working usage examples with prompts, a privacy policy link, and support contact information. Tool descriptions must narrowly and unambiguously describe what each tool does and when it should be called.
Can I submit a Claude Connector from any Claude plan?
Yes. Any developer can submit a connector to the Connectors Directory regardless of their Claude plan. The Directory connectors are available to all Claude users. Custom connectors (adding your own MCP server URL) require a paid plan (Pro, Max, Team, or Enterprise), but this is separate from the submission process.
