Start

Quickstart

This quickstart assumes you already have a Cessy tenant and an app. It takes you through the shortest useful builder loop: connect the Design MCP, inspect the model, make a scoped change, publish, and verify the runtime surface.

1. Copy the app-scoped Design MCP URL

Open the app in the Designer view and go to Overview. In MCP Connections, copy the read-only Remote MCP URL first:

https://your-instance.com/api/design-mcp-readonly?tenantId=<tenant-id>&appId=<app-id>

Use the full Design MCP URL only when the agent is allowed to change the model:

https://your-instance.com/api/design-mcp?tenantId=<tenant-id>&appId=<app-id>

2. Connect Claude or Codex

Use Connect Design MCP for the complete setup.

For Claude, add a custom connector in Settings -> Connectors and paste the Remote MCP URL.

For Codex:

$codex mcp add cessy_design --url "https://your-instance.com/api/design-mcp-readonly?tenantId=<tenant-id>&appId=<app-id>"

Claude and Codex discover the Cessy OAuth defaults from the Remote MCP URL. Do not configure OAuth client IDs, secrets, resource URLs, or scopes manually.

3. Start with a concrete prompt

Paste this into Claude or Codex after the connector is available:

Use the Cessy Design MCP connector for this app. Start read-only:
call get_app, get_domain_model, list_errors, and get_reference for
DomainConfig, commands, events, projections, policies, permissions, and
workspaces. Then summarize:
1. what this app currently does,
2. the main deciders, commands, events, projections, and policies,
3. any validation errors or modeling risks,
4. the smallest safe workspace plan for the change I ask for next.
Do not mutate the model until I explicitly ask you to create or update a
workspace.

This prompt makes the agent prove that it can see the real model before it suggests edits.

4. Make a scoped design change

Use a workspace for any meaningful change:

create_workspace
upsert_event
upsert_command
upsert_projection
validate_changeset
promote_changeset

Prefer one coherent business change per workspace. Do not mix unrelated feature work, permission changes, and frontend page work in the same changeset unless they must ship together.

5. Verify the published runtime contract

After publishing, fetch the generated OpenAPI contract:

$curl https://your-instance.com/api/rest/<tenant-id>/<app-id>/openapi

Then smoke-test one command and one projection. The exact endpoint names come from the generated OpenAPI contract and the published DomainConfig.

6. Hand off the result

A good handoff includes:

  • the app id, tenant id, workspace id, changeset id, and target environment
  • the commands, events, projections, policies, permissions, adapters, or pages changed
  • the validation result and remaining risks
  • one runtime command/projection smoke test
  • the Design MCP server name used by the reviewing agent