Deco
decocms

Quickstart

Run Mesh locally, connect an Integration, create an Agent, and verify monitoring

1) Run the Mesh

Pick one:

Option A: one-command local setup (npx)

 npx @decocms/mesh

Option B: local setup with Docker Compose

 # 1. Configure environment variables
# Edit .env and configure BETTER_AUTH_SECRET (required)
# Generate a secret: openssl rand -base64 32
cp conf-examples/env.example .env

# 2. Configure authentication
cp conf-examples/auth-config.json.example auth-config.json

# 3. Start the application
docker compose up -d

# 4. Access
open http://localhost:3000

More details: Local: Docker Compose

Option C: run from source

 git clone https://github.com/decocms/mesh.git
cd mesh
bun install
bun run dev

Option D: deploy to Kubernetes (Helm)

 # 1. Generate a secure secret for authentication
SECRET=$(openssl rand -base64 32)

# 2. Install the chart with the generated secret
helm install deco-mcp-mesh . \
  --namespace deco-mcp-mesh \
  --create-namespace \
  --set secret.BETTER_AUTH_SECRET="$SECRET"

# 3. Wait for pods to be ready
kubectl wait --for=condition=ready pod \
  -l app.kubernetes.io/instance=deco-mcp-mesh \
  -n deco-mcp-mesh \
  --timeout=300s

# 4. Access via port-forward
kubectl port-forward svc/deco-mcp-mesh 8080:80 -n deco-mcp-mesh

The application will be available at http://localhost:8080 .

More details: Kubernetes: Helm Chart

2) Create a Connection

When you open a new organization, the Mesh will prompt you to:

  • Browse Store or
  • Create Connection directly - provide the MCP URL (HTTP endpoint) and any required credentials

The Store is a catalog of Connections you can connect to. By default, the Store points to the official MCP Registry.

3) Create an organization and invite members

  • Go to Members
  • Invite teammates
  • Assign roles (Admin/User) as needed

4) Create an Agent (virtual server)

  • Go to Agents
  • Click Create Agent
  • Choose Include (only selected connections/tools) or Exclude (everything except the exclusions)

5) Generate an API key for a client

Create an API key with the minimum tool permissions needed (see API Keys).

6) Verify monitoring

Use Monitoring to confirm:

  • tool calls are being logged
  • latency + error rates show up
  • filters (time range, tool name, connection, agent) work as expected

The fastest smoke test is to call a tool through an agent endpoint (so you exercise aggregation + proxy + monitoring).

Previous
Concepts
The mental model for organizations, connections, agents, API keys, and tool calls
Next

Found an error or want to improve this page?

Edit this page