Nextvisit View full site →
EHR and integrations

Nextvisit MCP Server

Connect Claude, ChatGPT, or a local LLM to your Nextvisit workspace over the Model Context Protocol. Read patients, encounters, notes, and documents through a typed tool surface, and write edits back when the assistant has the right scope.

Updated May 14, 2026

The Nextvisit MCP server exposes your workspace as a Model Context Protocol endpoint. MCP-aware AI assistants connect once, then read structured chart data and write back through a small set of typed tools. The same workspace scope you use for API keys and OAuth applies here too. PHI never leaves the workspace boundary.

Server endpoint

https://nextvisit.app/mcp/clinic

Transport is HTTPS. Authentication is OAuth 2.0: your MCP client opens a browser, you sign in to Nextvisit and approve the connection in the same consent screen used for OAuth applications, and the client stores the resulting token. There is no API key to paste, copy, or rotate by hand. The server supports the three MCP operation classes:

  • Interactive — tools that return an embedded Nextvisit UI block (a patient card, a recent-patients list) inline in the assistant’s reply.
  • Read — typed tools that fetch patients, encounters, notes, documents, medications, and timelines as structured JSON.
  • Write — typed tools that create patients, edit unsigned encounter content and timeline, link or unlink patient associations, manage note instructions, and sign or unsign an encounter.

What you need first

  1. A Nextvisit account with access to the workspace you want the assistant to read or write.
  2. An MCP-aware client. Claude desktop, Claude on the web, ChatGPT, Cursor, Continue, and most local LLM runtimes (Ollama, LM Studio, Open WebUI) support remote MCP servers with OAuth.

If your workspace admin has disabled external app access for the workspace, the OAuth consent screen will refuse the connection. Contact them or our support team to enable it.

Connecting Claude

Claude’s desktop and web clients both support remote MCP servers as Custom Connectors.

  1. Open Settings > Connectors in Claude.
  2. Click Add custom connector.
  3. Name it Nextvisit.
  4. Set the MCP server URL to https://nextvisit.app/mcp/clinic.
  5. Click Connect. A browser window opens to the Nextvisit OAuth consent screen.
  6. Sign in to Nextvisit (if you are not already signed in), pick the workspace you want the connector to see, and review the scopes the assistant is asking for. Click Allow.
  7. The browser hands you back to Claude. The tools surface under the Nextvisit connector and become available to any Claude conversation where you enable the connector.

The same procedure works for Claude in any environment that exposes a Custom Connector configuration field. You can revoke the connection at any time from Settings > Tools and AI > External Apps in Nextvisit.

Connecting other clients

The endpoint is a standard remote MCP server with OAuth, so any client that supports OAuth-authenticated remote MCP servers works. The URL is the only value you need to enter; the client drives the rest of the flow in a browser.

  • ChatGPT — Add as a custom MCP connector under Settings > Connectors in ChatGPT. Paste the URL and complete the OAuth flow in the popup window.
  • Cursor, Continue, Zed, and other IDE clients — Add the URL to the mcpServers block of the client’s configuration file. On first call the client opens the OAuth flow in your default browser and caches the resulting token.
  • Local LLM runtimes — Ollama, LM Studio, and Open WebUI accept remote MCP endpoints in their MCP settings panel. Each client supports OAuth-authenticated remote MCP servers; check the runtime’s MCP docs for the current shape.

If your client only supports MCP servers that authenticate with a static bearer token, it cannot connect to the Nextvisit MCP server. The endpoint is OAuth-only and does not accept long-lived API keys.

Tools available

The MCP server ships the same tool surface that powers Nextvisit’s own AI features. Grouped by operation class:

Interactive

  • recent_patients — Returns the most recently updated patients for the current workspace as an embedded UI block.
  • fetch_patient — Look up a patient by MRN or UUID. Returns chart details and an embedded patient display.

Read

  • fetch_encounter — Detailed encounter information. View modes: full, content, transcript, context.
  • search_encounters — Search by patient name, encounter content, or keyword. Supports date range filters and pagination.
  • utility_global_search — Full-system search across patients, encounters, and documents. Supports phrase search ([exact phrase]) and negative search (-term).
  • fetch_patient_medications — Current and historical medication list, including dosage, frequency, classification, prescriber, and status.
  • fetch_patient_timeline — Patient visit history as a chronological encounter timeline.
  • fetch_document — Retrieve an uploaded document by ID. Supports full read with pagination, or in-document phrase search.
  • manage_note_instructions (action get) — Read your custom AI note generation instructions.
  • manage_patient_chart_notes (action get) — Read a patient’s persistent chart notes.

Write

  • create_patient — Create a new patient record. Always search first to avoid duplicates. First and last name are required; demographics, allergies, medications, and persistent notes are optional.
  • edit_encounter — Edit content (clinical documentation) or transcript on an unsigned encounter. Three operations: str_replace, insert (before or after an anchor), and regex.
  • edit_encounter_timeline — Edit or append events on an encounter timeline.
  • link_patient_to_encounter — Link or unlink the patient association on an encounter.
  • sign_encounter — Sign (lock) or unsign (unlock) an encounter. Only the encounter creator can perform this action.
  • manage_note_instructions (action update) — Replace, append, prepend, or clear your AI note instructions.
  • manage_patient_chart_notes (action update) — Replace, append, prepend, or clear a patient’s persistent chart notes.

The server returns structured JSON so the assistant reasons over fields instead of scraping a UI.

What an assistant call looks like

A typical read flow from Claude:

User: "What did Dr. Patel see Jane Doe for in April?"

Claude calls search_encounters(query="Jane Doe", date_from="2026-04-01", date_to="2026-04-30")
→ returns a list of encounter IDs with dates and titles.

Claude calls fetch_encounter(id="enc_a1b2", view="content")
→ returns the merged clinical note for that encounter.

Claude summarizes the visit back to you.

A typical write flow:

User: "Add 'patient declined PHQ-9 today' to the timeline on encounter 41822."

Claude calls edit_encounter_timeline(encounter_id=41822, action="add",
  find="📝 Patient declined PHQ-9 today")
→ event appears on the encounter timeline.

Every call carries the workspace scope baked into your API key. The assistant cannot see or modify charts in another workspace.

Permissions and audit

  • Tool calls obey the same workspace boundary as the rest of the platform. No cross-workspace reads, ever.
  • Scopes are granted at OAuth consent time and you can review them before approving. Read scopes unlock the read and interactive tools; write scopes additionally unlock create_patient, edit_encounter, edit_encounter_timeline, link_patient_to_encounter, sign_encounter, and the manage_* update operations. A tool call that exceeds the granted scope returns a 403 and never modifies data.
  • sign_encounter is further restricted to the encounter’s creator.
  • edit_encounter only works on unsigned encounters. Unsign first, edit, then re-sign.
  • Every MCP call is recorded in the workspace audit log with the timestamp, the connected app, the tool name, and the affected resource ID.
  • You can revoke the connection at any time from Settings > Tools and AI > External Apps. Revocation invalidates the token immediately; subsequent calls from that client return 401 until you re-authorize.

Privacy

The MCP server is part of your Nextvisit workspace and operates under the same Business Associate Agreement. PHI returned to the assistant is governed by the assistant vendor’s own data handling, so when you connect Claude, ChatGPT, or any third-party model, your workspace’s chart data is subject to that vendor’s terms during the conversation.

For 42 CFR Part 2 workspaces, MCP access follows the same consent gates as OAuth and external apps. See the 42 CFR Part 2 guide for the full policy.

Rate limits

MCP calls are rate limited per minute, hour, day, and month against the connected app’s token. Normal interactive use stays well under the limits. If a batch automation hits a ceiling, the audit log records the throttle event. Contact support if your use case needs higher limits.

Troubleshooting

Authentication failed or 401 errors

The stored token expired or the connection was revoked. Disconnect and reconnect the Nextvisit connector in your client to run the OAuth flow again. You can confirm the connection is still active under Settings > Tools and AI > External Apps in Nextvisit.

OAuth popup blocked

Some browsers block the OAuth popup the first time. Allow popups for the client’s domain (for Claude on the web, that is claude.ai) and retry the connection.

Tool list does not appear

The client cached an empty tool list. Disconnect and reconnect the Nextvisit connector, or restart the client. Custom Connectors in Claude refresh on reconnect.

”Encounter is signed” on edit

The encounter is locked. Call sign_encounter with status: "unsigned" first (you must be the creator), make the edits, then re-sign.

”Patient not found”

Confirm the MRN or UUID is from the same workspace as the API key. MRNs are workspace-scoped, so the same number can exist in two different workspaces and point to different patients.

Need help?

Contact our support team if you have questions about setup, scopes, or building an assistant on top of the MCP surface. We can also enable a sandbox workspace for development if you do not want to test against live charts.