What is MCP, and why has it become essential for advertising teams in 2026?

The Model Context Protocol is an open specification published by Anthropic in late 2024 that defines how language model clients connect to external tools, data sources, and services. The protocol is transport-agnostic, supporting local subprocess servers over stdio as well as remote servers over HTTP and Server-Sent Events. The specification covers tool definition, resource access, prompt registration, and a consistent authentication and lifecycle layer that any client and any server can implement against. Through 2025, MCP adoption was concentrated in developer tooling. Engineering teams used MCP to connect Claude to Postgres for query support, to GitHub for repository inspection, to Linear for ticket management, and to Slack for message search. The connectors were experimental, the documentation was sparse, and the typical user was a backend engineer comfortable editing JSON config files. The 2026 inflection point arrived when production-grade vendor servers shipped to non-developer audiences. Cloudflare published a security MCP for traffic analysis. Sentry launched an error-investigation server. Stripe shipped a financial operations MCP. Notion, Linear, and Slack moved from experimental to officially supported endpoints. Then on April 29, 2026, Meta announced its Meta Ads MCP at mcp.facebook.com/ads, opening the protocol to tens of thousands of advertising operators who had never heard the term MCP before. For advertising teams specifically, the relevance is immediate. The Meta Ads MCP exposes twenty-nine production tools that span the full campaign lifecycle. That means a marketing manager can ask Claude to summarise weekly performance, pause underperforming ads, duplicate the best performers with budget increases, and triage pixel diagnostics without opening Ads Manager. The same workflow that took thirty minutes of clicks now takes ninety seconds of conversation. Other platforms are expected to follow with their own MCP servers through the second half of 2026, including TikTok, Google, LinkedIn, and Snap, each opening campaign automation to AI-driven workflows. The competitive implication for marketing teams is straightforward. Teams that adopt MCP early build operational fluency that extends to whichever platforms ship next. Teams that delay surrender efficiency to faster-moving competitors. The setup itself is trivial — a single command or JSON edit per server — but the operational discipline around scoping, auditing, and compliance review takes longer to develop. The risk is also asymmetric. A misconfigured MCP can read from the wrong account, push the wrong creative, or expose audience data to a model session that should have been restricted. Teams adopting MCP at scale should treat the protocol as production infrastructure with documented runbooks, scoped credentials, and audit trails. Track which platforms ship MCP support and how policies evolve through the Policy Tracker , which monitors official platform documentation across nine networks for setup changes, deprecation notices, and authorisation changes.

What is the difference between adding an MCP server to Claude Code versus Claude Desktop?

Claude Code and Claude Desktop are two different Anthropic clients with separate configuration models, separate MCP registries, and separate runtime behaviour. Claude Code is the command-line agent used inside terminals and code editors. Claude Desktop is the graphical chat application installed on macOS, Windows, and Linux. Both speak the same MCP protocol and accept the same servers, but the path to register a server differs in important ways. Claude Code uses the claude mcp add command to register a server. The command accepts a transport flag (http, stdio, or sse), a name, a URL or executable command, optional headers and environment variables, and a scope flag that determines where the configuration is stored. Scope is the largest behavioural difference and the easiest to misconfigure. Local scope stores the server in the user home directory and limits visibility to the current project. Project scope stores the server in a .mcp.json file at the project root, which is intended to be tracked in git and shared with the team. User scope stores the server in the user home directory but makes it available across every project on the machine. The choice matters because a server registered at the wrong scope will appear unavailable when the user expects it, and a server registered at project scope will leak credentials into version control if the configuration includes inline tokens. Claude Desktop uses a single JSON file, claude_desktop_config.json, located in the operating-system-specific application support directory. The file lists every MCP server under an mcpServers object keyed by short server names. Each entry specifies a type (stdio or http), a command and arguments for stdio servers, or a URL and headers for HTTP servers. Editing the file is straightforward but the format is unforgiving — invalid JSON silently disables every server in the file rather than just the broken entry. Claude Desktop also requires a full application restart after every config change, while Claude Code picks up changes on the next session start without a restart. The OAuth flow differs slightly between clients. Claude Code prompts for OAuth through the /mcp command after the server is registered, while Claude Desktop launches the OAuth window automatically the first time the user starts a conversation that needs the server. Both flows ultimately store the OAuth token in the operating-system credential store, but Claude Code provides finer control over reset and re-authentication through the /mcp menu. Practical recommendation for most users is to install personal-productivity servers (calendar, email, notes) under user scope in Claude Code or directly in Claude Desktop, while installing engineering tools under project scope in Claude Code so they are tracked alongside the codebase. Compliance and policy-enforcement servers should be installed at user scope so they apply automatically to every conversation regardless of project. For an automated audit of which servers should be enabled in each scope, see AI Compliance Audit and the broader compliance posture guidance throughout the platform documentation.

Can the Meta Ads MCP fully automate campaign creation without human review?

The Meta Ads MCP technically supports end-to-end campaign creation without human intervention. Claude can call create_campaign, create_ad_set, create_ad_creative, and submit_for_review in sequence inside a single conversation, and the resulting ad will enter Meta's review queue exactly as if a human had clicked through Ads Manager. The technical capability exists. The operational and compliance posture should not allow it. Several considerations argue against full autonomous campaign creation. Meta's review process operates on a twenty-four to forty-eight hour cycle and rejects ads that violate any of dozens of policy categories — misleading claims, restricted content, personal attribute targeting, special ad categories, regional regulatory constraints, and many others. A rejection consumes the budget slot, delays the campaign launch, and accumulates a violation history that, at scale, can lead to account-level restrictions or suspension. An autonomous workflow without a pre-flight check submits without knowing the rejection probability, and a one-percent rejection rate over a hundred submissions is a meaningful operational drag. Claude itself does not have internalised knowledge of Meta-specific advertising policies. The model has general safety training and will refuse obviously harmful content, but it does not know that before-and-after weight loss imagery is restricted under Meta's misleading body image policy, that crypto and gambling ads require pre-authorisation in many jurisdictions, that political content triggers special ad category enforcement, or that recently updated policies have shifted the line on testimonials and claims. The Meta Ads MCP exposes the publish endpoints but does not surface policy-rejection probability through any of its tools, because doing so would create vendor liability for stated probabilities. Cross-account and cross-region context also matters. The same creative can pass review on one account and fail on another due to historical violation patterns. The same audience targeting can be compliant in one jurisdiction and non-compliant in another due to local consumer protection or data minimisation rules. Autonomous campaign creation that ignores account history and regional context is a meaningful operational risk. The recommended pattern is human-in-the-loop with compliance pre-flight. The user issues a high-level instruction such as create a campaign for the new product launch . Claude drafts the campaign, ad sets, and creatives. Before any submit_for_review tool call, a compliance MCP server intercepts and runs a rejection probability check against the planned creative and audience. Claude surfaces the predicted risk score along with policy citations and proposed alternatives. The human reviews and approves. Claude then calls submit_for_review. The workflow is faster than manual creation but preserves accountability and avoids the operational drag of avoidable rejections. For pre-flight rejection prediction tooling, route copy and creative through Meta Rejection Predictor before submitting any production campaign. As a lower-friction alternative for ad-hoc drafting, paste the Meta Ad Compliance Rules bundle into the Claude conversation before asking it to draft creatives — Claude then has the actual Meta policy text in context rather than guessing from general training. The same principle applies to other vendor MCPs that ship through the second half of 2026 — TikTok, Google, LinkedIn, and Snap will each add publish-capable tools, and each will benefit from the same compliance pre-flight pattern.

What permissions does the Meta Ads MCP request, and how should I scope OAuth?

The Meta Ads MCP authenticates using Meta Business OAuth rather than a Developer App access token. The flow is initiated when the user runs /mcp in Claude Code or starts a conversation in Claude Desktop, and it opens a browser window to the Meta Business authorisation page. The user signs in with the Meta account that controls the relevant Business Manager, selects the ad accounts and pages to authorise, and consents to the requested scopes. The OAuth token is then stored in the operating-system credential store and the MCP server uses it to call the Meta Marketing API on behalf of the user. The scopes requested by the Meta Ads MCP cover ads management, business management, catalog management, page management, and read access to insights. The breadth is deliberate — the twenty-nine tools span enough of the Marketing API surface to require broad authorisation. The implication is that an MCP session with the Meta Ads server authorised has effectively the same permissions as a human marketing manager logged into Ads Manager with that account. Treating the OAuth token as a high-value credential is appropriate. Scoping recommendations follow the principle of least privilege at the account level rather than the API level. The Meta Ads MCP cannot reduce its scope below what the protocol requires, but the user controls which Meta accounts the OAuth-authorised user has access to. The recommended pattern is to create a dedicated Meta Business user for MCP automation, grant that user access only to the specific ad accounts and pages that should be visible to Claude, and use that user's credentials for OAuth. Production accounts with significant spend should not be authorised through the same OAuth session as test or sandbox accounts. Regional and regulatory constraints add another layer. Operations teams in the European Union should consider whether their use of MCP automation falls under Article 26 of the Digital Services Act or under broader data protection frameworks. The OAuth token grants access to audience definitions and lookalike segments that may be subject to data minimisation obligations under GDPR. The audit trail of MCP-driven actions should be exportable on request from a competent supervisory authority. For background on the regional regulatory frame, see EU DSA Compliance , which covers transparency reporting, ads repository obligations, and the broader compliance posture for ad operations under European law. Audit and rotation discipline complete the security posture. OAuth tokens should be rotated periodically through the /mcp menu in Claude Code or through Meta Business Manager directly. Authorised sessions should be reviewed every quarter to remove tokens that are no longer needed. Any suspicious activity in account logs should trigger immediate token revocation. The MCP layer is convenient enough that teams accumulate authorisations they no longer use, and pruning the registry is part of healthy operations.

How does the MCP instructions field work, and how can it enforce compliance across servers?

The MCP protocol defines an instructions field at the server-metadata level that the server returns to the client during the initialisation handshake. When Claude connects to an MCP server, the server announces its name, version, list of tools and resources, and an optional instructions string. Claude treats the instructions string as a system-prompt-level guidance fragment that applies to every conversation in which the server is connected. The mechanism is documented in the MCP specification and is supported by both Claude Code and Claude Desktop. The compliance use case for the instructions field is the most consequential application of the mechanism for advertising teams. A vendor publish MCP — Meta Ads, the upcoming TikTok MCP, Google Ads, and so on — gives Claude the ability to act against live ad budgets. The vendor server itself cannot reasonably warn Claude that an action is risky, because doing so would require the vendor to flag its own enforcement decisions. A separately installed compliance MCP can use the instructions field to instruct Claude that any campaign-creation, ad-set-creation, or submit-for-review tool call must first route through a risk check exposed by the compliance server. Claude reads the instructions on every conversation start and follows them consistently. The pattern looks like this in practice. The compliance server's instructions field contains a directive such as Before any meta-ads, tiktok-ads, google-ads, or other publish-capable tool call, call compliance.predict_rejection with the same payload. If the returned risk_score is above sixty, surface the score and policy citations to the user before proceeding. Claude treats this as binding guidance. When the user asks for a campaign launch, Claude drafts the creative, calls compliance.predict_rejection, surfaces the score, and only proceeds to the vendor publish tool after the user approves. The compliance layer is automatic, transparent, and does not require the user to remember to ask for review. Several considerations apply when designing or evaluating instructions. Length matters — the instructions field competes with the user's prompt for context window space, so the directive should be concise and specific rather than expansive. Clarity matters more than precision — Claude follows clear directives more consistently than ambiguous ones. The instructions should reference tool names that actually exist on the server and should not contradict tool descriptions. Trust matters at the protocol level — a malicious server could in theory write instructions that bias Claude in undesirable ways, so users should install MCP servers only from trusted sources and audit the instructions field of any new server before relying on it. Security implications follow. The instructions field is plaintext metadata returned by the server at handshake time. Users who want to audit a server's instructions can run claude mcp get to inspect them. Teams adopting MCP at scale should add instructions inspection to their server vetting process alongside endpoint review and OAuth scope analysis. For a deeper application of the pattern in compliance use cases, see AI Compliance Audit , which describes the risk-scoring tools that a compliance MCP can expose and the directive patterns that make Claude reliably call them in front of vendor publish tools.

What happens when two MCP servers expose tools with conflicting names?

MCP servers can in principle expose tools with the same simple name, and Claude resolves conflicts using server-prefixed identifiers. When the user installs both a Notion MCP and a Linear MCP, and both expose a tool called create_task, Claude internally distinguishes them as notion.create_task and linear.create_task. The user can usually rely on Claude to pick the right tool based on conversational context, but explicit prefixing in prompts removes ambiguity. The conflict surface grows as more vendors ship MCP servers through 2026. Several patterns help avoid problems. First, prefer servers that namespace their own tools with vendor-specific prefixes. The Meta Ads MCP, for example, prefixes most of its tools with ads_ — ads_create_campaign, ads_get_dataset_quality, ads_pause_ad — which reduces collision risk with non-Meta servers. Vendors that follow this convention reduce friction for end users running multiple connectors. Second, the registration name controls the prefix Claude uses for collision resolution. Registering the Meta Ads server as meta-ads rather than ads makes the prefix unambiguous when other ad-platform servers join the registry later. Pick distinctive names at registration time. Third, when ambiguity surfaces, run claude mcp list and claude mcp get to inspect the tool registry. The output shows server name, transport, scope, and the list of tools each server exposes. If two servers expose the same simple name, the registry shows both and reveals the prefix Claude will use. Fourth, the order of server registration does not affect collision resolution, but disabling unused servers reduces noise. If a server is registered at user scope but the current project does not use it, the tools still appear in the registry and consume context window space when Claude lists available tools. Trim the registry periodically. Practical scenarios where collisions matter most are multi-platform advertising stacks. A team running Meta Ads, TikTok Ads, Google Ads, and a compliance MCP from a third party may see overlapping tool names for create_campaign, get_metrics, pause_ad, and similar verbs. Disambiguating through registration names makes the conversation cleaner. The user can ask for meta-ads create campaign rather than create campaign and Claude routes to the correct server every time. For platform-specific reference on the Meta side, see Meta Ad Policies , which covers the policy framework that Meta's MCP enforces during the review step but does not surface in tool descriptions. Conflict resolution is rarely the bottleneck in production MCP setups. Authentication scope mismatches and configuration syntax errors are far more common failure modes. But teams running five or more MCP servers should factor naming discipline into their setup runbook to avoid quietly degraded conversations where Claude routes to the wrong server because the prompt was ambiguous.

Are vendor MCP servers safe to install on a production ad account?

Vendor MCP servers vary in safety posture, and the question is best answered by category rather than universally. Official servers published by the platform that owns the data — Meta's Meta Ads MCP, GitHub's official MCP, Stripe's official MCP — sit at the highest trust tier. The vendor controls the endpoint, the authentication scopes, the audit logs on its own side, and the policies that govern third-party access. The OAuth flow surfaces inside the vendor's own consent screen, and revocation runs through the vendor's standard credential management. Production deployment of an official vendor MCP is generally appropriate when paired with reasonable scoping discipline. Third-party MCP wrappers around vendor APIs sit at a different trust tier. A community-maintained Meta Ads MCP that runs locally and calls the Meta Marketing API with an access token controlled by the user is functionally similar to running any other Marketing API client, and the safety analysis reduces to whether the user trusts the third-party code. Open-source third-party servers can be audited by reading the source. Closed-source third-party servers cannot. For production accounts, third-party servers should be installed only when the source is auditable, the maintainer has a track record, and the scope of access is justified by the use case. Locally running servers are slightly safer than remote third-party servers because no network egress is required for the API call. Account isolation reduces blast radius regardless of server type. The recommended pattern is to dedicate a Meta Business user to MCP automation, grant that user access only to the ad accounts and pages that need to be visible to Claude, and use a payment method that can be paused at the platform level if something goes wrong. Production accounts with significant spend should not be authorised through the same OAuth session as test, sandbox, or staging accounts. Cross-account contamination through a shared OAuth token is the most common production incident pattern with MCP. Monitoring closes the loop. After an MCP-driven action, the vendor's account audit log should reflect the change with attribution to the OAuth-authorised user. Teams running MCP at scale should sample audit logs weekly to confirm that automated actions match the conversational record on the Claude side. Discrepancies — actions appearing in the audit log that the team did not authorise, or actions absent from the audit log that Claude reports as completed — warrant immediate investigation. Cross-platform safety is also a regulatory question. The European Union, several US states, and emerging frameworks elsewhere are tightening obligations around AI-driven decisions in advertising. An MCP that submits creatives, audiences, and budgets to a vendor on behalf of an advertiser is in scope for those frameworks. Teams should maintain an export-ready audit trail of MCP-driven actions and review the regulatory frame periodically. For multi-jurisdiction compliance review of an automated ad operations stack including MCP-driven workflows, run Legal Compliance Scan , which surfaces the regulatory footprint across the major frameworks and flags the audit, transparency, and consumer-protection obligations that apply to AI-assisted ad operations.

How to Add an MCP Server to Claude Code & Desktop (2026)

How to Add an MCP Server to Claude Code & Desktop in 2026 — Meta Ads Setup, Compliance Layer & Troubleshooting

Why MCP Servers Matter in 2026

The Model Context Protocol turned from niche developer specification into mainstream advertiser infrastructure during the first half of 2026. Anthropic published the protocol in late 2024, but the inflection point arrived on April 29, 2026 when Meta launched its official MCP server at mcp.facebook.com/ads for both Claude and ChatGPT users. The Meta launch turned a developer protocol into a marketing automation surface that runs against live ad budgets.

Before April 2026, MCP installs were mostly engineering experiments — connecting Claude to GitHub, Linear, Postgres, or local file systems. Marketing and advertising teams treated MCP as something engineers played with on weekends. The Meta Ads MCP shifted that posture. With twenty-nine production-grade tools spanning campaign creation, catalog management, performance reporting, and signal diagnostics, MCP became the way ad operators actually use Claude on production accounts.

The setup, however, remains under-documented for non-developer audiences. Adding a server to Claude Code is a single command. Adding one to Claude Desktop is a single JSON edit. But the differences between transports, scopes, and authentication models trip up first-time installers — and the compliance implications of running automation against live ad accounts are larger than most teams realize.

"The Meta Ads MCP turned MCP from a developer convenience into operating infrastructure for advertising teams. The setup is simple. The compliance posture is not."
— AuditSocials connector brief, May 2026

This guide covers the actual commands and JSON for both Claude Code and Claude Desktop, walks through Meta Ads MCP installation end-to-end, and surfaces the compliance gap that vendor MCP servers cannot close on their own. Track ongoing changes through the Policy Tracker.

Adding an MCP Server to Claude Code

Claude Code (Anthropic's command-line agent) supports MCP through the claude mcp add command. The syntax accepts a transport flag, a server name, a URL or executable command, and optional scope, headers, and environment variables. All flags must come before the server name; on stdio servers a literal -- separates options from the launch command.

Command Syntax

Element	Value	Notes
Command	`claude mcp add`	Available in Claude Code v2.1.64 and later
Transport	`--transport http`	Use http for remote vendor servers; stdio for local processes
Name	Short identifier	Lowercase, hyphenated; how you reference the server in chat
URL	Vendor endpoint	For example `mcp.notion.com/mcp` or `mcp.facebook.com/ads`
Headers	`--header "Name: value"`	Used for static API keys or bearer tokens
Env vars	`--env KEY=VALUE`	Used by stdio servers for runtime configuration
Scope	`--scope local\|project\|user`	Determines where the configuration is stored and shared

Scope Behaviour

Local (default): Stored in ~/.claude.json. Visible only to the current project on the current machine. Best for personal testing.
Project: Stored in .mcp.json at the project root. Tracked in git, shared with the team. Best for shared engineering tools.
User: Stored in ~/.claude.json but available across every project on the machine. Best for personal productivity servers and compliance layers.

Authentication Patterns

OAuth (interactive): Most modern vendor MCP servers — including Meta Ads — use browser-based OAuth. After running claude mcp add, run /mcp inside Claude Code to trigger the OAuth flow.
Static headers: Older or simpler servers accept a bearer token via --header. Useful for internal tools or self-hosted MCP wrappers.
Environment variables: Stdio servers expect API keys passed at launch via --env.

For a deeper compliance check on whatever the server lets Claude do against your ad accounts, run AI Compliance Audit before authorising production access.

Verifying Installation

After adding a server, run claude mcp list to confirm it appears in the registry. The list shows status (connected, pending, error), transport type, and scope. Run claude mcp get <name> to see configuration details and OAuth state. To remove a server, use claude mcp remove <name>. To import existing servers from a Claude Desktop installation on the same machine, use claude mcp add-from-claude-desktop.

Adding an MCP Server to Claude Desktop

Claude Desktop uses a single JSON configuration file rather than a CLI. Edit the file directly, save it, and restart Claude Desktop to pick up the change. The file path varies by operating system and the JSON format is unforgiving — invalid syntax silently disables every server in the file rather than just the broken entry.

Configuration File Paths

Operating System	Path
macOS	`~/Library/Application Support/Claude/claude_desktop_config.json`
Windows	`%APPDATA%\Claude\claude_desktop_config.json`
Linux	`~/.config/Claude/claude_desktop_config.json`

JSON Structure

The file is a JSON object with a single top-level mcpServers property. Each server is a key under that object, with a value that depends on transport.

Stdio entries include type: "stdio", command, an args array, and an optional env object for credentials.
HTTP entries include type: "http", a url, and an optional headers object for static authentication.

Stdio Server Example

Stdio servers run as a local subprocess. Claude Desktop launches the command, passes the args, sets the environment, and communicates over stdin and stdout. Use stdio for local tools such as a self-hosted Postgres or Airtable wrapper. Verify the command path resolves before saving — a broken command string surfaces as a connector error after restart.

HTTP Server Example

HTTP servers run remotely. The configuration only needs a URL and optional headers. Use HTTP for vendor servers such as Meta Ads, Notion, Linear, Stripe, or any compliance MCP hosted on a public endpoint. Authentication for HTTP servers is usually OAuth, which Claude Desktop launches automatically the first time the server is needed.

After Editing

Save the file with valid JSON syntax, then quit and relaunch Claude Desktop. The server appears under the connector list inside any new conversation. If a server fails to start, Claude Desktop surfaces the error in the connector tray with a status indicator. For multi-jurisdiction risk review on whatever automation those servers enable, route the workflow through Legal Compliance Scan.

Real-World Walkthrough: Meta Ads MCP

Meta launched its official MCP server on April 29, 2026 at mcp.facebook.com/ads. The server exposes twenty-nine tools across five families covering the full ad lifecycle. Setup takes a single command in Claude Code or a five-line JSON block in Claude Desktop. Authentication is OAuth, scoped to a Meta Business account.

Installation in Claude Code

Command: claude mcp add --transport http meta-ads https://mcp.facebook.com/ads
Authenticate: Run /mcp inside Claude Code, select the meta-ads server, and complete the OAuth flow in the browser window that opens.
Verify: Run claude mcp list and confirm the server status shows as connected.

Installation in Claude Desktop

Add a single entry to the mcpServers object in claude_desktop_config.json with the following fields, save, and restart Claude Desktop. The first conversation after restart prompts for OAuth.

Server name: meta-ads (or any unique label)
type: http
url: https://mcp.facebook.com/ads

No developer app, no API token, no Graph API allowlist. The OAuth flow grants Claude access to whichever ad accounts the authenticating user already controls inside Meta Business Manager.

The Twenty-Nine Tools

Family	Approx. Count	Examples
Dataset and pixel	4	Pixel quality, event drop diagnostics, error retrieval
Campaign management	8	Create, pause, update campaigns, ad sets, and ads
Catalog and audience	8	Product catalog management, custom audiences, lookalike segments
Performance insights	5	Spend metrics, benchmarks, attribution windows
Diagnostics	4	Account health, signal validation, restriction checks

Common Workflows

Performance review: "Summarise spend, ROAS, and frequency for last week's campaigns broken down by ad set."
Creative iteration: "Pause the worst-performing ad in each ad set and duplicate the best performer with a 20% budget increase."
Catalog hygiene: "List products with broken image URLs or missing GTIN values."
Diagnostic triage: "Why did pixel events drop on the checkout page yesterday?"

The tools cover Facebook, Instagram (feed, story, reel), and Audience Network uniformly. For policy-specific risk before campaign creation, route copy and creative through Meta Rejection Predictor first.

The Compliance Gap MCP Leaves Behind

An MCP server gives Claude the ability to act. It does not give Claude the knowledge to act safely. This distinction is the largest gap that Meta's official server, and every vendor MCP that follows, leave behind. Claude has general safety training but no internalised understanding of platform-specific advertising policies, regional regulatory frameworks, or the rejection patterns of specific ad accounts.

When a user asks Claude to publish a creative through Meta Ads MCP, Claude calls create_ad_creative and submit_for_review in sequence. There is no intermediate step that asks whether the copy violates Meta's misleading claims policy, whether the image triggers the personal attribute targeting rule, whether the audience definition implicates Special Ad Categories, or whether the regional flight schedule conflicts with the EU Digital Services Act. Claude submits, Meta reviews, and the rejection arrives twenty-four to forty-eight hours later — after the budget slot is already spent.

What Vendor MCPs Cannot Reasonably Do

Capability	Why Vendor MCPs Skip It
Predict rejection probability	Self-incrimination risk; vendor liability for stated probability
Surface policy change alerts	Vendors cannot proactively warn about their own policies without admitting risk
Cross-platform comparison	Meta cannot reference TikTok, Google, or LinkedIn enforcement
DSA enforcement intelligence	EU Transparency Database is third-party regulator data
Independent audit trail	Vendor-controlled history is not regulator-defensible

Closing the Gap with a Compliance Layer

The MCP protocol supports a server-side instructions field. When loaded into Claude, the field becomes part of the system prompt for every conversation. A compliance-focused MCP can use this field to instruct Claude that any campaign-creation tool call must first route through a risk check. With the right instructions, Claude will automatically call the compliance tool before any vendor publish tool, even when the user does not explicitly ask for review.

The pattern is straightforward and transparent. The compliance server exposes tools such as predict_rejection, cross_platform_risk, and policy_change_lookup. Its instructions field tells Claude to call those tools in front of any Meta, TikTok, Google, LinkedIn, or X publish action. The user installs the compliance server alongside the vendor server and benefits from the chained workflow without changing prompt habits.

For the AuditSocials approach to this layer — including cross-platform risk scoring, DSA enforcement context, and policy-change alerts — see the AI Compliance Audit tool. For background on the regulatory frame, see EU DSA Compliance.

A lighter-weight workaround until a compliance MCP is in place: paste the relevant policy bundle into the conversation before asking Claude to draft creatives. The Meta Ad Compliance Rules bundle covers Facebook and Instagram policy text formatted for direct injection across seven regions and six regulated industries, raising Claude's policy literacy from general to Meta-specific in a single paste.

Common Errors and Fixes

Most MCP setup failures fall into four families: configuration syntax, authentication, transport, and tool output limits. The fixes are usually mechanical once the symptom is identified.

Diagnostic Table

Symptom	Likely Cause	Fix
Server does not appear in `claude mcp list`	Missing flag order or invalid scope	Place flags before name; run with `--scope user` for cross-project visibility
Server status shows error in Claude Desktop	Invalid JSON in config file	Validate config with a JSON linter; common issues are trailing commas and unquoted keys
OAuth window never opens	Browser callback port blocked	Use `--callback-port 8080` or open the firewall on the printed port
OAuth completes but tools do not appear	Token scope mismatch or stale session	Run `claude mcp remove` then re-add; clear OAuth state through the `/mcp` menu
Tool output cut off mid-response	Default 10,000 token cap	Set `MAX_MCP_OUTPUT_TOKENS=50000` before launching Claude Code
Stdio server fails to launch	Command path or missing dependency	Run the command directly in a terminal; verify Node, Python, or system dependencies
Server connects but tools error on call	Insufficient OAuth scopes	Re-authorise with the right Meta Business or vendor permissions

Where to Look for Logs

Claude Code: Run /mcp for a status summary; the ~/.claude/logs/ directory contains transport and session logs
Claude Desktop: The connector tray surfaces the most recent error; deeper logs live alongside the config file in the Claude application support directory

Persistent failures are usually an authentication scope issue rather than a transport bug. Confirm that the OAuth-authorised account actually has access to the resources the tool needs.

MCP Setup Checklist

[ ] Confirm Claude Code v2.1.64 or later (run claude --version)
[ ] Decide scope before adding the server (local for testing, project for team, user for cross-project)
[ ] Use --transport http for vendor servers; reserve stdio for local tools
[ ] Validate claude_desktop_config.json with a JSON linter before saving
[ ] Restart Claude Desktop after every config change
[ ] Run /mcp to complete OAuth for any newly added server
[ ] Verify connection with claude mcp list before relying on the server
[ ] Layer a compliance MCP in front of any publish-capable vendor server
[ ] Set MAX_MCP_OUTPUT_TOKENS if a tool returns large reports
[ ] Document approved MCP servers and scopes in your team's runbook
[ ] Subscribe to vendor changelogs and the Policy Tracker for ongoing updates

Don't miss the next policy change.

Subscribe to the Policy Tracker — get weekly digests or instant Pro alerts across all 8 platforms. Or try our free Keyword Risk Checker first.

Subscribe Free

Report Keywords — Run AI Compliance Audit

#MCP#Claude Code#Claude Desktop#Model Context Protocol#Meta Ads MCP#AI Tooling#Setup Guide#Compliance Guide 2026#Ad Compliance#Developer Tools#2026 Policy#Advertisers

Share This Report

Tweet Share

Cannabis & CBD Social Media Ad Compliance Guide 2026 — Platform-by-Platform Rules, State Laws & Safe Advertising Strategies

A comprehensive 2026 compliance guide to cannabis, CBD, and hemp advertising on every major social media platform. Covers what's allowed, what's banned, topical vs ingestible rules, US state-by-state legal impact, and actionable strategies to run compliant campaigns without getting flagged.

The Ultimate Influencer Compliance Guide 2026 — FTC Rules, Platform Tools & Disclosure Best Practices

The definitive influencer compliance guide for 2026 covering FTC endorsement rules, EU DSA obligations, platform-by-platform disclosure tools, and the most common mistakes that lead to enforcement actions. Everything creators and brands need to stay compliant across Meta, TikTok, YouTube, and beyond.

UGC Creator Ad Compliance Guide 2026 — Disclosure Rules for User-Generated Content Campaigns

UGC creators face unique disclosure obligations when brands run their content as paid ads. This guide covers whitelisting compliance, spark ads rules, contract requirements, and platform-specific UGC ad policies for 2026.

How to Add an MCP Server to Claude Code & Desktop in 2026 — Meta Ads Setup, Compliance Layer & Troubleshooting