SaaS MCP integration in one day—what went right and wrong
A two-week OAuth sprint became a 24-hour success when a night-leisure SaaS plugged into the new Model Context Protocol—only for ChatGPT to expose a dozen subtle mismatches between spec and reality.
Behind the fast turnaround
tasteck, a B2B dispatch platform for Japan’s night-leisure venues, already managed 100 live locations and eight years of operational data. When the MCP design post dropped, the team estimated a two-week OAuth push beginning June 16. By reading the spec first, the entire integration landed in a single day. The core tools—listing available drivers, today’s cast shifts, and assignable casts—were wired into a NestJS controller via the @modelcontextprotocol/sdk and served over Streamable HTTP with Server-Sent Events.
Twelve traps that blocked ChatGPT
OpenAI’s assistant still needed 12 fixes before it could invoke any tool. The most costly was a guard mismatch: staff-login JWTs and OAuth access tokens relied on different secrets, so every POST to /sse/:companyId returned 401 until a new OAuthAccessTokenGuard (RS256 + HS256 fallback) was added. Transport expectations also tripped things up; the MCP SDK expected POST /sse with JSON-RPC directly, while the legacy SSEServerTransport lived elsewhere. Cache behavior complicated debugging: ChatGPT cached “no tools” across fixes until the flow was restarted. Even naming conventions caused confusion—ChatGPT guessed get_available_drivers when the actual endpoint was list_available_drivers—though the real blocker was the empty tools/list payload that only surfaced after the guard and transport issues were resolved.
Source: DEV Community. AI-assisted editorial synthesis — TechnoExpress.