- ExpressVPN launches the industry’s first Model Context Protocol (MCP) server
- The beta allows AI agents to interact directly with its VPN desktop apps
- The feature is opt-in, runs locally and operates under a strict no-log policy
ExpressVPN has announced the beta launch of its Model Context Protocol (MCP) server, becoming the first major provider to allow AI tools to interact directly with its desktop applications.
Announced today (March 5), this addition bridges the gap between the best VPN services and the thriving world of AI agents. By adopting the open standard introduced by Anthropic in late 2024, ExpressVPN effectively allows developers to control their network security using natural language or automated scripts in their coding environments.
Previously, if a developer using an AI assistant needed to test a geo-specific API or verify a secure connection, they had to leave their workflow to manually change settings in the VPN app. Now, compatible AI tools like Anthropic’s Claude Code and OpenAI’s Codex can read the VPN’s status, switch regions, and troubleshoot connection issues on behalf of the user.
Bringing AI to network security
The Model Context Protocol (MCP) is an open standard designed to connect AI systems with external data and tools. While many developer platforms have adopted it since its introduction, network infrastructure has largely remained a manual affair – until now.
ExpressVPN’s implementation creates a “strictly local bridge” between the AI tool and the ExpressVPN desktop app on macOS, Windows or Linux. This means developers can issue commands in plain English, such as “switch to a US server” or “check if my connection is secure,” and the AI agent executes them through the MCP server.
Shay Peretz, COO of ExpressVPN, says the move is about removing friction for tech users living in their terminals.
“Developers are increasingly relying on AI agents to automate complex tasks, yet their network environment has remained manual,” Peretz said. “Our MCP server brings VPN control into these workflows, enabling secure testing, troubleshooting, and region switching without interrupting their workflow.”
Peretz added that the company sees MCP becoming a “fundamental standard for how AI systems interact with external tools.”
Private by design
Allowing an AI to control network settings may raise eyebrows regarding security, but ExpressVPN emphasizes that the feature is “private and secure by design.”
It is crucial that the integration is disabled by default; users must actively opt-in through the desktop app settings. Also, the MCP server operates on a fixed command permission list. It cannot access account credentials or session information, ensuring that the AI agent is not given free rein over sensitive user data.
The company also confirmed that the new feature works under its strict no-logs policy. “Activity logs, connection logs, and destination data are not collected or stored,” ExpressVPN said.
Who is this for?
While the average user may not need their AI chatbot to switch VPN servers just yet, this is a significant quality of life upgrade for software engineers and QA testers.
The beta version enables developers to automate tasks such as verifying secure connections before running scripts, testing geo-sensitive APIs across multiple regions, and diagnosing network issues through AI-assisted workflows. It essentially removes the need to context switch between a code editor and the VPN client.
The MCP server beta is available starting today, March 5, 2026, for individual users and ExpressVPN for Teams customers on all major desktop platforms. You can find more details on the ExpressVPN features page or their support guide.
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds. Be sure to click the Follow button!
