Strapi Community Call Recap: Updates, Native MCP Server, FlowGine & Better Auth Plugin

TL;DR

• Strapi is actively building a native MCP server into its core, complete with granular API token permissions, so AI agents can manage your CMS content through a standardized protocol.
• Community contributor Kevin demoed FlowGine — a free, n8n-style workflow automation tool built natively inside Strapi, with triggers, drag-and-drop actions, and a visual canvas.
• Ecosystem lead Boaz showed a proof-of-concept Better Auth plugin that replaces the built-in users-and-permissions system with a self-hosted, feature-rich auth solution (2FA, passkeys, magic links).
• Community member Alex (Webist) showcased how a single custom Strapi plugin can automate ingestion of thousands of events daily from fragmented external providers — no human intervention needed.
• 30% of all Strapi PRs merged over the past two months came from the community — a real signal of how open the project has become.

Watch full stream here or continue reading for summary and highlights.

This was one of the more community-heavy calls in recent memory — six presenters, three live demos, and a product roadmap update all packed into an hour.

It's a good snapshot of where Strapi is headed: tighter AI integration, a richer plugin ecosystem, and a development process that's increasingly shaped by the people building with it every day.

Strapi Updates: Community PRs & Product Direction

▶ Watch this section

Marco opened with two striking numbers: 50 community PRs merged since the beginning of the year, and 30% — meaning one in every three pull requests merged into Strapi over the past couple of months came directly from the community. These aren't vanity metrics; they reflect a deliberate shift the team made earlier in the year when CEO Pabuji publicly recommitted to deepening the community relationship.

Rather than shipping headline features in this cycle, the team focused on closing long-standing developer requests. Highlights include:

• Admin panel responsiveness improvements across the content manager
• Persistent filters — your filtering preferences now survive navigating away and back
• A new filter-by-status option requested by the community
• A setting to control how relations open (modal, new tab, or side panel)
• Media library upgrades: focal point setting on images, uploading media directly from a URL
• Various security and developer experience enhancements

Marco also made a point worth underlining: discussions have moved to GitHub. If you want your questions and issues to land directly in front of the engineering team, that's where to post them. Discord office hours still run for more casual conversation.

Looking ahead, the team plans to keep closing community PRs, tackle performance issues, and ship something new in the near term — plus the MCP initiative detailed below.

Join the discussion on GitHub

Engineering Showcase: Native MCP Server in Strapi Core

▶ Watch this section

Nico walked through what is arguably the most architecturally significant initiative on Strapi's current roadmap: a native MCP (Model Context Protocol) server baked directly into Strapi core.

Why MCP Matters for a CMS

MCP is an open protocol — built on JSON-RPC 2.0 — that standardizes how AI agents discover and invoke tools across your stack. Think of it the way HTTP standardized web communication: instead of every AI integration requiring custom glue code, MCP gives you a single, consistent interface. For a headless CMS like Strapi, this means your AI assistants (Claude, Cursor, Copilot, etc.) can directly read, create, update, and delete content through a structured protocol rather than one-off API scripts.

What Makes This Different from Community MCP Servers

Several community MCP wrappers for Strapi already exist (like VirtusLab plugin). Strapi's native approach goes further in two important ways:

1. Granular API Token Permissions The team is shipping a new admin API token system alongside the MCP server. You'll be able to create multiple tokens, each scoped to specific permissions — so a content automation agent gets only the content management tools it needs, while a separate deployment agent might have access to settings. This is proper least-privilege access control for AI workflows.

2. Built into the HTTP server, not a sidecar The MCP server is exposed as a new route on Strapi's existing HTTP server. That means whenever your Strapi instance is running, the MCP endpoint is live — no separate process to manage, no extra deployment steps. This makes remote instances (production, staging) just as accessible as local development setups.

3. Plugin authors get the API too Because this is part of core, any Strapi plugin can register its own MCP tools. A plugin for e-commerce, for example, could expose inventory management tools directly to an AI agent without any extra configuration.

The RFC is open on GitHub — Nico specifically asked for community feedback while the feature is still in development. Jump into the discussion if you have strong opinions about the tool design or permission model.

Community Showcase: FlowGine — Native Workflow Automation for Strapi

▶ Watch this section

Kevin (of the two-factor auth plugin Headlockr.io) unveiled his second Strapi plugin: FlowGine — a free, drag-and-drop workflow automation tool that lives entirely inside your Strapi instance. He described it as "n8n for Strapi," though with an important caveat: it's intentionally less flexible than n8n because it's built to leverage Strapi's internals directly.

How FlowGine Works

Every workflow starts with a trigger. The standout trigger type is the Strapi CRUD trigger, which hooks into Strapi's internal event hub system. Any plugin or core code that emits an event (publishing, updating, deleting) can be listened to and acted upon. Other trigger types include schedulers (cron jobs), with webhooks listed as coming soon.

After a trigger fires, you chain actions. Built-in action types include:

• Strapi CRUD Action — create, find, or update any content type entry
• HTTP Request — call external APIs with custom headers and methods
• Custom actions defined in your own plugin code via a Node.js integration file

The workflow canvas is free-form: drag, position, and connect nodes however you like. A test pane lets you inspect the exact payload shape at each step before going live — similar to Zapier or n8n's test-run functionality.

Demo: Content Moderation Workflow

Kevin showed a live example: a workflow that listens for content publish events and checks whether the blog post title contains the word that is not allowed, If it does, the workflow automatically unpublishes the post and sends a notification to the author. The execution log captures everything that passed through the pipeline, and you can re-trigger a run directly from the UI.

What's Coming

Kevin mentioned branching is already in the system, with loops coming soon. The team is also in early discovery on how to build agentic AI workflows into FlowGine — think LLM-powered decision nodes embedded in your automation. On the infrastructure side, a headless mode (running FlowGine on a separate process from Strapi) is on the roadmap for teams with high-frequency workflows.

Find it at FlowGine

Community Showcase: Better Auth Plugin for Strapi

▶ Watch this section

Boaz (Strapi's ecosystem advocate and self-described plugin addict) presented a proof-of-concept plugin that tackles a pain point many developers hit: the limitations of Strapi's built-in users and permissions plugin.

The Problem

While the native plugin covers the basics, it lacks features like two-factor authentication for end users, passkey support, and a comprehensive RBAC model that developers want when building user-facing applications on top of Strapi.

Enter Better Auth

Better Auth is an authentication library that lets you self-host a full authentication system with all the data stored in your own database. Unlike hosted solutions (e.g., Clerk.js), there's no external service storing your users — everything lives in your Strapi/Postgres database. Better Auth provides a rich API for sign-in, 2FA, passkeys, magic links, OAuth, and more.

Boaz's plugin — currently in alpha — is available at https://github.com/strapi-community/plugin-better-auth.

It installs Better Auth into Strapi, adds a set of better_auth_* tables to your database, and exposes all the auth endpoints under /api/better-auth. Your frontend sets that URL as the Better Auth base URL and gets access to the full feature set.

Live Demo Highlights

The demo showed: 1. Registering a new user via a Next.js frontend powered by Better Auth UI components 2. The user record appearing in the Strapi database immediately 3. Enabling 2FA by adding two lines of config in the plugin 4. Scanning a QR code in an authenticator app and verifying the 2FA code on next sign-in 5. Relating the Better Auth user to any Strapi content type (e.g., blog post ownership)

The biggest remaining gap before this can replace the users-and-permissions plugin entirely is a role-based access control (RBAC) layer — scoped permissions per role, the same way the native plugin works. If you want to help build that out, hit up Boaz directly.

New Strapi Marketplace Coming

Boaz also teased that a completely rebuilt Strapi plugin marketplace is in progress. It'll include Better Auth under the hood (meta: the marketplace itself will be a Strapi app using the plugin Boaz is building), plus richer plugin management features. The goal is to raise the bar for plugin discoverability and make it easier for developers to build a sustainable business around their Strapi plugins.

Community Showcase: Supercharging Strapi with Custom Plugins

▶ Watch this section

Alex (Webist), longtime community member and now part of the Strapi team, walked through a deeply practical example: a custom plugin he built for a national library events platform in the UK.

The Problem: Fragmented Event Data

Libraries across the UK each use their own ticketing platform — Eventbrite, Solace, Spidus, custom APIs, and (in 2026) some still use XML feeds. The platform's goal is to aggregate all UK library events under one roof. The challenge: thousands of credentials, wildly different data shapes, duplicate tags, and no central source of truth.

What the Plugin Does

The plugin runs nightly via a cron job and handles the entire ingestion pipeline:

1. Credential validation — checks each API key is active before hitting the provider
2. Raw data fetch — pulls all events from the third-party source
3. Venue mapping — uses heuristics first, then falls back to AI (LLM) to match incoming venue strings to canonical venue records in Strapi
4. Tag normalization — maps the provider's free-form tags to Strapi's controlled vocabulary using contextual AI matching
5. Cleanup and upsert — creates or updates entries in Strapi (164 events shown live in the demo)

The plugin also exposes a manual import UI inside the Strapi admin panel so content editors can test a new credential immediately after adding it, watching a real-time log stream via WebSocket as the pipeline runs — without needing to ping a developer.

The Broader Lesson

Alex's example illustrates why the Strapi plugin architecture is so powerful: you can solve genuinely complex, domain-specific problems entirely within your CMS layer, with full access to Strapi's controllers, services, and routing. Content editors self-manage integrations; developers aren't paged every time a new library wants to connect. The system just works.

If you're sitting on a similar integration problem and want to make this open source, Alex mentioned he might be open to publishing the code.

Community Highlights & Resources

▶ Watch this section

A few other callouts from the call:

• Team NOTUM got a shoutout for their Strapi TipTap editor plugin and their actively maintained Strapi Next.js starter template — worth checking out if you're bootstrapping a new project.
• Launchpad the official Strapi + Next.js starter has had a wave of recent improvements; it's now on the latest Next.js and is maintained collaboratively by the Strapi team and community contributors.
• Strapi Agent Skills on GitHub Discussions — Paul shared two custom skills: one that auto-scaffolds an entire Strapi app from a plain-English description ("I want an e-commerce site"), and one that scaffolds custom fields. Community members have also started sharing their own skills there.
• Open office hours run weekly at 12:30 PM CST on Discord — not just for support, but for feedback, hanging out, and shaping where Strapi goes next.

Getting Involved

Everything discussed in this call is either open source or has a public RFC:

• MCP RFC
• FlowGine
• Better Auth Plugin (alpha — contributors welcome)
• Plugin developmen resources
• Plugin developmen tutorial
• Agent Skills Discussion

Resources

• Strapi Community Call Recording: https://youtube.com/watch?v=yyTTeABU-io
• FlowGine: https://flowgine.io
• Better Auth: https://www.better-auth.com
• Better Auth Strapi Plugin (Boaz): https://github.com/strapi-community/plugin-better-auth
• Strapi GitHub Discussions: https://github.com/strapi/strapi/discussions