MCP agent integration
Lipafy exposes an MCP server at:
The endpoint uses JSON-RPC over HTTP. It supports initialize, ping, tools/list, and tools/call.
Authentication
MCP clients should use OAuth when they support it. Lipafy publishes:
The OAuth server supports authorization code + PKCE, refresh tokens, dynamic client registration, and token revocation.
If the user is not signed in when the OAuth flow starts, Lipafy sends them to the dashboard login page and then returns them to the original OAuth authorization request after login.
Current OAuth scopes:
Client setup
Use this server config in clients that support Streamable HTTP MCP:
Client behavior differs. Some hosts start the OAuth flow from the MCP metadata; others require you to paste a bearer token or run their own connect/login command.
Tools
Lipafy currently exposes these built-in MCP tools. Active capabilities can also appear as direct dynamic tools when their slugs do not conflict with built-in tool names.
Read tools
Capability + wallet action tools
Send money to a person
Approval behavior
Lipafy is not meant to ask the user before every ordinary payment. The intended flow is:
- The user connects the agent once.
- Lipafy checks the grant, wallet balance, spending controls, capability rules, and mandate rules on each action.
- If the action is allowed, execution continues.
- If the action needs a top-up, exceeds controls, or needs human review, the tool response tells the agent to pause and request approval.
For most in-policy calls, agents should use lipafy.execute_capability directly. Use lipafy.request_approval only when Lipafy returns escalation_required or the agent is about to do something high-value or risky.
Example
The agent should:
- Call
lipafy.list_capabilitiesif it does not know the slug. - Call
lipafy.execute_capabilitywith the slug and request body. - If Lipafy returns an approval or top-up requirement, stop and surface that to the user.
Current support
- MCP responses use JSON over HTTP.
- OAuth supports gateway access and wallet read access.
- Capability-level execution is controlled by wallet balance, grants, spending controls, approvals, and mandates.
