Connect and authenticate
Production MCP endpoint, streamable HTTP, Cursor and Claude setup, credential modes, and direct tool calls.
Thirdfy MCP is a managed Cloudflare Workers endpoint. You connect your agent host to it and call tools directly. There is no public open-source MCP repository to clone or self-host.
Production endpoint
| Item | Value |
|---|---|
| Base URL | https://mcp.thirdfy.com |
| MCP connector | POST https://mcp.thirdfy.com/mcp (streamable HTTP) |
| Tool REST | POST https://mcp.thirdfy.com/tool/<toolName> |
| Tool manifest | GET https://mcp.thirdfy.com/tools |
| Health | GET https://mcp.thirdfy.com/health |
Use GET /health and GET /tools as smoke checks after you add the connector. The live manifest is the source of truth for tool names on the shipping endpoint.
HTTP surfaces
| Surface | Path | Auth |
|---|---|---|
| MCP connector | POST /mcp | Per tool policy |
| Tool REST | POST /tool/<toolName> | Per tool policy |
| Health | GET /health | Public |
| Tool manifest | GET /tools | Public |
| Chat capabilities | GET /chat/capabilities | Public |
| Agents list | GET /agents | Bootstrap / agent / full key |
| Providers resource | GET /resources/providers | Public (thirdfy://providers) |
| Catalog resource | GET /resources/actions/catalog | Public (thirdfy://actions/catalog) |
Claude Managed Agents
Create the agent in Claude Console (see Anthropic docs), then add an MCP connector (streamable HTTP):
- Set the URL to
https://mcp.thirdfy.com/mcp. - Complete onboarding with bootstrap or
agent_api_key(see Authentication below). - Start with
getActionsCatalogandgetProviderActionsbefore any write.
Full walkthrough: Claude Managed Agents.
Cursor and OpenClaw
Add Thirdfy MCP to your host MCP config with streamable HTTP transport pointing at https://mcp.thirdfy.com/mcp.
Example Cursor mcp.json entry:
Pass agentApiKey on credentialed tools. For hosted runtimes, optional executionContext (runtimeId, orgId) on walletExecute, executeIntent, and agentRun attributes credits to the correct runtime.
Prefer getProviderActions (not the legacy getTradingProviderActions alias) for venue discovery.
Direct tool calls (no MCP host)
Agents and scripts can call tools over HTTP without an MCP session:
Credentialed writes pass the agent key in the JSON body and/or Authorization: Bearer <agent-api-key>:
Full tool list and auth profiles: Tools reference.
Authentication
Auth policy is enforced per tool across /mcp and /tool/*. Backend execution remains fail-closed even when MCP accepts a call.
Credential modes
| Mode | Token shape | Typical use |
|---|---|---|
none | No credential | Public discovery, allowlisted read tools |
bootstrap | btp... | Short-lived onboarding from POST /auth/bootstrap/issue |
agent_api_key | agent-... | Managed agent execution (preferred) |
full_api_key | Operator key | Privileged maintenance and private integrations |
Bootstrap issuance supports:
- Session proof:
ownerSessionTokenorauthToken - Wallet proof:
challengeId+signaturevia the onboarding verifier route
Anonymous-safe read tools
Callable without credentials (illustrative list):
getActionsCataloggetProviderActionsgetChainCapabilitiesgetNonEvmCapabilitiesgetThirdfyHelpdescribeOnboardingPathstartEmailOnboardingcompleteEmailOnboardinglistTools
All writes, delegation mutations, wallet execution, and portfolio reads require credentialed modes per tool authProfile.
Bootstrap-allowed tools
Bootstrap tokens may call setup tools such as agentRegister, managedWalletInit, delegationCreate, agentWalletBootstrap, and walletExecute when policy allows. Full matrix: Tools reference.
HTTP failure semantics
| Code | Meaning |
|---|---|
401 / 403 | Credential mode or tool policy denied |
404 | Unknown route or tool |
429 | Rate limited |
5xx | Upstream Thirdfy API failure |
CEX credentials
MCP never accepts raw Bitfinex (or other CEX) API keys. Tools pass credentialRef metadata to Thirdfy API only. Store credentials with the CLI or API; see Bitfinex integration.
Recommended first session
Optional later: agentRegister (directory profile) or Creator Platform (web UI).
Chapter guides: Discovery · Onboarding · Execution
Security reminder
MCP is a public edge surface, not a trust boundary. Never paste operator or full platform API keys into agent prompts. Use agent_api_key or bootstrap tokens scoped to your agent.