Developers · MCP
Jupid MCP
Connect Claude, ChatGPT, Cursor, Codex, and other MCP clients to your Jupid workspace. Accounts, transactions, counterparties, Schedule C reports, and open questions — returned as structured JSON to whatever AI agent you’re using. Canonical documentation lives on the Jupid developer portal.
Looking for the non-technical tour? See the MCP overview.
Overview
The Jupid MCP server exposes thirteen tools over the Model Context Protocol. An MCP-capable client — Claude Desktop, Claude Code, Cursor, VS Code, Windsurf, ChatGPT, Codex, or any custom agent — can call these tools on the user’s behalf to answer questions grounded in live Jupid data.
What you can do: orient the agent ( getProfile, listAccounts, listCategories), search and inspect transactions ( searchTransactions, getTransaction), look up vendors and clients ( searchCounterparties, getCounterparty), generate cash-flow and Schedule C P&L reports ( getCashflowReport, getPnlReport), work through open questions ( listOutstandingIssues, answerOutstandingIssue), and check setup and billing state ( getAgentConnectionInfo, getBillingStatus). Twelve of the thirteen tools are read-only; the only write tool answers an existing open issue.
Requirements: an active Jupid account (sign up at app.jupid.com) and an MCP client. Authentication happens through OAuth 2.1 on first use — no secrets to paste.
Transport: streamable HTTP in HTTP-only mode — JSON-RPC over POST, stateless per request, no SSE stream (GET returns 405). Clients that only speak stdio can use mcp-remote as a proxy.
Quickstart
Pick your client. Each tab shows the exact config and where it lives. OAuth runs the first time a tool is called — most clients open a browser window automatically.
Claude Desktop connects to Jupid natively as a remote connector — no config files, no proxy.
Open Settings → Connectors → Add custom connector and paste the Jupid MCP URL.
https://backend.jupid.com/mcpSign in to Jupid in the browser window that opens, approve the consent screen, and return to Claude. Connectors require a Claude Pro, Max, Team, or Enterprise plan.
Authentication
Jupid MCP authenticates with OAuth 2.1 — there are no API keys or static tokens. Every client listed above completes the same browser sign-in flow on first connection.
OAuth 2.1 with PKCE
Authorization code flow with PKCE (S256, required) plus Dynamic Client Registration (RFC 7591). Any compliant MCP client can connect without pre-registration — Jupid issues a client ID on the fly, and the user approves access on a consent screen during sign-in.
Discovery follows the MCP spec: WWW-Authenticate: Bearer resource_metadata="…" on the first 401, then the client fetches the .well-known/oauth-protected-resource document, which points to the authorization server. No manual configuration on your side.
- Authorization server metadata: backend.jupid.com/.well-known/oauth-authorization-server
- Protected resource metadata: backend.jupid.com/.well-known/oauth-protected-resource/mcp
- Token lifetimes: access tokens last 1 hour; refresh tokens last 30 days and are rotated automatically by the client. Authorization codes expire after 5 minutes.
- Client type: public clients only (
token_endpoint_auth_method: none). Redirect URIs must match exactly; loopback addresses (localhost, 127.0.0.1, [::1]) are allowed for local agents. - Scopes: access to the authenticated user’s own accounts, transactions, counterparties, reports, and open issues — nothing across accounts.
Once authorized, tool calls are plain JSON-RPC over POST with the OAuth access token as a Bearer header — your MCP client handles this automatically:
curl https://backend.jupid.com/mcp \
-H "Authorization: Bearer <oauth-access-token>" \
-H "Content-Type: application/json" \
-d '{"jsonrpc":"2.0","id":1,"method":"tools/list"}'Available tools
All tools return structured JSON summaries — not raw database rows. Amounts are signed numbers in US dollars (negative for expenses), dates are ISO 8601, result limits cap at 50 records per call, and account numbers are masked. Every record includes a canonical url deep link back to app.jupid.com, so agents can cite records the user can open directly. Twelve of the thirteen tools are registered with readOnlyHint: true; the only write tool is answerOutstandingIssue.
Profile & accounts
Categories
Transactions
Counterparties
Reports
Outstanding issues
Setup & billing
Example prompts
Representative prompts that exercise the tool catalog. Share these with users as starting points — the agent composes the tool call itself.
Freelancer
Fast answers to tax and budget questions without leaving the editor.
- What did I spend on software this quarter?
- Show me all Stripe charges over $500 from the last 90 days.
- How much did I pay in contract labor in Q1?
- Which subscriptions am I paying for that I haven’t used in 60 days?
Small-business owner
Cross-cutting views across clients, vendors, and categories.
- Generate a P&L for Q1.
- List my top 10 counterparties by spend in the last 12 months.
- Who are our investors?
- What’s my net margin month-over-month since January?
Accountant
Verify a client’s books without screen-sharing a dashboard.
- Flag any transaction over $2,000 in the last 30 days that doesn’t have a counterparty.
- Break down Q1 expenses by Schedule C category and show the top three vendors per category.
- What open questions does Jupid have for this client? Answer the ones I can resolve.
- Find expenses over $500 that still need attention.
Security & data handling
- Read-only by default. Twelve of the thirteen tools are registered with
readOnlyHint: true. The only write-capable tool,answerOutstandingIssue, saves an explicit answer to one existing open issue — the answer goes through Jupid’s normal processing. There is no recategorization, category editing, file upload, account sync trigger, or billing change through MCP. - User-scoped queries. Every query filters by the authenticated
user_id, and single-record lookups enforce ownership. Tokens cannot cross accounts. - Filtered response fields. Tools return safe public subsets, not raw rows. Account numbers are masked (
••1234), and internal fields — raw provider payloads, access tokens, reasoning notes, internal scoring — are never returned over MCP. - No AI-provider training. Data flows from Jupid directly to the user’s MCP client. Jupid does not share MCP-accessed data with AI providers for training or improvement.
- Short-lived credentials. OAuth access tokens expire after 1 hour and refresh automatically. Revoking access invalidates the refresh token, cutting off any agent that holds it.
- Built for interactive use. Responses cap at 50 records per call. There is no published hard rate limit today — if you’re building a high-volume production agent, contact support@jupid.com first.
- Privacy policy. See the Jupid privacy policy for data collection, retention, and deletion terms, including MCP-specific handling.
Troubleshooting
Resources
- Official developer portalCanonical Jupid MCP documentation: quickstart, full tool catalog, and troubleshooting.
- MCP specificationThe protocol Jupid implements. Start here if you’re building a client.
- Jupid MCP overviewNon-technical tour of the MCP server, who it’s for, and what it unlocks.
- OAuth authorization server metadataRFC 8414 metadata document. Advertised to clients via OAuth discovery.
- Protected resource metadataRFC 9728 metadata. Announced on 401 responses via WWW-Authenticate.
- Privacy policyHow Jupid handles user data, including MCP-specific data flow.
- SupportEmail us for higher rate limits, integration help, or feedback.
Feedback, bugs, or integration questions? Email support@jupid.com.