Jupid MCP — Developer Documentation

Overview

The Jupid MCP server exposes six read-only tools over the Model Context Protocol. An MCP-capable client — Claude Desktop, Claude Code, Cursor, VS Code, Windsurf, ChatGPT, or any custom agent — can call these tools on the user’s behalf to answer questions grounded in live Jupid data.

What you can do: view a user’s Jupid profile ( me), search and inspect transactions ( search_transactions, get_transaction), look up vendors and clients ( search_counterparties, get_counterparty), and generate Schedule C cash-flow reports ( get_cashflow_report).

Requirements: an active Jupid account (sign up at app.jupid.com) and an MCP client. Authentication happens through OAuth 2.0 on first use — no secrets to paste.

Transport: streamable HTTP, stateless per request. Clients that only speak stdio can use mcp-remote as a proxy.

Quickstart

Pick your client. Each tab shows the exact config and where it lives. OAuth runs the first time a tool is called — most clients open a browser window automatically.

Add Jupid to Claude Desktop by editing claude_desktop_config.json. Uses mcp-remote as a lightweight proxy — Claude Desktop does not yet speak streamable HTTP natively.

Open claude_desktop_config.json. On macOS it lives at ~/Library/Application Support/Claude/claude_desktop_config.json. On Windows: %APPDATA%\Claude\claude_desktop_config.json.

claude_desktop_config.jsonjson

{
  "mcpServers": {
    "jupid": {
      "command": "npx",
      "args": ["mcp-remote", "https://backend.jupid.com/mcp"]
    }
  }
}

Restart Claude Desktop. On first tool use, Claude will prompt you to complete OAuth in the browser. If you prefer a static token (see Authentication below), add an AUTH_HEADER env var with your Bearer token.

Authentication

Jupid MCP supports two authentication paths. OAuth 2.0 is the default and works for every client listed above. Bearer tokens are a fallback for headless agents, CI jobs, and custom integrations that cannot open a browser for consent.

OAuth 2.0 (recommended)

Authorization code flow with PKCE (S256) plus Dynamic Client Registration (RFC 7591). Any compliant MCP client can connect without pre-registration — Jupid issues a client ID on the fly.

Discovery follows the MCP spec: WWW-Authenticate: Bearer resource_metadata="…" on the first 401, then the client fetches the .well-known/oauth-protected-resource document, which points to the authorization server. No manual configuration on your side.

Authorization server metadata: backend.jupid.com/.well-known/oauth-authorization-server
Protected resource metadata: backend.jupid.com/.well-known/oauth-protected-resource/mcp
Scopes: read-only access to the authenticated user’s own transactions, counterparties, accounts, and cash-flow reports.

Bearer token (headless)

Generate a token in app.jupid.com → Integrations → AI Agents. Tokens are prefixed jp_ and can be revoked at any time.

Pass the token in the Authorization header:

bash

curl https://backend.jupid.com/mcp \
    -H "Authorization: Bearer jp_..." \
    -H "Content-Type: application/json" \
    -d '{"jsonrpc":"2.0","id":1,"method":"tools/list"}'

Tokens are scoped to a single Jupid account and inherit that user’s read-only permissions. Revoking the token immediately invalidates any agent using it.

Available tools

All six tools are registered with readOnlyHint: true and return structured JSON. Amounts are numbers in US dollars (negative for expenses), dates are ISO 8601, and categories use Schedule C line references where applicable.

User

Transactions

Counterparties

Reports

Example prompts

Representative prompts that exercise the six tools. Share these with users as starting points — the agent composes the tool call itself.

Freelancer

Fast answers to tax and budget questions without leaving the editor.

What did I spend on software this quarter?
Show me all Stripe charges over $500 from the last 90 days.
How much did I pay in contract labor in Q1?
Which subscriptions am I paying for that I haven’t used in 60 days?

Small-business owner

Cross-cutting views across clients, vendors, and categories.

Generate a Schedule C cash flow report for Q1 by category.
List my top 10 counterparties by spend in the last 12 months.
Summarize all transactions with Mercury this year.
What’s my net margin month-over-month since January?

Accountant

Verify a client’s books without screen-sharing a dashboard.

Flag any transaction over $2,000 in the last 30 days that doesn’t have a counterparty.
Break down Q1 expenses by Schedule C line and show the top three vendors per line.
Find all income transactions with no matching invoice narrative.
List pending transactions older than 7 days.

Security & data handling

Read-only by design. Every tool is registered with readOnlyHint: true. The server exposes no mutating operations — an agent cannot create transactions, edit counterparties, or change account settings through MCP.
User-scoped queries. Every query filters by user_id and is enforced at the database layer via row-level security. Tokens cannot cross accounts.
Filtered response fields. JSONB metadata, context, and narrative fields are filtered to safe public subsets. Internal scoring, reasoning notes, confidence metrics, and enrichment sources are never returned over MCP.
No AI-provider training. Data flows from Jupid directly to the user’s MCP client. Jupid does not share MCP-accessed data with AI providers for training or improvement.
Rate limit. 100 tool calls per hour per token on standard plans. The server returns 429 with a Retry-After header. Contact support@jupid.com for higher limits.
Privacy policy. See the Jupid privacy policy for data collection, retention, and deletion terms, including MCP-specific handling.

Troubleshooting

Resources

Feedback, bugs, or integration questions? Email support@jupid.com.