MCP tools
Public MCP tool surface, OAuth, and governed execution for agent clients.
Overview
Numezis exposes a remote MCP server for Claude, ChatGPT, and other MCP clients. Tools map to governed API operations: reads are listed in the tool manifest; mutations respect module activation, permissions, and approval policy for critical tools.
End-user setup (connectors, OAuth screenshots) lives in the MCP product guide. This page documents the integration contract for builders.
Endpoint and transport
| Item | Value |
|---|---|
| URL | https://www.numezis.com/mcp |
| Transport | Streamable HTTP (JSON-RPC 2.0) |
| Auth | OAuth 2.0 with Dynamic Client Registration |
Send portal context through the authenticated session established at OAuth time.
Tool execution uses the same AccessMode rules as the company portal (/c).
Tool discovery
After authorization, call tools/list to retrieve manifests. Each tool includes:
name— stable identifier (matches registry tool surfaces)description— user-facing summaryinputSchema— JSON Schema for argumentsmanifest.safety—read,write, orcriticalmanifest.requiresApproval—truefor critical mutations
Only tools for enabled modules and effective permissions appear for the connected user.
Execution and approvals
- Client sends
tools/callwith tool name and validated arguments. - Server runs policy checks (module, permission, company status).
- Critical tools may return an approval token instead of applying the mutation.
- User confirms in Numezis UI; client retries with the approval reference.
Do not bypass approval steps in automation—use non-critical read tools to preflight data, then surface approval UX to the user.
Errors
MCP errors mirror API semantics: authorization failures, validation errors, and rate limits are returned as structured RPC errors. Log correlation ids from responses when opening support tickets.