Skip to main content

MCP Integration

The 1claw MCP server gives AI agents (Claude, Cursor, GPT, and others) secure, just-in-time access to secrets stored in your vault via the Model Context Protocol.

Try it out

Try out the examples in this repo: FastMCP Tool Server (custom MCP server with domain tools) and LangChain Agent (LangChain + 1Claw MCP tools).

Quick start (hosted)

The fastest way to connect an AI agent to your vault:

  1. Register an agent in the 1claw dashboard — save the API key (ocv_...).
  2. Create a policy granting the agent read access to the paths it needs.
  3. Configure your MCP client with the hosted server using the agent API key directly:
{
"mcpServers": {
"1claw": {
"url": "https://mcp.1claw.xyz/mcp",
"headers": {
"Authorization": "Bearer ocv_your_agent_api_key"
}
}
}
}

That's it. The server automatically exchanges the API key for a short-lived JWT, refreshes it before expiry, and auto-discovers the vault when the agent is bound to exactly one. No manual token rotation needed.

Vault override

If the agent has access to multiple vaults, add "X-Vault-ID": "your-vault-uuid" to the headers to pick one explicitly.

Legacy: using a pre-minted JWT

If you prefer to manage tokens yourself, exchange the API key for a JWT and pass it directly. Note that JWTs expire (~1 hour) and you'll need to refresh them manually.

curl -s -X POST https://api.1claw.xyz/v1/auth/agent-token \
-H "Content-Type: application/json" \
-d '{"agent_id":"<uuid>","api_key":"ocv_..."}' | jq -r '.access_token'
{
"mcpServers": {
"1claw": {
"url": "https://mcp.1claw.xyz/mcp",
"headers": {
"Authorization": "Bearer <jwt-from-agent-token-endpoint>",
"X-Vault-ID": "your-vault-uuid"
}
}
}
}

Quick start (local)

For local setups, run the MCP server via stdio. Only ONECLAW_AGENT_API_KEY is needed — the server auto-discovers the agent ID and vault, and handles JWT refresh:

{
"mcpServers": {
"1claw": {
"command": "npx",
"args": ["-y", "@1claw/mcp"],
"env": {
"ONECLAW_AGENT_API_KEY": "ocv_your_agent_api_key"
}
}
}
}

Or auto-configure with the CLI: 1claw setup --client cursor (or --client claude).

Quick start (local daemon — offline, zero-knowledge)

For fully offline use where the model should never see secret values:

{
"mcpServers": {
"1claw": {
"command": "npx",
"args": ["-y", "@1claw/mcp"],
"env": {
"ONECLAW_LOCAL_VAULT": "true"
}
}
}
}

Or auto-configure: 1claw setup --local --client cursor. The model gets list_secrets (names only) and proxy_request (inject a secret into an HTTP call without exposing the value). See Local Vault & Daemon for setup.

Available tools

Secrets

ToolWhat it does
list_secretsList all secrets (metadata only, never values)
get_secretFetch decrypted value by path
put_secretCreate or update a secret (creates a new version)
delete_secretSoft-delete a secret
describe_secretGet metadata without the value
rotate_and_storeStore a new value for an existing secret (new version)
rotate_generateServer-side rotation — generates a random value that never leaves the server
list_versionsList all versions of a secret with creation dates and disabled status
get_env_bundleFetch and parse a KEY=VALUE env bundle into JSON

Vaults & access

ToolWhat it does
create_vaultCreate a new vault for organising secrets
list_vaultsList all vaults accessible to you
grant_accessGrant a user or agent access to a vault you own
share_secretShare a specific secret with a user, agent, or your creator

Transactions (Intents API)

ToolWhat it does
submit_transactionSign and optionally broadcast an EVM transaction
sign_transactionSign without broadcasting — returns raw signed tx hex
simulate_transactionSimulate a transaction via Tenderly (no signing)
simulate_bundleSimulate a sequence of transactions in order
list_transactionsList recent transactions for the current agent
get_transactionGet details of a specific transaction by ID

Signing keys

ToolWhat it does
provision_signing_keyGenerate a multi-chain signing key (Ethereum, Bitcoin, Solana, XRP, Cardano, Tron)
list_signing_keysList all active signing keys for an agent
sign_messageEIP-191 personal_sign with an agent's signing key
sign_typed_dataEIP-712 typed data signing with domain-aware hashing

Platform

ToolWhat it does
platform_list_appsList platform apps in the org
platform_create_appRegister a new platform app
platform_bootstrap_userProvision resources from a bootstrap template
platform_reissue_claimMint a fresh claim URL for a bootstrapped connection
platform_rotate_keyRotate a platform app's plt_ API key

Treasury

ToolWhat it does
treasury_proposeCreate a Safe multisig proposal
treasury_sign_proposalApprove or reject with an EIP-712 signature
treasury_list_proposalsList proposals filtered by status

Approvals

ToolWhat it does
request_approvalAsk a human to approve a policy change or sensitive action
list_approvalsList approval requests by status
get_approvalPoll a specific approval request

Bankr

ToolWhat it does
lease_bankr_keyLease a scoped Bankr wallet API key (metadata only — key never in tool output)

Security

ToolWhat it does
inspect_contentScan text for injection, obfuscation, social engineering, and PII

Local daemon mode

ToolWhat it does
proxy_requestMake an HTTP request with a secret injected — value never enters the context window
list_secretsList secret names in the local vault (names only, no values)

Typical agent workflow

  1. Discoverlist_secrets to see what's available.
  2. Checkdescribe_secret to verify it exists and hasn't expired.
  3. Fetchget_secret to get the decrypted value.
  4. Use — Pass the value into the API call.
  5. Forget — Do not store the value in summaries, logs, or memory.

Security

  • Secrets are fetched just-in-time and never cached by the MCP server.
  • Secret values are never logged — only the path is recorded.
  • Each hosted connection authenticates independently (per-session isolation).
  • All access is recorded in the vault audit log.

Further reading