MCP

Eriga exposes its API as a Model Context Protocol (MCP) server. Any MCP-compliant client (Claude, ChatGPT, Cursor, Claude Code, custom agents) can discover the server, authenticate via OAuth, and call tools that mirror the REST API.

End-user setup

If you just want to connect Claude Desktop or ChatGPT to your Eriga account, follow the user guide instead.

Set up MCP — user guide Step-by-step instructions for Claude Desktop, Claude.ai, ChatGPT and Cursor.

Endpoint

https://mcp.eriga.app/mcp

Authentication

Auth follows the MCP authorization spec — OAuth 2.0 + PKCE with discovery via Protected Resource Metadata (RFC 9728). Clients never carry a hard-coded token; the agent runs the OAuth flow on first use.

1 — Protected resource metadata

GET https://mcp.eriga.app/.well-known/oauth-protected-resource/mcp

Returns:

{
  "resource": "https://mcp.eriga.app/mcp",
  "authorization_servers": ["<issuer url>"]
}

2 — Authorization server metadata

GET <issuer url>/.well-known/openid-configuration

Standard OIDC discovery — authorization_endpoint, token_endpoint, jwks_uri, supported grants.

3 — OAuth 2.0 + PKCE

Run the standard authorization-code flow with:

• resource=https://mcp.eriga.app/mcp (RFC 8707 resource indicator)
• PKCE code challenge + verifier
• Redirect URI registered for your client (Eriga uses a shared SPA app on the IdP — most popular MCP clients are pre-registered)

The IdP returns an access token with aud=https://mcp.eriga.app/mcp. Include it in subsequent requests:

POST https://mcp.eriga.app/mcp
Authorization: Bearer <token>

Multi-tenancy

Eriga is multi-tenant: every domain object lives inside a Space. MCP tools accept the Space as a tool parameter (space field, by name), not as an HTTP header. Your default Space is used when omitted.

Tool catalog

Every read and write API operation is exposed as an MCP tool with the same name as the corresponding operationId. Tools accept human-readable names (resource name, unit name, action name) and resolve them to UUIDs internally.

See the API Reference for the underlying operations and the Domain model for the entities involved.

Building a custom agent

To build an agent that calls Eriga MCP directly:

1. Implement the discovery flow above to obtain a token
2. Use the @modelcontextprotocol/sdk (or any compliant client library) to call tools
3. Pass the token as Authorization: Bearer ...
4. Pass the Space name as a tool parameter when relevant

Errors

MCP tool errors mirror the REST API error envelope — see Errors for the exception-class to HTTP-status mapping.

Spec references

• MCP authorization spec
• RFC 9728 — Protected Resource Metadata
• RFC 8707 — Resource Indicators
• RFC 8693 — Token Exchange (used internally by mcp.eriga.app to call api.eriga.app)