MCP Server
Use Agent Secret Store directly from Claude Desktop, Cursor, OpenClaw, and any Model Context Protocol-compatible client.
What is MCP?
The Model Context Protocol (MCP) is an open standard that lets AI models call external tools via a structured JSON-RPC protocol. Instead of writing integration code, you configure an MCP server once and any compatible AI client gains access to its tools.
Agent Secret Store's MCP server exposes vault operations as callable tools. Claude can call get_secret the same way it calls a web search or code execution tool.
Package
npx -y @agentsecretstore/mcp
Transport
stdio (local) or SSE (remote)
Auth
ASS_AGENT_KEY (stdio) / x-agent-key header (SSE)
Configuration
The MCP server supports two transports:
stdio (recommended)
Local execution via npx -y @agentsecretstore/mcp. Fastest, most secure. Recommended for Claude Desktop, Cursor, and OpenClaw.
SSE (remote)
Hosted at https://mcp.agentsecretstore.com/sse. Use for remote clients or when you cannot run local Node.js processes. Authenticates via x-agent-key header (not Authorization: Bearer).
Claude Desktop (stdio)
// Claude Desktop: ~/Library/Application Support/Claude/claude_desktop_config.json
{
"mcpServers": {
"agent-secret-store": {
"command": "npx",
"args": ["-y", "@agentsecretstore/mcp"],
"env": {
"ASS_AGENT_KEY": "ass_your_key_here"
}
}
}
}Cursor (stdio)
// Cursor: .cursor/mcp.json (project root)
{
"mcpServers": {
"agent-secret-store": {
"command": "npx",
"args": ["-y", "@agentsecretstore/mcp"],
"env": {
"ASS_AGENT_KEY": "ass_your_key_here"
}
}
}
}OpenClaw (stdio)
// OpenClaw: mcp_config.json
{
"mcpServers": {
"agent-secret-store": {
"command": "npx",
"args": ["-y", "@agentsecretstore/mcp"],
"env": {
"ASS_AGENT_KEY": "ass_your_key_here"
}
}
}
}SSE remote transport
// SSE transport (hosted -- for remote or headless clients)
// Auth: x-agent-key header -- NOT Authorization: Bearer
{
"mcpServers": {
"agent-secret-store": {
"transport": "sse",
"url": "https://mcp.agentsecretstore.com/sse",
"headers": {
"x-agent-key": "ass_your_key_here"
}
}
}
}Keep your agent key secure
Never commit your ASS_AGENT_KEY to source control. Store it as a system environment variable and reference it via env in the MCP config. For SSE transport, pass the key in the x-agent-key header — not as Authorization: Bearer.
Available tools
All 8 tools are available in both stdio and SSE modes. delete_secret and rotate_secret return a requires_human_auth: true response by design — these operations must be completed by a human via the dashboard or CLI.
| Tool | Description |
|---|---|
| get_secret | Retrieve a decrypted secret value |
| set_secret | Store or update an encrypted secret |
| list_secrets | List secret metadata in a namespace (never returns values) |
| list_namespaces | List all namespaces visible to this agent |
| delete_secret | Request secret deletion (returns human auth required — by design) |
| rotate_secret | Request secret rotation (returns human auth required — by design) |
| request_token | Request a scoped short-lived token (may trigger approval) |
| get_approval_status | Check approval request status (pending | approved | denied | expired) |
get_secret
// Tool: get_secret
// Retrieve a decrypted secret value from the vault.
// Input schema:
{
"namespace": "production/gemini", // Secret namespace
"key": "GEMINI_API_KEY" // Secret key
}
// Response:
{
"value": "gemini-api-key-example",
"secret_type": "api_key",
"access_tier": "sensitive",
"metadata": {"team": "ml"},
"version": 1
}set_secret
// Tool: set_secret
// Store or update an encrypted secret in the vault.
// Input schema:
{
"namespace": "production/gemini",
"key": "GEMINI_API_KEY",
"value": "gemini-api-key-example",
"secret_type": "api_key", // Optional: api_key | oauth_token | db_credential | ssh_key | certificate | custom
"access_tier": "sensitive" // Optional: standard | sensitive | critical
}
// Response:
{
"id": "uuid-here",
"namespace": "production/gemini",
"key": "GEMINI_API_KEY",
"version": 1,
"secret_type": "api_key",
"access_tier": "sensitive",
"created_at": "2026-06-01T10:30:00Z"
}list_secrets
// Tool: list_secrets
// List secrets in a namespace (values not returned for security).
// Input schema:
{
"namespace": "production/gemini" // Namespace to list
}
// Response:
{
"namespace": "production/gemini",
"items": [
{
"namespace": "production/gemini",
"key": "GEMINI_API_KEY",
"version": 1,
"secret_type": "api_key",
"access_tier": "sensitive",
"created_at": "2026-06-01T10:00:00Z",
"updated_at": "2026-06-01T10:00:00Z"
}
],
"total": 1
}list_namespaces
// Tool: list_namespaces
// List all distinct namespaces visible to this agent.
// Input schema: (empty object)
{}
// Response:
{
"namespaces": [
"production",
"production/gemini",
"production/stripe",
"staging"
],
"total": 4
}delete_secret
// Tool: delete_secret
// Request deletion of a secret.
// Returns requires_human_auth: true by design -- agents cannot delete secrets directly.
// Input schema:
{
"namespace": "staging/test",
"key": "OLD_KEY"
}
// Response:
{
"requires_human_auth": true,
"message": "Secret deletion requires human authorization. Use the dashboard at https://agentsecretstore.com/dashboard/secrets to delete staging/test/OLD_KEY."
}rotate_secret
// Tool: rotate_secret
// Request rotation of a secret.
// Returns requires_human_auth: true by design -- agents cannot rotate secrets directly.
// Input schema:
{
"namespace": "production/gemini",
"key": "GEMINI_API_KEY"
}
// Response:
{
"requires_human_auth": true,
"message": "Secret rotation requires human authorization. Use the dashboard at https://agentsecretstore.com/dashboard/secrets to rotate production/gemini/GEMINI_API_KEY."
}request_token
// Tool: request_token
// Request a scoped short-lived access token for specific secret operations.
// Input schema:
{
"scopes": ["secrets:read:production/gemini/*"],
"ttl": "1h" // Optional: "15m", "1h", "24h" etc.
}
// Response (auto-approved):
{
"token": "eyJhbGciOi...",
"token_id": "uuid-here",
"expires_at": "2026-06-01T11:30:00Z",
"requires_approval": false,
"scopes": ["secrets:read:production/gemini/*"],
"ttl": "1h"
}
// Response (approval required):
{
"requires_approval": true,
"approval_id": "uuid-here",
"message": "Human approval required. Use get_approval_status to check."
}get_approval_status
// Tool: get_approval_status
// Check the status of a human approval request.
// Input schema:
{
"approval_id": "uuid-from-request-token-response"
}
// Response:
{
"status": "approved", // "pending" | "approved" | "denied" | "expired"
"resolved_at": "2026-06-01T10:32:00Z",
"expires_at": "2026-06-01T22:00:00Z"
}Example agent conversation
This is what a complete approval-gated secret retrieval looks like when Claude uses the MCP tools:
// Example agent conversation using MCP tools
// (Claude Desktop with Agent Secret Store MCP configured via stdio)
// User: "Get the Gemini API key from the vault and call Gemini"
// Claude thinks: I need to get the Gemini API key from the vault.
// Claude calls: get_secret({ namespace: "production/gemini", key: "GEMINI_API_KEY" })
// Tool response:
// {
// "value": "gemini-api-key-example",
// "version": 1,
// "secret_type": "api_key"
// }
// Claude proceeds to call Gemini API with the retrieved key.
// If the secret requires approval:
// Claude calls: get_secret({ namespace: "production/stripe", key: "STRIPE_SECRET_KEY" })
// (This triggers a token request internally with scopes ["secrets:read:production/stripe/STRIPE_SECRET_KEY"])
// MCP server response:
// Error: Human approval required. Approval ID: uuid-here. Use get_approval_status to check progress.
// Claude responds to user:
// "I need approval to access the Stripe API key. Approval request ID: uuid-here.
// I'll check the status for you. You can also approve it at:
// https://agentsecretstore.com/dashboard/approvals?approval_id=uuid-here"
// [User approves in dashboard]
// Claude calls: get_approval_status({ approval_id: "uuid-here" })
// Tool response: { status: "approved", resolved_at: "..." }
// Claude retries: get_secret({ namespace: "production/stripe", key: "STRIPE_SECRET_KEY" })
// Tool response: { value: "sk_live_...", version: 1 }
// Claude proceeds with payment processing using the retrieved key.Zero-code integration
With MCP, you don't write any integration code. Just configure the server once and Claude handles all tool calls, approval flows, and error messages automatically in natural language.
MCP Quickstart→
Step-by-step setup guide for Claude Desktop and Cursor.
REST API→
Build your own integration with raw HTTP.