All systems operational
← All resources

MCP server integration

Edgify ships a hosted Model Context Protocol (MCP) server at mcp.edgify.net/mcp so your coding agent can manage virtual keys, issue scoped sub-keys, and read usage events on your behalf — without ever seeing the underlying provider key.

When to use it

  • · A coding agent (Claude Code, Cursor, Cline, …) needs to mint a virtual key for a feature it's building, without you copy-pasting the live provider secret into chat.
  • · An on-call agent needs to revoke a leaked sub-key during an incident, with the action recorded in the audit log under the agent's service-account identity.
  • · An evaluation agent needs to read 24h of usage events to recommend tighter limits.

Step 1 — issue a service-account token

From the dashboard go to Service accounts → New. Give the agent a name (e.g. Claude — virtual key issuance) and the narrowest role that does the job:

  • virtual_keys:read — list and inspect keys
  • virtual_keys:create — mint new sub-keys
  • virtual_keys:revoke — revoke / rotate
  • usage:read — pull aggregated usage

The token is shown once. Copy it — Edgify keeps only a SHA-256 fingerprint. Tokens are revocable at any time and every action they take is audit-logged under the service-account principal.

Step 2 — wire it into Claude Code

Add the server to your Claude Code MCP settings (~/.config/claude-code/mcp.json): 

{
  "mcpServers": {
    "edgify": {
      "transport": "http",
      "url": "https://mcp.edgify.net/mcp",
      "headers": {
        "authorization": "Bearer YOUR_SERVICE_ACCOUNT_TOKEN"
      }
    }
  }
}

Restart Claude Code. The tools edgify_list_virtual_keys, edgify_create_virtual_key, edgify_revoke_virtual_key, and edgify_usage_summary become available.

Step 3 — wire it into Cursor

In Cursor, open Settings → MCP and add: 

Name:    edgify
Type:    HTTP (Streamable)
URL:     https://mcp.edgify.net/mcp
Header:  Authorization: Bearer YOUR_SERVICE_ACCOUNT_TOKEN

Available tools

Tool Required scope Description
edgify_list_virtual_keys virtual_keys:read List active sub-keys, filtered by cost center / environment.
edgify_create_virtual_key virtual_keys:create Mint a new scoped sub-key. Returns the one-time secret.
edgify_revoke_virtual_key virtual_keys:revoke Revoke immediately; propagates to the edge in < 60s.
edgify_usage_summary usage:read Aggregated usage by provider / model / cost center.
edgify_list_limit_profiles limit_profiles:list List the rate / cost / budget policies available for attachment.

Audit + scope

Every MCP call is recorded in your audit log under the service-account principal, with the agent's tool invocation as the action. Revoke the service-account token to immediately cut off the agent — past actions remain in the hash-chained audit log.

Troubleshooting

  • · 401 missing_bearer — token header missing or malformed. The Authorization: Bearer <token> header is required on every request.
  • · 403 insufficient_scope — the service account doesn't have the scope the tool needs. Re-issue the token with the missing scope or scope the agent's action down.
  • · Tools missing in the client UI — restart the MCP client after editing config.

Need a feature the current MCP surface doesn't cover? Email [email protected] with the tool you'd like and the workflow it unblocks.