MCP & API key — AI Crypto CMO

// MCP & API KEY POST /api/mcp · bearer · 60/min · 200/day ● endpoint live

// verifying subscriber session…

// 1 · your API key treat like a password — anyone with it can run audits against your subscription

np_live_••••••••••••••••••••••••••

need to rotate? open billing → "rotate API key" (old key invalidates immediately)

// 2 · connect a client paste the config, restart the tool

1Open the Claude Desktop config file:

macOS · ~/Library/Application Support/Claude/claude_desktop_config.json Windows · %APPDATA%\Claude\claude_desktop_config.json

2Add (or merge) this mcpServers entry, then restart Claude Desktop:

{
  "mcpServers": {
    "northpoint": {
      "url": "https://northpoint.fi/api/mcp",
      "headers": {
        "Authorization": "Bearer __API_KEY__"
      }
    }
  }
}

3In any Claude conversation: "run a MiCA pro check on this landing page: https://…" — Claude will call the tool.

1From any project directory, run:

claude mcp add northpoint \
  --transport http \
  --url https://northpoint.fi/api/mcp \
  --header "Authorization: Bearer __API_KEY__"

2That command writes to ~/.claude/mcp.json (or project-local .claude/mcp.json):

{
  "mcpServers": {
    "northpoint": {
      "url": "https://northpoint.fi/api/mcp",
      "headers": {
        "Authorization": "Bearer __API_KEY__"
      }
    }
  }
}

3Restart the session. Verify with /mcp — expect northpoint with 9 tools.

1Open Cursor's MCP settings (Cmd/Ctrl + Shift + P → "MCP: Edit Configuration") or create the file manually:

~/.cursor/mcp.json (per-project: <project>/.cursor/mcp.json)

2Add this entry:

{
  "mcpServers": {
    "northpoint": {
      "url": "https://northpoint.fi/api/mcp",
      "headers": {
        "Authorization": "Bearer __API_KEY__"
      }
    }
  }
}

3Reload Cursor. Ask the agent: "use the northpoint mcp to run a fca audit on …"

1Smoke test the endpoint:

curl -X POST https://northpoint.fi/api/mcp \
  -H "Authorization: Bearer __API_KEY__" \
  -H "Content-Type: application/json" \
  -d '{"jsonrpc":"2.0","id":1,"method":"tools/list","params":{}}'

Expected: JSON-RPC envelope with result.tools array of 9 items.

2Run an actual audit:

curl -X POST https://northpoint.fi/api/mcp \
  -H "Authorization: Bearer __API_KEY__" \
  -H "Content-Type: application/json" \
  -d '{
    "jsonrpc": "2.0",
    "id": 2,
    "method": "tools/call",
    "params": {
      "name": "run_mica_pro_check",
      "arguments": { "url": "https://example.com/landing" }
    }
  }'

// 3 · what your AI tool can do 9 tools exposed · the assistant decides when to call them

run_mica_pro_checkMiCA (EU). ~40 rules. Text or URL.
run_gdpr_pro_checkGDPR + ePrivacy. ~30 rules.
run_fca_pro_checkFCA UK financial promotions. ~25 rules.
run_sec_pro_checkSEC retail communications. ~25 rules.
run_mas_pro_checkMAS Singapore DPT. ~35–40 rules.
run_vara_pro_checkVARA Dubai. ~35–40 rules.
run_ad_creative_checkCross-jurisdiction ad creative — image or URL.
get_latest_signalLast N days of competitor + regulatory + narrative intel.
search_signalsText-search the signal feed.

// 4 · frequently asked

What is MCP, in one paragraph?

MCP — Model Context Protocol — is an open standard for letting AI assistants call external tools. Think of it as USB-C for AI: instead of every AI tool inventing its own way to talk to your data, an MCP server (like ours) speaks one language that any modern AI tool (Claude, Cursor, others) already understands. You connect once; from then on, your assistant can call NorthPoint's audits whenever the conversation calls for it.

Practically: you stay inside Claude or Cursor, ask "is this landing page MiCA-compliant?", and the assistant runs the full Pro audit and reads you the findings — no copy-pasting into a web form.

Is my marketing copy stored or used to train anything?

No. Each call to tools/call sends your asset text to Anthropic's Claude API for analysis and immediately returns the result to your AI tool. Anthropic's enterprise API does not use your inputs for model training. NorthPoint logs only metadata — tool name, timestamp, verdict counts — to subscriber:{id}:history so you can see your own audit history on /portal/checks/history. The asset text itself is not retained on our side.

What are the rate limits?

60 requests per minute per subscriber (hard cap; bursting beyond returns a JSON-RPC -32002 error). 200 requests per calendar day, UTC as a soft cap — beyond that, use the portal web form at /portal/checks, or contact support.

Why a daily cap? Each audit costs ~$0.04 in model spend. At 200/day per subscriber the unit economics work cleanly; above that pattern usually means automation drift better resolved by a quick conversation.

Does it work with non-Anthropic AI tools?

Yes — any MCP-compatible client. As of mid-2026, confirmed-working clients include Claude Desktop, Claude Code, Cursor, Continue, Cline, Zed, and Windsurf. We test against Claude Desktop and Cursor in CI. If you hit an issue with a different client, message Jukka via your subscriber WhatsApp channel.

How do I revoke or rotate my key?

Go to /portal/billing → "Rotate API key". The old key invalidates immediately and a new one is generated. Update your claude_desktop_config.json (or equivalent) and restart your AI tool.

Can I share the key with my team?

Don't share the key — invite teammates from /portal/team instead (up to 5 seats). Each teammate gets their own key, so usage and history is attributable per person and revocation is granular.

// status ● mcp endpoint live · rate 60/min · 200/day · 9 tools exposed audit history →

⌘K ask G T today G C campaigns G S signals