MCP Server
The agenthifive-mcp package (published as @agenthifive/mcp on npm) is a standalone MCP (Model Context Protocol) server that exposes AgentHiFive Vault tools over stdio transport. It lets any MCP-compatible client -- Claude Code, OpenClaw via mcporter, OpenCode, and others -- execute provider API calls, list connections, and revoke access through the Vault.
The Gateway Plugin is the recommended integration for OpenClaw. Use the MCP server when you need portability across multiple agent clients, or when your setup does not use the OpenClaw Gateway directly.
Installation
npm install -g @agenthifive/mcp
Or run directly with npx:
npx @agenthifive/mcp
Configuration
The MCP server reads all configuration from environment variables.
Authentication variables
The MCP server supports two authentication modes. Provide one of the following:
Option 1: Agent private key (recommended)
| Variable | Description |
|---|---|
AGENTHIFIVE_BASE_URL | AgentHiFive Vault API base URL (e.g., https://vault.example.com) |
AGENTHIFIVE_AGENT_ID | Agent ID (UUID) |
AGENTHIFIVE_PRIVATE_KEY_PATH | Path to a JSON file containing the ES256 private key JWK |
Or provide the key inline as base64-encoded JSON:
| Variable | Description |
|---|---|
AGENTHIFIVE_PRIVATE_KEY | Base64-encoded JSON of the ES256 private key JWK |
Option 2: Bearer token (for testing or PATs)
| Variable | Description |
|---|---|
AGENTHIFIVE_BASE_URL | AgentHiFive Vault API base URL |
AGENTHIFIVE_BEARER_TOKEN | Direct bearer token (ah5t_, ah5p_, or JWT) |
Optional variables
| Variable | Default | Description |
|---|---|---|
AGENTHIFIVE_TOKEN_AUDIENCE | AGENTHIFIVE_BASE_URL | aud claim for client assertions |
AGENTHIFIVE_POLL_TIMEOUT_MS | 300000 (5 min) | Timeout for approval polling operations |
AGENTHIFIVE_POLL_INTERVAL_MS | 5000 (5 sec) | Interval between approval status poll requests |
At least one authentication method must be configured. The server will exit with an error if no credentials are provided.
Running the server
Direct execution
export AGENTHIFIVE_BASE_URL="https://vault.example.com"
export AGENTHIFIVE_AGENT_ID="your-agent-id"
export AGENTHIFIVE_PRIVATE_KEY_PATH="/path/to/agent-key.json"
npx @agenthifive/mcp
The server communicates over stdio (stdin/stdout), which is the standard MCP transport for local tool servers.
With Claude Code
Add the server to your Claude Code MCP configuration (.claude/mcp.json or the project-level equivalent):
{
"mcpServers": {
"agenthifive": {
"command": "npx",
"args": ["@agenthifive/mcp"],
"env": {
"AGENTHIFIVE_BASE_URL": "https://vault.example.com",
"AGENTHIFIVE_AGENT_ID": "your-agent-id",
"AGENTHIFIVE_PRIVATE_KEY_PATH": "/path/to/agent-key.json"
}
}
}
}
Once configured, Claude Code will discover the execute, list_connections, and revoke tools automatically.
With OpenClaw via mcporter
OpenClaw can consume MCP tools through mcporter. Add the AgentHiFive MCP server:
mcporter add agenthifive --npm @agenthifive/mcp
Then configure the environment variables in your mcporter config or shell environment.
With other MCP clients
Any client that supports the MCP stdio transport can connect. Point it at the @agenthifive/mcp binary and provide the required environment variables.
Available tools
The MCP server exposes three tools. These mirror a subset of the Gateway Plugin tools with MCP-native input schemas (Zod-based).
execute
Execute an HTTP request through the AgentHiFive Vault proxy (Model B). The Vault handles authentication, policy enforcement, allowlist checking, rate limiting, and audit logging. The agent never sees provider credentials.
If the action requires step-up approval, the response will indicate this and the user should approve via the AgentHiFive dashboard.
Input schema:
| Parameter | Type | Required | Description |
|---|---|---|---|
connectionId | string | Yes | The connection ID to use for this request |
method | enum | Yes | HTTP method: GET, POST, PUT, DELETE, PATCH |
url | string | Yes | Target URL for the provider API |
query | Record<string, string> | No | Query parameters as key-value pairs |
headers | Record<string, string> | No | Additional headers (Authorization is injected by the Vault) |
body | unknown | No | Request body (for POST, PUT, PATCH) |
Example response (success):
{
"status": 200,
"headers": { "content-type": "application/json" },
"body": { "messages": ["..."] },
"auditId": "aud_abc123"
}
Example response (approval required):
{
"approvalRequired": true,
"approvalRequestId": "apr_xyz789",
"auditId": "aud_abc123"
}
list_connections
List all connected provider accounts in the current workspace. Shows provider type, label, status (healthy, needs_reauth, revoked), granted scopes, and creation date for each connection.
Input schema: None (no parameters).
Example response:
{
"connections": [
{
"id": "conn_gmail_01",
"provider": "google",
"label": "Personal Gmail",
"status": "healthy",
"grantedScopes": ["gmail.readonly", "calendar.readonly"],
"createdAt": "2026-01-15T10:30:00Z"
}
]
}
revoke
Immediately revoke a connection, blocking all future token vending and API execution through it. This action is immediate and cannot be undone. Returns a confirmation with an audit trail ID.
Input schema:
| Parameter | Type | Required | Description |
|---|---|---|---|
connectionId | string | Yes | The ID of the connection to revoke |
Example response:
{
"revoked": true,
"connectionId": "conn_gmail_01",
"auditId": "aud_ghi789"
}
Architecture
MCP Client (Claude Code, mcporter, etc.)
|
| stdio (stdin/stdout)
|
@agenthifive/mcp server
|
| HTTPS (agent access token or bearer token)
|
AgentHiFive Vault
|
| OAuth2 (refresh tokens stored here)
|
Provider APIs (Google, Microsoft, Slack, ...)
The MCP server is a thin layer that translates MCP tool calls into Vault API requests using the same VaultClient from the @agenthifive/openclaw package. No provider credentials pass through the MCP server or the client.
Error handling
The MCP server surfaces errors as MCP tool response text. Common error scenarios:
| Scenario | Behavior |
|---|---|
| Missing environment variables | Server exits immediately with a descriptive error on stderr |
| Vault API unreachable | Tool call returns an error response |
| Connection not found | Tool call returns an error response |
| Approval denied or expired | Tool call returns an error describing the denial/expiry |
Errors are written to stderr and will appear in the MCP client's server logs.
Differences from the Gateway Plugin
| Feature | Gateway Plugin | MCP Server |
|---|---|---|
| Transport | In-process (Gateway) | stdio (MCP) |
| Tools | 5 (vault_execute, request_permission, vault_await_approval, vault_connections_list, vault_connection_revoke) | 3 (execute, list_connections, revoke) |
| Approval flow | Built-in polling via vault_await_approval (fallback) or auto-notification | Indicated in execute response; user approves via dashboard |
| Best for | OpenClaw Gateway deployments | Cross-client portability (Claude Code, mcporter, etc.) |