MCP Server
Let Claude Code, Cursor, ChatGPT, and other AI agents call Tanqory directly.
The Tanqory MCP server is in design-partner preview. The platform behind it is in production (Admin API + AI API live), but the MCP transport layer is under active development. Contact the team for early access.
What it is
The Tanqory MCP server exposes commerce primitives as Model Context Protocol tools. Any MCP-compatible client — Claude Code, Cursor, ChatGPT desktop, your own agent — can connect and act on a Tanqory account with the same permissions a human developer would have.
Transport
We ship one transport: Streamable HTTP. Stdio is for local dev only — it cannot do multi-tenant auth, so the production server refuses it.
Authentication
OAuth 2.1 with Dynamic Client Registration (DCR). Every MCP client registers itself; tokens scope to per-tool capability and audit individually.
Initial tools
The first wave of tools maps 1:1 onto Admin and Store API endpoints:
create_store— provision a new storecreate_product,update_product,delete_productpublish_store— flip storefront from draft to livecreate_page,create_blog_postcreate_discountget_orders,get_customers,get_analytics
Every tool declares a side-effect flag (read / write / destructive).
Destructive tools require human approval before execution.
Safety
- Per-tool RBAC scopes mirror REST scopes
- Every call is appended to an immutable audit log (tenant, user, agent, tool, input hash, output hash, duration, cost)
- Prompt injection guards: input validation runs server-side, never trusts client-supplied tool calls blindly
- Tool poisoning resistance: tool definitions are signed and version-pinned
Roadmap
- Public registry at
.well-known/mcp-server.jsonfor discovery - Self-serve OAuth app marketplace
- Per-customer tool enablement (a store admin chooses what its agents can do)