Connect & auth

How a client connects to Prscnt and authenticates. This is the same for an interactive Claude session and a headless runner — only the credential type differs.

Transport

Prscnt speaks MCP over Streamable HTTP:

POST https://mcp.prscnt.com/v1/mcp

Responses are JSON; there is no long-lived event stream to hold open. Any MCP-capable client connects with a standard HTTP MCP server config:

{
  "mcpServers": {
    "prscnt": {
      "type": "http",
      "url": "https://mcp.prscnt.com/v1/mcp",
      "headers": { "Authorization": "Bearer <token>" }
    }
  }
}

There is no REST tool surface — the only way to invoke a tool is a JSON-RPC tools/call over this endpoint, which means an MCP client with an LLM driving it. (Other routes exist — /healthz, OAuth discovery, the Stripe webhook, the marketing pages — but none return tool output.)

Authentication

Every request carries Authorization: Bearer <token>. There are two kinds of token:

API keys (for runners, scripts, Claude Code)

A static key, prscnt_live_... (or sk_live_... for an invited seat). Connect Prscnt to Claude first (one click, no key), then ask Prscnt to mint a key for headless use. This is what the orchestration runner and any headless integration use. Keep it secret; treat it like a password.

claude mcp add --transport http prscnt https://mcp.prscnt.com/v1/mcp \
  --header "Authorization: Bearer prscnt_live_..."

OAuth (for interactive Claude connectors)

In claude.ai or Claude Desktop, Add custom connector → paste the URL → Authorize. This runs an OAuth flow and mints a session-scoped token; nothing to copy or store. Best for humans working in Claude, not for headless runners.

Workspace resolution

Your token maps to exactly one workspace, resolved server-side. You do not — and must not — pass a workspace id:

• If a tool's schema lists workspace_id, leave it empty. The server injects the authenticated workspace.
• Passing a different real workspace id is rejected (WORKSPACE_MISMATCH). This is the cross-tenant guard.

A small set of shared, read-only reference tools (pricing table, contract playbook descriptions, workflow definitions) are workspace-agnostic and callable by anyone authenticated.

Seats

A workspace can have multiple manager seats, each with its own key. Invite one and you get a fresh sk_live_ key plus an .mcp.json snippet; revoke one and that key stops working on its next request. Seat count is capped by your plan. Each automated caller you run should use its own seat key so you can meter and revoke it independently. See Limits & billing.

CORS & limits

The endpoint allows cross-origin requests, and request bodies are capped at 1 MB. Rate limits and per-tool allowances apply to every call — see Limits & billing.

Next

• Compose your stack — connect your own tools alongside Prscnt.
• The orchestration runner — the headless agent that uses these credentials.