MCP SERVER — LIVE

11 tools. One protocol.
Real payments.

Connect any AI agent to Ovra's payment infrastructure via Model Context Protocol. No SDK, no npm packages — agents connect through MCP tools and transact autonomously.

Get Started Read the Docs

Connect in seconds

Install the Ovra Agent Skill or add the MCP config directly.

Agent Skill (recommended)

$ npx skills add AlecFritsch/ovra-skills

mcp.json

{
  "mcpServers": {
    "ovra": {
      "command": "npx",
      "args": ["-y", "@ovra/mcp@latest"],
      "env": {
        "OVRA_API_KEY": "sk_..."
      }
    }
  }
}

Available Tools

11 MCP tools covering the full payment lifecycle.

ovra_agent

Create and manage AI agents with scoped tokens

ovra_card

Issue, freeze, rotate virtual cards per agent

ovra_intent

Declare payment intents with policy evaluation

ovra_credential

Issue zero-knowledge payment credentials (DPANs)

ovra_transaction

Track charges, attach evidence, add memos

ovra_policy

Read spending rules and guardrails (read-only)

ovra_customer

Manage customer profile and wallet

ovra_billing

Fund agents and check balances

ovra_dispute

File and manage chargebacks

ovra_webhook

Subscribe to real-time payment events

ovra_compliance

GDPR data export and deletion

How It Works

From intent to payment in three steps.

Agent declares intent

"Buy AWS credits for €100"

ovra_intent creates and policy-checks the purchase before any payment instrument is issued.

Credential issued

DPAN + cryptogram

ovra_credential returns a tokenized card number. The agent never sees real card data.

Agent completes checkout

Browser fill → verify

The agent fills the checkout form. Ovra verifies the charge against the approved intent.

Compatible with any MCP client

Works with Claude, Cursor, OpenClaw, and any MCP-compatible agent framework. No vendor lock-in.

ClaudeCursorOpenClawWindsurfAny MCP Client

Design Principles

Security architecture, not security theater.

Intent before credentials

Agents declare purchases before instruments are issued. No credential without an approved intent.

Controls in the transaction path

Policies are enforced at the API layer, not in prompts. Blocked transactions never reach the card network.

Evidence by default

Every charge is traced to the workflow, intent, policy decision, and outcome that caused it.

Read-only policies

Agents cannot modify, disable, or escalate their own spending rules. Only human users can change policies.

Ready to connect your agent?

Get API access, connect via MCP, and let your AI agents transact autonomously.