This is the payments MCP. It is not the same as the docs MCP
(
docs.prava.space/mcp), which only lets an agent read these docs. See
Use Prava Docs with AI.What your agent can do
Full parameters and flows: Tools reference.
The credential firewall
The MCP is built so that payment credentials never reach the agent. This is stronger than the CLI path, where the agent handles a one-time token itself. Example: your agent buys you a phone case.- The agent finds the case and locks a price (
shop_quote): $18.50. - It creates a payment session for exactly $18.50 and sends you a
payment_url. - You open the link and approve with your passkey (a fingerprint or face confirmation on your
device). The agent only ever learns the status:
get_payment_statusreturnscompleted, never the card token. - The agent calls
shop_checkout. Prava’s gateway pulls the one-time credentials server-side, completes the merchant checkout, and returns only the outcome:{ status: "paid", order_id: … }.
Scopes
Access is scoped with OAuth. A scope is a named permission: your MCP client requests these when you connect, and you approve them once.MCP, CLI, or SDK?
All three share the same account, cards, guardrails, and approval model. An agent connected via MCP
shows up in your Prava Pay dashboard next to CLI-linked agents, and you
can revoke it the same way.
Next
Connect your agent
One URL, one sign-in. Claude Code, Cursor, and generic clients.
Tools reference
Every tool, its parameters, and the buy-flow chain.