MCP integration
Cavaridge™ ships as an MCP provider at mcp.cavaridge.app. Connect from
Claude, ChatGPT, Cursor, Cline, or any MCP-capable client; the products
you already use surface as tools, resources, and prompts inside your
preferred AI client.
Per-product servers
Section titled “Per-product servers”One MCP server per Cavaridge product surface. Connect each independently for granular permissions + granular audit.
| URL | Product |
|---|---|
mcp.cavaridge.app/forge | Cavaridge AI (chat, content, document analysis) |
mcp.cavaridge.app/cavalier | Cavaridge Operations (quotes, deals, SoWs) |
mcp.cavaridge.app/aegis | Cavaridge AEGIS (posture scans, findings) |
mcp.cavaridge.app/harvest | Cavaridge Harvest (salvage, intelligence) |
mcp.cavaridge.app/reclaim | Cavaridge Reclaim (recovery policies) |
mcp.cavaridge.app/herald | Cavaridge Herald (broadcasts, trust-center) |
mcp.cavaridge.app/terrain | Cavaridge Terrain (domain workflows) |
mcp.cavaridge.app/people | Cavaridge People (profiles, lifecycle) |
mcp.cavaridge.app/pawvault | PawVault (pet records — D2C) |
mcp.cavaridge.app/midas | Cavaridge Roadmap (tools land when public-API surface ships) |
GET https://mcp.cavaridge.app/ for the live inventory.
Connection guides
Section titled “Connection guides”Per-client setup walkthroughs:
Any MCP-capable client works — these are the popular ones with explicit guides.
What MCP clients get
Section titled “What MCP clients get”- Tools — verbed actions like
aegis.list_scans,forge.create_conversation,cavalier.create_quote. Tools are scope-checked and tenant-scoped per the OAuth grant. - Resources — stable URIs to tenant data:
cavaridge://forge/conversations/{id}, etc. Read-only. - Prompts — pre-shaped task templates (e.g.,
forge.summarize_conversation).
Authorization
Section titled “Authorization”OAuth 2.1 with PKCE. Authorize URL https://auth.cavaridge.app/oauth/authorize,
token URL https://auth.cavaridge.app/oauth/token. Scopes are
minimum-sufficient per tool; the AI client requests the union it needs.
Trust contract
Section titled “Trust contract”When an external AI calls a Cavaridge tool on your behalf, the platform:
- Records every invocation in your audit log at api.cavaridge.app/mcp
- Enforces minimum-sufficient-scope on every call
- Returns
confirmation_requiredfor any destructive tool — the AI client must surface the prompt before re-invoking withconfirmed: true - Honors UTM tenant boundaries — cross-tenant calls return
403 forbidden_cross_tenant - Lets you revoke any connection at any time (revocation is immediate)
Tool catalog reference
Section titled “Tool catalog reference”Live tool catalog per server: GET https://mcp.cavaridge.app/{product}/list_tools.
Each entry includes the operationally-accurate description, JSON Schema,
required scope, and destructive flag.