Run Rubrkit from any MCP client.
One streamable-HTTP endpoint exposes 27 tools and the canonical docs as MCP resources, authenticated with your API key and bound by the same scopes, limits, and credits as the REST API.
Client config
{
"mcpServers": {
"rubrkit": {
"url": "https://rubrkit.com/api/v1/mcp",
"headers": {
"Authorization": "Bearer <your-rubrkit-api-key>"
}
}
}
}Add the server, then list and call tools.
Rubrkit speaks JSON-RPC 2.0 over a single streamable-HTTP endpoint. Any MCP-compatible client can connect with a bearer API key.
Create a scoped API key
In the dashboard, create an API key with the scopes the tools you plan to call need (for example audits:run, files:write).
Add the server to your MCP client
Point your MCP client at https://rubrkit.com/api/v1/mcp over streamable HTTP and send the key as an Authorization: Bearer header.
List and call tools
Run tools/list to discover the available tools and resources, then tools/call to invoke them. The same scopes, limits, credits, and ownership checks as the REST API apply.
27 tools, backed by the same controllers as REST.
Every tool maps to a /api/v1 operation and enforces the same scopes, limits, credits, and ownership checks. Docs tools need no scope; product tools require an API key with the scope shown.
Docs
rubrkit_search_api_docsSearch Rubrkit API docs
rubrkit_read_api_docRead Rubrkit API doc
rubrkit_read_openapi_contractRead Rubrkit OpenAPI contract
Artifact bundles
rubrkit_create_artifact_bundleCreate artifact bundle
rubrkit_list_artifact_bundlesList artifact bundles
rubrkit_read_artifact_bundleRead artifact bundle
rubrkit_list_artifact_bundle_versionsList artifact bundle versions
rubrkit_restore_artifact_bundle_versionRestore artifact bundle version
Files
rubrkit_upload_artifact_filesUpload artifact files
rubrkit_list_artifact_filesList artifact files
rubrkit_read_artifact_fileRead artifact file
rubrkit_update_artifact_fileUpdate artifact file
rubrkit_list_file_versionsList file versions
rubrkit_restore_file_versionRestore file version
Audits
rubrkit_start_auditStart audit
rubrkit_list_auditsList audits
rubrkit_read_auditRead audit
rubr_flow
rubrkit_convert_to_rubr_flowConvert to rubr_flow
rubrkit_list_rubr_flow_conversionsList rubr_flow conversions
rubrkit_read_rubr_flow_conversionRead rubr_flow conversion
Evals and proof
rubrkit_run_evalsRun evals
rubrkit_list_evalsList evals
rubrkit_read_evalRead eval
rubrkit_export_proof_reportExport proof report
rubrkit_read_proof_reportRead proof report
Jobs
rubrkit_poll_jobPoll job progress
rubrkit_list_job_eventsList job events
The canonical docs, as MCP resources.
Beyond tools, the server exposes the docs as readable resources, so a client can ground itself in the contract before calling anything.
Call resources/list to enumerate the OpenAPI contract and the docs/api Markdown guides, then resources/read to fetch any one by its URI.
So an agent can learn the contract while it builds against Rubrkit, rubrkit_search_api_docs and rubrkit_read_api_doc search and read the same docs in-context, with no API-key scope required.
Standard MCP, standard auth.
The endpoint implements the Model Context Protocol over JSON-RPC. Authentication and authorization reuse the REST API's scoped keys.
Protocol
tools — 27 tools via tools/list and tools/call
resources — Docs resources via resources/list and resources/read
prompts — prompts/list (none exposed yet)
Authentication
Send your key as an Authorization: Bearer header, or set RUBRKIT_API_KEY in your client. Each tool enforces the same scope it would over REST, so a key only does what you granted it.
Authorization: Bearer <rubrkit_api_key>Wire Rubrkit into your agent.
Create a scoped key, point your MCP client at the endpoint, and call the same tools the web app, CLI, and REST API run on.
Run an audit from the dashboard to see what the audit and eval tools return.