MCP Server
Billabex exposes a Model Context Protocol (MCP) server so AI tools can access Billabex data using OAuth 2.1. This guide explains discovery, authorization, available tools and resources, and how to connect.
MCP Endpoint
The MCP server uses Streamable HTTP (stateless):
POST [baseURL]/mcp
OAuth Discovery Flow
MCP clients follow RFC 9728 (Protected Resource Metadata) and RFC 8414 (OAuth Authorization Server Metadata):
- Call
POST /mcpwithout a token. - The server responds with
WWW-Authenticateincludingresource_metadataandscope. - Fetch the resource metadata URL to discover
authorization_serversandscopes_supportedfor/mcp. - Fetch the authorization server metadata to locate the authorization and registration endpoints.
Example 401 Response
The MCP server returns:
WWW-Authenticate: Bearer resource_metadata="[baseURL]/.well-known/oauth-protected-resource", scope="mcp:read mcp:write"Protected Resource Metadata (Path-Aware)
For /mcp, request:
[baseURL]/.well-known/oauth-protected-resource/mcp
The response includes:
{
"resource": "[baseURL]",
"authorization_servers": ["[baseURL]"],
"scopes_supported": ["mcp:read", "mcp:write"],
"bearer_methods_supported": ["header"]
}Authorization Server Metadata
GET [baseURL]/.well-known/oauth-authorization-server
This returns the authorization_endpoint, token_endpoint, and
registration_endpoint needed for OAuth 2.1 + PKCE.
Scopes
MCP uses two scopes:
| Scope | Access | Description |
|---|---|---|
mcp:read | Read | List and get invoices, accounts, communications. |
mcp:write | Write | Create, update, delete operations. |
Consent Behavior
If an authorization request omits the scope parameter, Billabex defaults to
mcp:read mcp:write for MCP clients.
Protocol Details
- Transport: Streamable HTTP (stateless mode).
- Authentication:
Authorization: Bearer <token>header (required). - Rate limiting: 300 requests/minute per token (sliding window).
- CORS header: Clients may send
Mcp-Protocol-Versionheader.
Resources
MCP resources provide metadata that AI tools can read to understand Billabex capabilities.
| URI | Description |
|---|---|
billabex://about | Platform overview, value proposition, key features |
billabex://concepts | Key entities, statuses, relationships, and business rules |
billabex://workflow | Step-by-step dunning workflow, task handling, and processes |
These resources help AI agents understand:
- About: What Billabex is, how it helps businesses manage invoice collection
- Concepts: Domain model including invoices, accounts, customer balances, communications, and tasks
- Workflow: Standard dunning workflow from invoice overdue to payment recovery
Prompts
MCP prompts provide business-oriented templates for AI agents to perform common tasks. Unlike tools, prompts use human-readable parameters (account names, organization names) instead of technical IDs.
| Prompt | Parameters | Use Case |
|---|---|---|
financial-snapshot | organizationName?, period? (7/30/all days) | Overview of outstanding balances, top accounts, cash flow |
account-360 | accountName, organizationName? | Complete account summary with invoices, communications, tasks |
daily-plan | organizationName? | Daily action plan: tasks, reminders, follow-ups |
daily-digest | organizationName? | Summary of today’s activities and updates |
communication-intelligence | accountName?, organizationName? | Recent replies, payment promises, accounts that replied but didn’t pay |
risk-report | organizationName? | Accounts at risk, silent accounts, accounts without contacts |
How Prompts Work
- User provides names: You call a prompt with an account name like “Acme Corp” instead of a UUID
- Agent resolves IDs: The prompt instructs the AI agent to use tools like
list-accountsandlist-organizationsto find the matching IDs - Agent gathers data: The agent calls multiple tools to gather relevant data
- Agent presents results: Results are formatted naturally without exposing technical IDs
Example: Financial Snapshot
{
"name": "financial-snapshot",
"arguments": {
"organizationName": "My Company",
"period": "30days"
}
}The agent will:
- Use
list-organizationsto find “My Company” - Use
list-customer-balancesto get outstanding balances - Use
list-invoicesto find upcoming due invoices - Present a formatted overview of your financial position
Tools Reference
Tools are grouped by domain. Read tools require mcp:read; Write tools require mcp:write.
Tool outputs include human-friendly fields such as displayName and summary where available. Prefer those fields for user-facing responses and keep IDs for follow-up tool calls.
All tools include annotations (readOnlyHint, destructiveHint, idempotentHint, openWorldHint) to help AI agents understand their behavior.
Invoicing
| Tool | Access | Description |
|---|---|---|
list-invoices | Read | List invoices for an organization (paginated). |
get-invoice | Read | Get invoice by ID or by number. |
create-invoice | Write | Create invoice with base64 file upload. |
update-invoice-paid-amount | Write | Update paid amount on an invoice. |
delete-invoice | Write | Delete an invoice. |
list-accounts | Read | List customer accounts (paginated). |
get-account | Read | Get account details with contacts. |
create-account | Write | Create a customer account. |
update-account | Write | Update account name, currency, or address. |
delete-account | Write | Delete a customer account. |
list-contacts | Read | List contacts on an account. |
get-contact | Read | Get a specific contact. |
create-contact | Write | Add a contact to an account. |
update-contact | Write | Update a contact. |
delete-contact | Write | Remove a contact. |
upsert-contact | Write | Create or update contact by email/name match. |
list-internal-representatives | Read | List internal reps on an account. |
get-internal-representative | Read | Get a specific internal rep. |
create-internal-representative | Write | Add an internal rep. |
update-internal-representative | Write | Update an internal rep. |
delete-internal-representative | Write | Remove an internal rep. |
upsert-internal-representative | Write | Create or update internal rep by match. |
list-credit-notes | Read | List credit notes (paginated). |
get-credit-note | Read | Get credit note details. |
create-credit-note | Write | Create a credit note. |
delete-credit-note | Write | Delete a credit note. |
apply-credit-allocation | Write | Apply credit from a credit note to an invoice. |
remove-credit-allocation | Write | Remove a credit allocation. |
link-account-source | Write | Link an external source to an account. |
update-account-source | Write | Update account source last-sync timestamp. |
unlink-account-source | Write | Unlink an external source. |
upsert-party | Write | Create/update contact or rep by email domain. |
Dunning
| Tool | Access | Description |
|---|---|---|
list-customer-balances | Read | List customer outstanding balances (paginated). |
get-customer-balance | Read | Get balance details with invoices/credit notes. |
list-outgoing-communications | Read | List outgoing dunning emails (paginated). |
get-outgoing-communication | Read | Get outgoing communication details. |
list-outgoing-communications-by-account | Read | List outgoing communications for an account. |
update-outgoing-communication | Write | Update a scheduled outgoing email. |
list-incoming-communications | Read | List incoming (reply) communications. |
get-incoming-communication | Read | Get incoming communication details. |
list-incoming-communications-by-account | Read | List incoming communications for an account. |
| Tool | Access | Description |
|---|---|---|
list-emails | Read | List all emails (incoming + outgoing). |
list-incoming-emails | Read | List incoming emails (paginated). |
get-incoming-email | Read | Get incoming email with simplified body. |
list-outgoing-emails | Read | List outgoing emails (paginated). |
get-outgoing-email | Read | Get outgoing email with simplified body. |
Platform
| Tool | Access | Description |
|---|---|---|
list-organizations | Read | List organizations for the user. |
get-organization | Read | Get organization details. |
update-organization | Write | Update organization name or email domain. |
update-organization-settings | Write | Update reminder delay settings. |
list-organization-members | Read | List members of an organization. |
remove-organization-member | Write | Remove a member from an organization. |
create-organization-invitation | Write | Invite a user to an organization. |
cancel-organization-invitation | Write | Cancel a pending invitation. |
Tasking
| Tool | Access | Description |
|---|---|---|
list-account-tasks | Read | List active tasks requiring user input. |
get-account-task | Read | Get task details and required input format. |
cancel-account-task | Write | Cancel an account task. |
add-account-task-text-interaction | Write | Add a text response to a task. |
add-account-task-structured-interaction | Write | Add a structured response to a task. |
Pagination
Tools returning lists use cursor-based pagination:
- Parameters:
first(items per page, max 100),after(cursor). - Response:
nodesarray +pageInfo.endCursor.
Notes
- OAuth is required for all MCP access.
- Tokens must be sent in the
Authorization: Bearer <token>header. - Rate limiting applies to MCP requests (300/min per token).
update-outgoing-communicationacceptsmessagein markdown. Do not include a signature; the platform renders HTML/text and appends the agent signature automatically.