Documentation

Learn how to use Passkey for MCP identity management

← Home

📖 Getting Started

  1. Create an account on the dashboard
  2. Register a new MCP client with your redirect URIs
  3. Your CIMD document is published at https://cimd.v2n2x.com/clients/<client_id>.json
  4. Use the Python or TypeScript SDK to authenticate your agent

🔒 Security

  • PKCE Required — All authorization flows enforce Proof Key for Code Exchange
  • Strict Redirect Matching — No wildcards, no partial matches, HTTPS enforced (except localhost)
  • KMS Token Encryption — All stored tokens are encrypted with AWS KMS
  • Rate Limiting — 2000 requests per IP per 5-minute window via WAF
  • Audit Logging — All operations logged with 90-day retention
  • Auto Token Refresh — Tokens expiring within 10 minutes are automatically refreshed

⚡ Integration

Python SDK

pip install passkey-sdk

from passkey import PasskeyClient
client = PasskeyClient(client_id="<your_client_id>")
token = await client.authorize_mcp_server("https://mcp.example.com")

TypeScript SDK

npm install passkey-sdk

import { PasskeyClient } from 'passkey-sdk';
const client = new PasskeyClient({ clientId: '<your_client_id>' });
const token = await client.authorizeMcpServer('https://mcp.example.com');

📊 API Reference

GET
https://cimd.v2n2x.com/clients/<client_id>.json

Fetch CIMD document (public)

GET
https://api.v2n2x.com/keys/<client_id>/jwks.json

Fetch JWKS public keys (public)

POST
https://api.v2n2x.com/oauth/relay

Start OAuth relay flow

GET
https://api.v2n2x.com/oauth/code/<state>

Poll for authorization code (25s long-poll)

Full API docs available in the dashboard after sign-in.

Get Started FreeSign In →