The accounting tool
your AI agent can drive.
Sage, Xero, QuickBooks โ none of them speak MCP yet. We do, today. Point Claude, Cursor, or any agent at Fit Finance and let it actually run your business operations โ invoicing, expenses, reconciliation, follow-ups. Scoped tokens. Rate limits. Full audit log. Built for the 2026 way of working.
Today, not 2027
MCP server live. 7 tools. Auth, scopes, audit. Sage/Xero/QBO have not shipped equivalents.
Built for the 2026 stack
Claude Desktop, Cursor, n8n, Zapier connect in two clicks. Your AI runs the boring work; you make decisions.
Safer than human entry
Per-scope permissions, hashed tokens, full audit log. Agents do less than humans by default.
Quick start
-
1. Generate a token
In the app, go to Settings โ API tokens, click "New token", give it a name (e.g. "Zapier โ invoicing"), pick scopes, and copy the token. We only show it once.
-
2. Confirm the connection
curl https://app.fit-finance.eu/api/v1/me \ -H "Authorization: Bearer ff_live_โฆ" -
3. List your invoices
curl "https://app.fit-finance.eu/api/v1/invoices?limit=10" \ -H "Authorization: Bearer ff_live_โฆ" -
4. Create a draft invoice
curl -X POST https://app.fit-finance.eu/api/v1/invoices \ -H "Authorization: Bearer ff_live_โฆ" \ -H "Content-Type: application/json" \ -d '{"customer_id":"โฆ","items":[{"description":"Consulting","qty":1,"unit_price":1500}]}'
Use in Claude / Cursor (MCP)
We also speak the Model Context Protocol. Paste this into your MCP client config and your AI assistant gets the same tool surface as the REST API:
{
"mcpServers": {
"fit-finance": {
"transport": "http",
"url": "https://app.fit-finance.eu/functions/v1/mcp",
"headers": {
"Authorization": "Bearer ff_live_โฆ"
}
}
}
} Endpoints
| Method | Path | Scope | Purpose |
|---|---|---|---|
| GET | /v1/me | โ | Confirm the connection works. Returns org + token info. |
| GET | /v1/invoices | invoices:read | List invoices, newest first. Filters: status, limit. |
| POST | /v1/invoices | invoices:write | Create a draft invoice for an existing customer. |
| GET | /v1/customers | customers:read | List customers. Optional substring search via ?q= |
| POST | /v1/customers | customers:write | Create a customer. |
| GET | /v1/expenses | expenses:read | List expenses, newest first. |
| POST | /v1/expenses | expenses:write | Record an expense. |
Scopes
Each token grants exactly the permissions you tick at creation time. Wildcards invoices:* and global * are accepted server-side; the app UI keeps it explicit so the principle of least privilege is the default.
invoices:read
List invoices and inspect a single invoice.
invoices:write
Create draft invoices, line items, recurring schedules.
customers:read
List and search customers.
customers:write
Create or update customers.
expenses:read
List expenses.
expenses:write
Record new expenses.
addons:read
Inspect which marketplace addons are entitled.
Rate limits, audit, security
- 100 requests / minute per token. 429 when exceeded; backs off cleanly.
- Audit log records every token action with timestamp, IP, and user-agent. Visible to org owners.
- Tokens are hashed (SHA-256) at rest. Plaintext is shown once at creation; revoke + reissue if lost.
- Multi-tenant safe: tokens are bound to one org. They cannot read or write data from any other org under any circumstances.
Coming next
- Outbound webhooks (`invoice.created`, `expense.created`, `subscription.canceled`) for Zapier-style "trigger" steps.
- OAuth 2.0 client credentials, for SaaS integrations that don't want to ask end-users to paste tokens.
- Tool-use enabled AI Suite โ let your AI assistant create invoices on your verbal say-so, with confirmation prompts.
Questions? info@fit-finance.eu.