MCP server live ยท Live now

The accounting tool
your AI agent can drive.

Sage, Xero, QuickBooks โ€” none of them speak MCP yet. We do, today. Point Claude, Cursor, or any agent at Fit Finance and let it actually run your business operations โ€” invoicing, expenses, reconciliation, follow-ups. Scoped tokens. Rate limits. Full audit log. Built for the 2026 way of working.

Today, not 2027

MCP server live. 7 tools. Auth, scopes, audit. Sage/Xero/QBO have not shipped equivalents.

Built for the 2026 stack

Claude Desktop, Cursor, n8n, Zapier connect in two clicks. Your AI runs the boring work; you make decisions.

Safer than human entry

Per-scope permissions, hashed tokens, full audit log. Agents do less than humans by default.

Quick start

  1. 1. Generate a token

    In the app, go to Settings โ†’ API tokens, click "New token", give it a name (e.g. "Zapier โ€” invoicing"), pick scopes, and copy the token. We only show it once.

  2. 2. Confirm the connection

    curl https://app.fit-finance.eu/api/v1/me \
      -H "Authorization: Bearer ff_live_โ€ฆ"
  3. 3. List your invoices

    curl "https://app.fit-finance.eu/api/v1/invoices?limit=10" \
      -H "Authorization: Bearer ff_live_โ€ฆ"
  4. 4. Create a draft invoice

    curl -X POST https://app.fit-finance.eu/api/v1/invoices \
      -H "Authorization: Bearer ff_live_โ€ฆ" \
      -H "Content-Type: application/json" \
      -d '{"customer_id":"โ€ฆ","items":[{"description":"Consulting","qty":1,"unit_price":1500}]}'

Use in Claude / Cursor (MCP)

We also speak the Model Context Protocol. Paste this into your MCP client config and your AI assistant gets the same tool surface as the REST API:

{
  "mcpServers": {
    "fit-finance": {
      "transport": "http",
      "url": "https://app.fit-finance.eu/functions/v1/mcp",
      "headers": {
        "Authorization": "Bearer ff_live_โ€ฆ"
      }
    }
  }
}

Endpoints

Method Path Scope Purpose
GET /v1/me โ€” Confirm the connection works. Returns org + token info.
GET /v1/invoices invoices:read List invoices, newest first. Filters: status, limit.
POST /v1/invoices invoices:write Create a draft invoice for an existing customer.
GET /v1/customers customers:read List customers. Optional substring search via ?q=
POST /v1/customers customers:write Create a customer.
GET /v1/expenses expenses:read List expenses, newest first.
POST /v1/expenses expenses:write Record an expense.

Scopes

Each token grants exactly the permissions you tick at creation time. Wildcards invoices:* and global * are accepted server-side; the app UI keeps it explicit so the principle of least privilege is the default.

invoices:read

List invoices and inspect a single invoice.

invoices:write

Create draft invoices, line items, recurring schedules.

customers:read

List and search customers.

customers:write

Create or update customers.

expenses:read

List expenses.

expenses:write

Record new expenses.

addons:read

Inspect which marketplace addons are entitled.

Rate limits, audit, security

  • 100 requests / minute per token. 429 when exceeded; backs off cleanly.
  • Audit log records every token action with timestamp, IP, and user-agent. Visible to org owners.
  • Tokens are hashed (SHA-256) at rest. Plaintext is shown once at creation; revoke + reissue if lost.
  • Multi-tenant safe: tokens are bound to one org. They cannot read or write data from any other org under any circumstances.

Coming next

  • Outbound webhooks (`invoice.created`, `expense.created`, `subscription.canceled`) for Zapier-style "trigger" steps.
  • OAuth 2.0 client credentials, for SaaS integrations that don't want to ask end-users to paste tokens.
  • Tool-use enabled AI Suite โ€” let your AI assistant create invoices on your verbal say-so, with confirmation prompts.

Questions? info@fit-finance.eu.