Connect Tokens

MCP Server Setup

Connect Page Full Setup Guide
Preferred Route

Use MCP for Connect Tokens when you want the cleanest path into ChatGPT, Claude, and custom agent runtimes.

Model Context Protocol is the preferred route because it gives you a standard profile, a clear tool contract, and a safer way to expose read-first tools plus two safe writes: create job and update job status.

Technician MCP Profile Manager MCP Profile

Step 1

Required auth

Every MCP request uses the same per-user Connect Token you create in FlatRate Pro or ShopOS.

Send this header on every request

X-User-Token: <your-token>
  • Technician token source: /connect-gpt.html
  • Manager token source: /connect-org-gpt.html
  • Tokens are tied to live account data, stored hashed, and can be revoked at any time.

Step 2

Bridge inputs

If your MCP client or bridge accepts OpenAPI input, start from these values.

Technician OpenAPI

https://geargenius.ai/.well-known/frp-gpt-openapi.json

Manager OpenAPI

https://geargenius.ai/.well-known/shopos-org-openapi.json 
{
  "openapiUrl": "https://geargenius.ai/.well-known/frp-gpt-openapi.json",
  "baseUrl": "https://geargenius.ai",
  "headers": {
    "X-User-Token": "<your-token>"
  }
}

Step 3

Reference local bridge

This repo includes a reference stdio MCP bridge in mcp/bridge.

npm run mcp:bridge:check
MCP_USER_TOKEN=your_connect_token npm run mcp:bridge:start

Manager profile:

MCP_PROFILE=shopos_manager_assistant MCP_ORG_TOKEN=your_org_token npm run mcp:bridge:start

Step 4

Relevant agent profiles

Use the current profile IDs from the hosted policy file.

  • technician_assistant
  • shopos_manager_assistant

The bridge enforces fail-closed tool allowlists from mcp/agent-profiles.json and validates that allowed tool names exist in the current OpenAPI contracts.

Notes

  • MCP is the preferred route for Connect Tokens because it stays aligned with the hosted OpenAPI contracts and policy profiles.
  • Technician public tools are read-first with two safe writes: create job and update job status.
  • Manager tokens stay read-focused by design; technician job status updates require a technician-scoped token.