Aira
Integrations

MCP

Model Context Protocol server that exposes Aira's authorize/notarize/verify as tools any MCP-aware agent can call.

Kind: adapter · Pre-execution gate: no (inverted role — Aira IS the server here) · Peer dep: mcp (Python) or @modelcontextprotocol/sdk (TypeScript)

What this integration actually does

Model Context Protocol (MCP) is a bidirectional protocol: a host (typically an AI agent) connects to an MCP server and explicitly calls tools the server exposes. There's no hidden hook point — the agent chooses to call authorize_action before its own side effect.

The Aira MCP integration is an adapter, not a wrapper. It runs an MCP server that exposes Aira's two-step flow (and a handful of related operations) as tools any MCP-aware agent can call. It's the inverse of the other integrations: the agent calls Aira through MCP, not the other way around.

That means this is audit-only in the sense that we don't own the execution boundary — we can only do what the MCP host asks us to do. But if the agent follows the documented two-step contract, you get the full authorization flow plus signed receipts.

Exposed tools

Tool nameWhat it doesBackend route
authorize_actionStep 1 — ask Aira for permissionPOST /api/v1/actions
notarize_actionStep 2 — seal the outcomePOST /api/v1/actions/{id}/notarize
verify_actionPublic verification of a receiptGET /api/v1/verify/action/{id}
get_receiptFetch a receipt by idGET /api/v1/receipts/{id}
resolve_didResolve a W3C DID to its documentPOST /api/v1/dids/resolve
verify_credentialVerify a W3C Verifiable CredentialPOST /api/v1/credentials/verify
get_reputationGet an agent's reputation scoreGET /api/v1/agents/{slug}/reputation

The tool schemas are published via list_tools() so any MCP-aware agent can discover them at connection time.

Install

pip install aira-sdk[mcp]

The package installs an aira-mcp console script that runs the server over stdio — the standard MCP transport for local agents.

npm install aira-sdk
# peer dep
npm install @modelcontextprotocol/sdk

Run the server (Python)

export AIRA_API_KEY=aira_live_...
aira-mcp

The server speaks MCP over stdio. Configure your MCP host (Claude Desktop, custom host, etc.) to launch this command.

Claude Desktop config

{
  "mcpServers": {
    "aira": {
      "command": "aira-mcp",
      "env": {
        "AIRA_API_KEY": "aira_live_..."
      }
    }
  }
}

Restart Claude Desktop and the Aira tools will appear in the tool picker.

Example: an MCP-aware agent calling Aira

Once the server is running, an MCP host can call the tools the same way it would call any other MCP tool:

MCP tool call
{
  "name": "authorize_action",
  "arguments": {
    "action_type": "wire_transfer",
    "details": "Send €75,000 to vendor-x",
    "agent_id": "payments-agent"
  }
}

The server returns the JSON-serialized Authorization object. The host is responsible for checking status, performing the side effect if authorized, and then calling notarize_action with the returned action_uuid.

What happens when a policy denies

  • The MCP host calls authorize_action with the action details.
  • The server calls the real aira.authorize().
  • If the policy engine denies, the server returns {"error": "<message>", "code": "POLICY_DENIED"} as the tool result.
  • The host sees the error and reacts — typically by not performing the side effect.

The server cannot enforce the gate on the host side. If a misbehaving host performs the side effect regardless of the tool result, the server has no way to stop it. That's why this is classified as adapter — the gate depends on the host honoring the contract.

When to use this vs the other integrations

Use the MCP server when...Use a native integration when...
Your agent speaks MCP natively (Claude Desktop, custom MCP host)You're writing Python/TypeScript code directly against LangChain/Vercel AI/OpenAI Agents
You want Aira available as a tool the model can call explicitlyYou want an implicit pre-execution gate the agent code doesn't have to know about
You want a quick way to expose Aira to ANY MCP-aware toolYou can modify the agent code to import from aira.extras

Known limits

  • Not a gate from the server side. See above.
  • stdio transport only. The default server runs over stdio (standard input/output), which is what MCP hosts like Claude Desktop use. For network transport you'll need to roll your own Server host — not hard, 5 lines of FastAPI or similar.
  • API key lives in the server environment. The server process has the Aira API key; MCP hosts don't see it. This is usually what you want — keep the key out of the agent's context — but it means one server process per Aira org.

Proof it works

  • Python: 337 lines of tests
  • TypeScript: 264 lines, 21 tests of tests
  • Pinned in both SDKs' INTEGRATIONS registries as kind="adapter", pre_execution_gate=False.

CrewAI

CrewAI integration is audit-only because CrewAI has no pre-execution hook. For real gating, call aira.authorize() inline inside your tool bodies.

Code Governance

Enforce governance rules on every pull request — AI agent safety, HIPAA, SOX, legal compliance, and custom policies. Inline comments on exact lines, multi-model consensus, automatic verification.

On this page

What this integration actually doesExposed toolsInstallRun the server (Python)Claude Desktop configExample: an MCP-aware agent calling AiraWhat happens when a policy deniesWhen to use this vs the other integrationsKnown limitsProof it worksRelated