The latest articles on Forem by Eugen (@ievgen_ch). https://forem.com/ievgen_ch https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3892534%2F191c35a6-efdd-44fb-8621-00165b07905b.jpg https://forem.com/ievgen_ch en Eugen Mon, 27 Apr 2026 12:15:52 +0000 https://forem.com/ievgen_ch/-4a1i https://forem.com/ievgen_ch/-4a1i <div class="ltag__link--embedded"> <div class="crayons-story "> <a href="https://dev.to/ievgen_ch/we-built-a-chrome-extension-with-clean-architecture-heres-why-it-was-worth-the-extra-effort-1jk8" class="crayons-story__hidden-navigation-link">We Built a Chrome Extension With Clean Architecture. Here's Why It Was Worth the Extra Effort.</a> <div class="crayons-story__body crayons-story__body-full_post"> <div class="crayons-story__top"> <div class="crayons-story__meta"> <div class="crayons-story__author-pic"> <a href="/ievgen_ch" class="crayons-avatar crayons-avatar--l "> <img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3892534%2F191c35a6-efdd-44fb-8621-00165b07905b.jpg" alt="ievgen_ch profile" class="crayons-avatar__image" width="96" height="96"> </a> </div> <div> <div> <a href="/ievgen_ch" class="crayons-story__secondary fw-medium m:hidden"> Eugen </a> <div class="profile-preview-card relative mb-4 s:mb-0 fw-medium hidden m:inline-block"> Eugen <div id="story-author-preview-content-3556213" class="profile-preview-card__content crayons-dropdown branded-7 p-4 pt-0"> <div class="gap-4 grid"> <div class="-mt-4"> <a href="/ievgen_ch" class="flex"> <span class="crayons-avatar crayons-avatar--xl mr-2 shrink-0"> <img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3892534%2F191c35a6-efdd-44fb-8621-00165b07905b.jpg" class="crayons-avatar__image" alt="" width="96" height="96"> </span> <span class="crayons-link crayons-subtitle-2 mt-5">Eugen</span> </a> </div> <div class="print-hidden"> Follow </div> <div class="author-preview-metadata-container"></div> </div> </div> </div> </div> <a href="https://dev.to/ievgen_ch/we-built-a-chrome-extension-with-clean-architecture-heres-why-it-was-worth-the-extra-effort-1jk8" class="crayons-story__tertiary fs-xs"><time>Apr 27</time><span class="time-ago-indicator-initial-placeholder"></span></a> </div> </div> </div> <div class="crayons-story__indention"> <h2 class="crayons-story__title crayons-story__title-full_post"> <a href="https://dev.to/ievgen_ch/we-built-a-chrome-extension-with-clean-architecture-heres-why-it-was-worth-the-extra-effort-1jk8" id="article-link-3556213"> We Built a Chrome Extension With Clean Architecture. Here's Why It Was Worth the Extra Effort. </a> </h2> <div class="crayons-story__tags"> <a class="crayons-tag crayons-tag--monochrome " href="/t/chromeextension"><span class="crayons-tag__prefix">#</span>chromeextension</a> <a class="crayons-tag crayons-tag--monochrome " href="/t/saas"><span class="crayons-tag__prefix">#</span>saas</a> <a class="crayons-tag crayons-tag--monochrome " href="/t/typescript"><span class="crayons-tag__prefix">#</span>typescript</a> <a class="crayons-tag crayons-tag--monochrome " href="/t/react"><span class="crayons-tag__prefix">#</span>react</a> </div> <div class="crayons-story__bottom"> <div class="crayons-story__details"> <a href="https://dev.to/ievgen_ch/we-built-a-chrome-extension-with-clean-architecture-heres-why-it-was-worth-the-extra-effort-1jk8#comments" class="crayons-btn crayons-btn--s crayons-btn--ghost crayons-btn--icon-left flex items-center"> Comments <span class="hidden s:inline">Add Comment</span> </a> </div> <div class="crayons-story__save"> <small class="crayons-story__tertiary fs-xs mr-2"> 7 min read </small> <span class="bm-initial"> </span> <span class="bm-success"> </span> </div> </div> </div> </div> </div> </div> Eugen Mon, 27 Apr 2026 08:34:18 +0000 https://forem.com/ievgen_ch/we-built-a-chrome-extension-with-clean-architecture-heres-why-it-was-worth-the-extra-effort-1jk8 https://forem.com/ievgen_ch/we-built-a-chrome-extension-with-clean-architecture-heres-why-it-was-worth-the-extra-effort-1jk8 <p>Most Chrome extension tutorials show you a popup with a counter. Click a button, increment a number, done. That's fine for learning the API.</p> <p>But what if your extension needs OAuth with PKCE, multi-tenant team switching, content script injection into arbitrary web pages, offline detection, session refresh via background alarms, and role-based access control?</p> <p>We built a Chrome extension for <a href="https://paperlink.online" rel="noopener noreferrer">PaperLink</a> - a document sharing and analytics platform. The extension lets you create secure share links for your documents and insert them directly into any text field on any page - Gmail compose, Slack message box, Google Docs, whatever you're typing in.</p> <p>We used Clean Architecture for the whole thing. Here's what that looks like in practice, and why we'd do it again.</p> <h2> The stack </h2> <ul> <li> <strong>WXT</strong> (Vite-based extension framework) - handles manifest generation, HMR, multi-browser builds</li> <li> <strong>React 19</strong> with side panel UI</li> <li> <strong>Tailwind CSS v4</strong> for styling</li> <li> <strong>Vitest</strong> for testing (50+ test files)</li> <li> <strong>TypeScript 6</strong> with strict mode</li> </ul> <h2> Why Clean Architecture for a browser extension? </h2> <p>Browser extensions are deceptive. They look small, but they run across 3 execution contexts (background service worker, side panel, content scripts), talk to external APIs over HTTP, store tokens in <code>browser.storage</code>, inject scripts into pages you don't control, and need to handle offline/expired/deactivated states gracefully.</p> <p>If you put all of that in one file, you get something that works but can't be tested, can't be refactored, and breaks every time Chrome changes an API.</p> <p>We split the extension into 4 layers:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>extension/src/ domain/ # Pure types, entities, no dependencies application/ # Use cases + port interfaces infrastructure/ # Chrome APIs, HTTP client, clipboard, storage presentation/ # React components + hooks entrypoints/ # WXT entry points (background.ts, sidepanel/App.tsx) </code></pre> </div> <h2> Domain: 7 files, zero dependencies </h2> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>domain/ entities/authSession.ts types/document.ts types/link.ts types/result.ts types/team.ts types/teamRole.ts types/apiErrors.ts </code></pre> </div> <p>The domain layer has no imports from any other layer. No <code>chrome.*</code>, no React, no HTTP. Just TypeScript types and one entity class.</p> <p>The <code>AuthSession</code> entity is the most interesting piece:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">export</span> <span class="kd">class</span> <span class="nc">AuthSession</span> <span class="p">{</span> <span class="k">private</span> <span class="nf">constructor</span><span class="p">(</span> <span class="k">private</span> <span class="k">readonly</span> <span class="nx">accessToken</span><span class="p">:</span> <span class="kr">string</span><span class="p">,</span> <span class="k">private</span> <span class="k">readonly</span> <span class="nx">refreshToken</span><span class="p">:</span> <span class="kr">string</span><span class="p">,</span> <span class="k">private</span> <span class="k">readonly</span> <span class="nx">expiresAt</span><span class="p">:</span> <span class="kr">number</span><span class="p">,</span> <span class="k">private</span> <span class="k">readonly</span> <span class="nx">userId</span><span class="p">:</span> <span class="kr">string</span><span class="p">,</span> <span class="k">private</span> <span class="k">readonly</span> <span class="nx">activeTeamId</span><span class="p">:</span> <span class="kr">string</span><span class="p">,</span> <span class="p">)</span> <span class="p">{}</span> <span class="k">static</span> <span class="nf">create</span><span class="p">(</span><span class="nx">params</span><span class="p">:</span> <span class="p">{</span> <span class="nl">accessToken</span><span class="p">:</span> <span class="kr">string</span><span class="p">;</span> <span class="nl">refreshToken</span><span class="p">:</span> <span class="kr">string</span><span class="p">;</span> <span class="nl">expiresIn</span><span class="p">:</span> <span class="kr">number</span><span class="p">;</span> <span class="nl">userId</span><span class="p">:</span> <span class="kr">string</span><span class="p">;</span> <span class="nl">activeTeamId</span><span class="p">:</span> <span class="kr">string</span><span class="p">;</span> <span class="p">}):</span> <span class="nx">AuthSession</span> <span class="p">{</span> <span class="k">return</span> <span class="k">new</span> <span class="nc">AuthSession</span><span class="p">(</span> <span class="nx">params</span><span class="p">.</span><span class="nx">accessToken</span><span class="p">,</span> <span class="nx">params</span><span class="p">.</span><span class="nx">refreshToken</span><span class="p">,</span> <span class="nb">Date</span><span class="p">.</span><span class="nf">now</span><span class="p">()</span> <span class="o">+</span> <span class="nx">params</span><span class="p">.</span><span class="nx">expiresIn</span> <span class="o">*</span> <span class="mi">1000</span><span class="p">,</span> <span class="nx">params</span><span class="p">.</span><span class="nx">userId</span><span class="p">,</span> <span class="nx">params</span><span class="p">.</span><span class="nx">activeTeamId</span><span class="p">,</span> <span class="p">);</span> <span class="p">}</span> <span class="nf">isExpired</span><span class="p">():</span> <span class="nx">boolean</span> <span class="p">{</span> <span class="k">return</span> <span class="nb">Date</span><span class="p">.</span><span class="nf">now</span><span class="p">()</span> <span class="o">&gt;=</span> <span class="k">this</span><span class="p">.</span><span class="nx">expiresAt</span><span class="p">;</span> <span class="p">}</span> <span class="nf">requiresRefresh</span><span class="p">():</span> <span class="nx">boolean</span> <span class="p">{</span> <span class="k">return</span> <span class="nb">Date</span><span class="p">.</span><span class="nf">now</span><span class="p">()</span> <span class="o">&gt;=</span> <span class="k">this</span><span class="p">.</span><span class="nx">expiresAt</span> <span class="o">-</span> <span class="mi">60</span><span class="nx">_000</span><span class="p">;</span> <span class="p">}</span> <span class="nf">withActiveTeamId</span><span class="p">(</span><span class="nx">teamId</span><span class="p">:</span> <span class="kr">string</span><span class="p">):</span> <span class="nx">AuthSession</span> <span class="p">{</span> <span class="k">return</span> <span class="k">new</span> <span class="nc">AuthSession</span><span class="p">(</span> <span class="k">this</span><span class="p">.</span><span class="nx">accessToken</span><span class="p">,</span> <span class="k">this</span><span class="p">.</span><span class="nx">refreshToken</span><span class="p">,</span> <span class="k">this</span><span class="p">.</span><span class="nx">expiresAt</span><span class="p">,</span> <span class="k">this</span><span class="p">.</span><span class="nx">userId</span><span class="p">,</span> <span class="nx">teamId</span><span class="p">,</span> <span class="p">);</span> <span class="p">}</span> <span class="nf">toStorable</span><span class="p">():</span> <span class="nx">StorableSession</span> <span class="p">{</span> <span class="cm">/* ... */</span> <span class="p">}</span> <span class="k">static</span> <span class="nf">fromStorable</span><span class="p">(</span><span class="nx">data</span><span class="p">:</span> <span class="nx">StorableSession</span><span class="p">):</span> <span class="nx">AuthSession</span> <span class="p">{</span> <span class="cm">/* ... */</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>The 60-second refresh buffer means the background worker can catch tokens before they expire. The <code>withActiveTeamId</code> method returns a new instance instead of mutating - immutability matters when the same session object flows through multiple async operations.</p> <p>We also defined a tiny <code>Result</code> type that every use case returns:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">export</span> <span class="kd">type</span> <span class="nx">Result</span><span class="o">&lt;</span><span class="nx">T</span><span class="p">,</span> <span class="nx">E</span> <span class="kd">extends</span> <span class="kr">string</span> <span class="o">=</span> <span class="kr">string</span><span class="o">&gt;</span> <span class="o">=</span> <span class="o">|</span> <span class="p">{</span> <span class="na">ok</span><span class="p">:</span> <span class="kc">true</span><span class="p">;</span> <span class="nl">value</span><span class="p">:</span> <span class="nx">T</span> <span class="p">}</span> <span class="o">|</span> <span class="p">{</span> <span class="na">ok</span><span class="p">:</span> <span class="kc">false</span><span class="p">;</span> <span class="nl">error</span><span class="p">:</span> <span class="nx">E</span> <span class="p">}</span> <span class="o">|</span> <span class="p">{</span> <span class="na">ok</span><span class="p">:</span> <span class="kc">false</span><span class="p">;</span> <span class="nl">error</span><span class="p">:</span> <span class="dl">'</span><span class="s1">cancelled</span><span class="dl">'</span> <span class="p">};</span> </code></pre> </div> <p>No exceptions crossing layer boundaries. Every failure is typed and explicit.</p> <h2> Application: 10 use cases, 6 ports </h2> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>application/ ports/ iAuthClient.ts iBrowserTabs.ts iClipboard.ts iContentScriptInjector.ts iPaperLinkApi.ts iStorage.ts use-cases/ copyLinkUseCase.ts createLinkUseCase.ts insertLinkUseCase.ts listDocumentsUseCase.ts listLinksUseCase.ts openInAppUseCase.ts refreshSessionUseCase.ts signInUseCase.ts signOutUseCase.ts switchTeamUseCase.ts </code></pre> </div> <p>Ports are interfaces. Use cases depend on ports, never on concrete implementations. This is the core inversion.</p> <p>Here's <code>CreateLinkUseCase</code> - the most complex one, because it orchestrates API call, clipboard copy, and optional content script insertion:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">export</span> <span class="kd">class</span> <span class="nc">CreateLinkUseCase</span> <span class="p">{</span> <span class="nf">constructor</span><span class="p">(</span> <span class="k">private</span> <span class="k">readonly</span> <span class="nx">api</span><span class="p">:</span> <span class="nx">IPaperLinkApi</span><span class="p">,</span> <span class="k">private</span> <span class="k">readonly</span> <span class="nx">clipboard</span><span class="p">:</span> <span class="nx">IClipboard</span><span class="p">,</span> <span class="k">private</span> <span class="k">readonly</span> <span class="nx">contentScriptInjector</span><span class="p">:</span> <span class="nx">IContentScriptInjector</span><span class="p">,</span> <span class="p">)</span> <span class="p">{}</span> <span class="k">async</span> <span class="nf">execute</span><span class="p">(</span><span class="nx">params</span><span class="p">:</span> <span class="nx">CreateLinkParams</span><span class="p">):</span> <span class="nb">Promise</span><span class="o">&lt;</span><span class="nx">Result</span><span class="o">&lt;</span><span class="nx">CreateLinkResult</span><span class="p">,</span> <span class="nx">CreateLinkError</span><span class="o">&gt;&gt;</span> <span class="p">{</span> <span class="k">if </span><span class="p">(</span><span class="nx">params</span><span class="p">.</span><span class="nx">teamRole</span> <span class="o">===</span> <span class="nx">TEAM_ROLE_MEMBER</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="nf">error</span><span class="p">(</span><span class="dl">'</span><span class="s1">member_not_allowed</span><span class="dl">'</span><span class="p">);</span> <span class="p">}</span> <span class="c1">// ... build input from params ...</span> <span class="kd">let</span> <span class="nx">link</span><span class="p">;</span> <span class="k">try</span> <span class="p">{</span> <span class="nx">link</span> <span class="o">=</span> <span class="k">await</span> <span class="k">this</span><span class="p">.</span><span class="nx">api</span><span class="p">.</span><span class="nf">createLink</span><span class="p">(</span><span class="nx">params</span><span class="p">.</span><span class="nx">accessToken</span><span class="p">,</span> <span class="nx">input</span><span class="p">);</span> <span class="p">}</span> <span class="k">catch </span><span class="p">(</span><span class="na">err</span><span class="p">:</span> <span class="nx">unknown</span><span class="p">)</span> <span class="p">{</span> <span class="k">if </span><span class="p">(</span><span class="nx">err</span> <span class="k">instanceof</span> <span class="nb">Error</span> <span class="o">&amp;&amp;</span> <span class="nx">err</span><span class="p">.</span><span class="nx">message</span> <span class="o">===</span> <span class="nx">API_ERROR_FORBIDDEN</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="nf">error</span><span class="p">(</span><span class="dl">'</span><span class="s1">document_not_found</span><span class="dl">'</span><span class="p">);</span> <span class="p">}</span> <span class="k">return</span> <span class="nf">error</span><span class="p">(</span><span class="dl">'</span><span class="s1">create_failed</span><span class="dl">'</span><span class="p">);</span> <span class="p">}</span> <span class="k">try</span> <span class="p">{</span> <span class="k">await</span> <span class="k">this</span><span class="p">.</span><span class="nx">clipboard</span><span class="p">.</span><span class="nf">writeText</span><span class="p">(</span><span class="nx">link</span><span class="p">.</span><span class="nx">url</span><span class="p">);</span> <span class="p">}</span> <span class="k">catch</span> <span class="p">{</span> <span class="k">return</span> <span class="nf">error</span><span class="p">(</span><span class="dl">'</span><span class="s1">clipboard_failed</span><span class="dl">'</span><span class="p">);</span> <span class="p">}</span> <span class="kd">let</span> <span class="nx">inserted</span> <span class="o">=</span> <span class="kc">false</span><span class="p">;</span> <span class="k">if </span><span class="p">(</span><span class="nx">params</span><span class="p">.</span><span class="nx">mode</span> <span class="o">===</span> <span class="dl">'</span><span class="s1">copyAndInsert</span><span class="dl">'</span> <span class="o">&amp;&amp;</span> <span class="nx">params</span><span class="p">.</span><span class="nx">activeTabId</span> <span class="o">!=</span> <span class="kc">null</span><span class="p">)</span> <span class="p">{</span> <span class="k">try</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">result</span> <span class="o">=</span> <span class="k">await</span> <span class="k">this</span><span class="p">.</span><span class="nx">contentScriptInjector</span><span class="p">.</span><span class="nf">insertAtCursor</span><span class="p">(</span> <span class="nx">params</span><span class="p">.</span><span class="nx">activeTabId</span><span class="p">,</span> <span class="nx">link</span><span class="p">.</span><span class="nx">url</span> <span class="p">);</span> <span class="nx">inserted</span> <span class="o">=</span> <span class="nx">result</span><span class="p">.</span><span class="nx">inserted</span><span class="p">;</span> <span class="p">}</span> <span class="k">catch</span> <span class="p">{</span> <span class="cm">/* clipboard already has the URL as fallback */</span> <span class="p">}</span> <span class="p">}</span> <span class="k">return</span> <span class="nf">success</span><span class="p">({</span> <span class="na">url</span><span class="p">:</span> <span class="nx">link</span><span class="p">.</span><span class="nx">url</span><span class="p">,</span> <span class="nx">inserted</span> <span class="p">});</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>Notice what's NOT in this use case: no <code>chrome.scripting.executeScript</code>, no <code>navigator.clipboard</code>, no <code>fetch</code>. It doesn't know those exist. It talks to three interfaces and returns a typed result.</p> <p>When content script injection fails (restricted page, no focused field, Chrome blocking it), the URL is already on the clipboard. The user still gets their link.</p> <h2> Infrastructure: where Chrome lives </h2> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>infrastructure/ api/paperLinkApiClient.ts auth/chromeAuthAdapter.ts clipboard/navigatorClipboardAdapter.ts content-scripts/rangeInsertionAdapter.ts storage/chromeStorageAdapter.ts config/appConfig.ts i18n/i18nProvider.tsx </code></pre> </div> <p>Each adapter implements one port. The <code>ChromeAuthAdapter</code> is the OAuth implementation with PKCE:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">export</span> <span class="kd">class</span> <span class="nc">ChromeAuthAdapter</span> <span class="k">implements</span> <span class="nx">IAuthClient</span> <span class="p">{</span> <span class="k">async</span> <span class="nf">signIn</span><span class="p">():</span> <span class="nb">Promise</span><span class="o">&lt;</span><span class="nx">AuthSession</span><span class="o">&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">codeVerifier</span> <span class="o">=</span> <span class="nf">generateCodeVerifier</span><span class="p">();</span> <span class="kd">const</span> <span class="nx">codeChallenge</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">generatePkceChallenge</span><span class="p">(</span><span class="nx">codeVerifier</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">state</span> <span class="o">=</span> <span class="nf">generateState</span><span class="p">();</span> <span class="kd">const</span> <span class="nx">redirectUri</span> <span class="o">=</span> <span class="s2">`https://</span><span class="p">${</span><span class="nx">browser</span><span class="p">.</span><span class="nx">runtime</span><span class="p">.</span><span class="nx">id</span><span class="p">}</span><span class="s2">.chromiumapp.org/`</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">authUrl</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">URL</span><span class="p">(</span><span class="s2">`</span><span class="p">${</span><span class="nx">APP_BASE_URL</span><span class="p">}</span><span class="s2">/en/auth/extension-login`</span><span class="p">);</span> <span class="nx">authUrl</span><span class="p">.</span><span class="nx">searchParams</span><span class="p">.</span><span class="nf">set</span><span class="p">(</span><span class="dl">'</span><span class="s1">client_id</span><span class="dl">'</span><span class="p">,</span> <span class="nx">CLIENT_ID</span><span class="p">);</span> <span class="nx">authUrl</span><span class="p">.</span><span class="nx">searchParams</span><span class="p">.</span><span class="nf">set</span><span class="p">(</span><span class="dl">'</span><span class="s1">redirect_uri</span><span class="dl">'</span><span class="p">,</span> <span class="nx">redirectUri</span><span class="p">);</span> <span class="nx">authUrl</span><span class="p">.</span><span class="nx">searchParams</span><span class="p">.</span><span class="nf">set</span><span class="p">(</span><span class="dl">'</span><span class="s1">code_challenge</span><span class="dl">'</span><span class="p">,</span> <span class="nx">codeChallenge</span><span class="p">);</span> <span class="nx">authUrl</span><span class="p">.</span><span class="nx">searchParams</span><span class="p">.</span><span class="nf">set</span><span class="p">(</span><span class="dl">'</span><span class="s1">code_challenge_method</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">S256</span><span class="dl">'</span><span class="p">);</span> <span class="nx">authUrl</span><span class="p">.</span><span class="nx">searchParams</span><span class="p">.</span><span class="nf">set</span><span class="p">(</span><span class="dl">'</span><span class="s1">state</span><span class="dl">'</span><span class="p">,</span> <span class="nx">state</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">responseUrl</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">browser</span><span class="p">.</span><span class="nx">identity</span><span class="p">.</span><span class="nf">launchWebAuthFlow</span><span class="p">({</span> <span class="na">url</span><span class="p">:</span> <span class="nx">authUrl</span><span class="p">.</span><span class="nf">toString</span><span class="p">(),</span> <span class="na">interactive</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="p">});</span> <span class="c1">// ... validate state, extract code ...</span> <span class="kd">const</span> <span class="nx">tokenResponse</span> <span class="o">=</span> <span class="k">await</span> <span class="k">this</span><span class="p">.</span><span class="nf">exchangeCode</span><span class="p">(</span><span class="nx">code</span><span class="p">,</span> <span class="nx">codeVerifier</span><span class="p">,</span> <span class="nx">redirectUri</span><span class="p">);</span> <span class="k">return</span> <span class="nx">AuthSession</span><span class="p">.</span><span class="nf">create</span><span class="p">({</span> <span class="cm">/* ... */</span> <span class="p">});</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>PKCE in a browser extension isn't optional - extensions can't keep client secrets. The <code>browser.identity.launchWebAuthFlow</code> opens a Chrome-managed auth window, and the extension receives the authorization code via redirect URL.</p> <p>The content script injector is the most unusual adapter. It uses <code>browser.scripting.executeScript</code> to run code inside the active tab:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">export</span> <span class="kd">class</span> <span class="nc">RangeInsertionAdapter</span> <span class="k">implements</span> <span class="nx">IContentScriptInjector</span> <span class="p">{</span> <span class="k">async</span> <span class="nf">insertAtCursor</span><span class="p">(</span><span class="nx">tabId</span><span class="p">:</span> <span class="kr">number</span><span class="p">,</span> <span class="nx">text</span><span class="p">:</span> <span class="kr">string</span><span class="p">):</span> <span class="nb">Promise</span><span class="o">&lt;</span><span class="nx">InsertResult</span><span class="o">&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">results</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">browser</span><span class="p">.</span><span class="nx">scripting</span><span class="p">.</span><span class="nf">executeScript</span><span class="p">({</span> <span class="na">target</span><span class="p">:</span> <span class="p">{</span> <span class="nx">tabId</span> <span class="p">},</span> <span class="na">func</span><span class="p">:</span> <span class="nx">insertTextAtCursor</span><span class="p">,</span> <span class="na">args</span><span class="p">:</span> <span class="p">[</span><span class="nx">text</span><span class="p">],</span> <span class="p">});</span> <span class="kd">const</span> <span class="nx">result</span> <span class="o">=</span> <span class="nx">results</span><span class="p">[</span><span class="mi">0</span><span class="p">];</span> <span class="k">if </span><span class="p">(</span><span class="nx">result</span><span class="p">?.</span><span class="nx">result</span> <span class="o">===</span> <span class="kc">true</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="p">{</span> <span class="na">inserted</span><span class="p">:</span> <span class="kc">true</span> <span class="p">};</span> <span class="p">}</span> <span class="k">return</span> <span class="p">{</span> <span class="na">inserted</span><span class="p">:</span> <span class="kc">false</span><span class="p">,</span> <span class="na">reason</span><span class="p">:</span> <span class="dl">'</span><span class="s1">no_editable_focus</span><span class="dl">'</span> <span class="p">};</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>The injected function handles three cases: <code>&lt;input&gt;</code>, <code>&lt;textarea&gt;</code>, and <code>contenteditable</code> elements. It uses <code>setRangeText</code> for form fields and the Selection API for rich text editors. This covers Gmail, Slack, Notion, Google Docs, and most web apps.</p> <h2> Background service worker: 38 lines </h2> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">export</span> <span class="k">default</span> <span class="nf">defineBackground</span><span class="p">(()</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">storage</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">ChromeStorageAdapter</span><span class="p">();</span> <span class="kd">const</span> <span class="nx">authClient</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">ChromeAuthAdapter</span><span class="p">();</span> <span class="kd">const</span> <span class="nx">refreshUseCase</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">RefreshSessionUseCase</span><span class="p">(</span><span class="nx">authClient</span><span class="p">,</span> <span class="nx">storage</span><span class="p">);</span> <span class="k">void</span> <span class="nx">browser</span><span class="p">.</span><span class="nx">sidePanel</span><span class="p">.</span><span class="nf">setPanelBehavior</span><span class="p">({</span> <span class="na">openPanelOnActionClick</span><span class="p">:</span> <span class="kc">true</span> <span class="p">});</span> <span class="k">void</span> <span class="nx">browser</span><span class="p">.</span><span class="nx">alarms</span><span class="p">.</span><span class="nf">create</span><span class="p">(</span><span class="nx">ALARM_NAME</span><span class="p">,</span> <span class="p">{</span> <span class="na">periodInMinutes</span><span class="p">:</span> <span class="mi">10</span> <span class="p">});</span> <span class="nx">browser</span><span class="p">.</span><span class="nx">alarms</span><span class="p">.</span><span class="nx">onAlarm</span><span class="p">.</span><span class="nf">addListener</span><span class="p">((</span><span class="nx">alarm</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="k">if </span><span class="p">(</span><span class="nx">alarm</span><span class="p">.</span><span class="nx">name</span> <span class="o">!==</span> <span class="nx">ALARM_NAME</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span><span class="p">;</span> <span class="p">}</span> <span class="k">void </span><span class="p">(</span><span class="k">async </span><span class="p">()</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">stored</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">storage</span><span class="p">.</span><span class="kd">get</span><span class="o">&lt;</span><span class="nx">StorableSession</span><span class="o">&gt;</span><span class="p">(</span><span class="nx">STORAGE_KEY_AUTH_SESSION</span><span class="p">);</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">stored</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span><span class="p">;</span> <span class="p">}</span> <span class="kd">const</span> <span class="nx">session</span> <span class="o">=</span> <span class="nx">AuthSession</span><span class="p">.</span><span class="nf">fromStorable</span><span class="p">(</span><span class="nx">stored</span><span class="p">);</span> <span class="k">if </span><span class="p">(</span><span class="nx">session</span><span class="p">.</span><span class="nf">requiresRefresh</span><span class="p">())</span> <span class="p">{</span> <span class="k">await</span> <span class="nx">refreshUseCase</span><span class="p">.</span><span class="nf">execute</span><span class="p">();</span> <span class="p">}</span> <span class="p">})();</span> <span class="p">});</span> <span class="p">});</span> </code></pre> </div> <p>Every 10 minutes, the alarm fires. If there's a stored session and it's within the 60-second refresh window, refresh it silently. The user never sees an expired token.</p> <p>This is only 38 lines because all the logic lives in <code>RefreshSessionUseCase</code>. The background script is just wiring.</p> <h2> Architecture tests guard the layers </h2> <p>We wrote tests that fail if any layer imports from a forbidden layer:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">FORBIDDEN_DOMAIN</span> <span class="o">=</span> <span class="p">[</span><span class="dl">'</span><span class="s1">@/application</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">@/infrastructure</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">@/presentation</span><span class="dl">'</span><span class="p">];</span> <span class="nf">describe</span><span class="p">(</span><span class="dl">'</span><span class="s1">Domain - no upward imports</span><span class="dl">'</span><span class="p">,</span> <span class="p">()</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nx">it</span><span class="p">.</span><span class="nf">each</span><span class="p">(</span><span class="nx">domainFiles</span><span class="p">)(</span><span class="dl">'</span><span class="s1">%s has no forbidden imports</span><span class="dl">'</span><span class="p">,</span> <span class="nx">file</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">imports</span> <span class="o">=</span> <span class="nf">readFileImports</span><span class="p">(</span><span class="nx">file</span><span class="p">);</span> <span class="k">for </span><span class="p">(</span><span class="kd">const</span> <span class="nx">imp</span> <span class="k">of</span> <span class="nx">imports</span><span class="p">)</span> <span class="p">{</span> <span class="k">for </span><span class="p">(</span><span class="kd">const</span> <span class="nx">forbidden</span> <span class="k">of</span> <span class="nx">FORBIDDEN_DOMAIN</span><span class="p">)</span> <span class="p">{</span> <span class="nf">expect</span><span class="p">(</span><span class="nx">imp</span><span class="p">.</span><span class="nf">startsWith</span><span class="p">(</span><span class="nx">forbidden</span><span class="p">)).</span><span class="nf">toBe</span><span class="p">(</span><span class="kc">false</span><span class="p">);</span> <span class="p">}</span> <span class="p">}</span> <span class="p">});</span> <span class="nx">it</span><span class="p">.</span><span class="nf">each</span><span class="p">(</span><span class="nx">domainFiles</span><span class="p">)(</span><span class="dl">'</span><span class="s1">%s has no chrome references</span><span class="dl">'</span><span class="p">,</span> <span class="nx">file</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">content</span> <span class="o">=</span> <span class="nf">readFileContent</span><span class="p">(</span><span class="nx">file</span><span class="p">);</span> <span class="nf">expect</span><span class="p">(</span><span class="nx">content</span><span class="p">).</span><span class="nx">not</span><span class="p">.</span><span class="nf">toMatch</span><span class="p">(</span><span class="sr">/</span><span class="se">\b</span><span class="sr">chrome</span><span class="se">\.</span><span class="sr">/</span><span class="p">);</span> <span class="p">});</span> <span class="p">});</span> </code></pre> </div> <p>The test parses actual import statements from source files and checks them against a forbidden list per layer. Domain can't import from application, infrastructure, or presentation. Application can't import from presentation or infrastructure adapters. Presentation can't import infrastructure adapters directly.</p> <p>These tests catch violations at CI time, not during code review.</p> <h2> What we actually shipped </h2> <p>The Chrome extension has:</p> <ul> <li>OAuth with PKCE and team selection (multi-tenant)</li> <li>Document list with cursor-based pagination and search</li> <li>Link creation with optional password and expiry</li> <li>"Create &amp; Copy" and "Create &amp; Insert in Page" actions</li> <li>View existing links per document with view counts</li> <li>Role-based UI (Members see read-only view)</li> <li>Offline detection with banner</li> <li>Session auto-refresh via background alarms</li> <li>Stale session recovery</li> <li>i18n (multiple locales)</li> <li>Accessibility (ARIA labels, screen reader announcements)</li> </ul> <p>All of that in ~60 source files and ~50 test files.</p> <h2> The tradeoffs </h2> <p><strong>More files.</strong> A flat extension would be maybe 10 files. We have 60. Every new feature touches 3-4 layers.</p> <p><strong>Composition root in <code>App.tsx</code>.</strong> WXT doesn't have a DI container, so all adapters are instantiated at the top of the entry point and passed down. It's explicit, it works, but it's verbose.</p> <p><strong>Infrastructure adapters vary in size.</strong> The clipboard adapter is 11 lines, storage is 24. The auth adapter is 168 lines because PKCE is inherently complex, and the API client is 194 lines because it maps every endpoint. But the real business logic still lives in use cases and domain - adapters are just plumbing. Every use case can be tested with fake implementations of the ports - no <code>browser.*</code> mocking needed.</p> <h2> Chrome Web Store review: approved in 24 hours </h2> <p>We submitted v1 as a minimal release to get through the review process quickly. The extension was live in the Chrome Web Store within 24 hours.</p> <p>From the review logs, we could see a Google tester spent about 5 minutes on the platform - signed up, created a document, shared a link, tried the extension. That was enough. The permission justifications were clear because each Chrome API (<code>storage</code>, <code>identity</code>, <code>scripting</code>, <code>activeTab</code>, <code>alarms</code>) maps to exactly one infrastructure adapter with a single responsibility.</p> <p>We didn't get a single rejection or follow-up question. For an extension requesting <code>scripting</code> and <code>activeTab</code> permissions - which Chrome reviews carefully - that's not typical.</p> <p>We've already shipped v1.1.0 with improvements, and more updates are coming. If you try the current version and it feels rough around the edges - check back in a few days. We're iterating fast.</p> <h2> Screenshots for the Chrome Web Store listing </h2> <p>The CWS listing needs 1280x800 screenshots. We took actual screenshots of the extension in use and processed them with AI image generation - cropping the extension panel, placing it on a clean white background, and adding context. This gave us polished marketing screenshots without a designer.</p> <h2> Would we do it again? </h2> <p>Yes. Three reasons:</p> <ol> <li><p><strong>Testing.</strong> Every use case is tested against port interfaces, not Chrome API mocks. When Chrome changes their <code>scripting</code> API, we change one adapter. Tests don't move.</p></li> <li><p><strong>The "Insert in Page" feature.</strong> This required coordinating between the side panel (React), background worker (alarms), content scripts (DOM injection), and the API. Without clear boundaries, this would have been a debugging nightmare. With ports and use cases, each piece is isolated and testable.</p></li> <li><p><strong>The review process.</strong> Clean Architecture made CWS review trivial. Each permission maps to one adapter, each adapter implements one port, each port serves specific use cases. When a reviewer asks "why do you need <code>scripting</code>?", the answer is one file: <code>RangeInsertionAdapter.ts</code>, 58 lines, used by <code>InsertLinkUseCase</code> to paste share links into focused text fields. That's it.</p></li> </ol> chromeextension saas typescript react Eugen Fri, 24 Apr 2026 14:40:39 +0000 https://forem.com/ievgen_ch/ai-accounting-45-seconds-in-a-form-vs-10-seconds-in-a-chat-4i0a https://forem.com/ievgen_ch/ai-accounting-45-seconds-in-a-form-vs-10-seconds-in-a-chat-4i0a <p>We built <a href="https://dev.to/ievgen_ch/we-built-118-mcp-tools-heres-what-ai-actually-does-with-them-4pdh">118 MCP tools</a> for our SaaS. About 35 of them handle accounting: transactions, transfers, recurring rules, categories, currencies, financial accounts. We timed the same operations in our web forms and through Claude. The difference was larger than we expected - in both directions.</p> <p>This isn't a "forms are dead" post. It's a timing comparison with code. Some operations are 4x faster in conversation. Some are still better in a form. The interesting part is figuring out which is which.</p> <h2> Operation 1: Recording a single expense </h2> <p><strong>Form: ~45 seconds</strong></p> <p>Open the accounting page. Click "New Transaction." Select type: Expense. Type amount: 12.50. Type description: "Coffee beans." Click the category dropdown, scroll through 40+ categories, find "Food &amp; Dining", expand it, pick "Groceries." Select account from another dropdown. Click Save.</p> <p><strong>Conversation: ~10 seconds</strong></p> <blockquote> <p>"12.50 coffee beans, groceries, wise"</p> </blockquote> <p>Claude calls <code>list-categories</code> with <code>search: "groceries"</code> to find the deepest matching subcategory:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="nx">server</span><span class="p">.</span><span class="nf">registerTool</span><span class="p">(</span> <span class="dl">'</span><span class="s1">list-categories</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">description</span><span class="p">:</span> <span class="dl">'</span><span class="s1">Search expense/income categories by keyword. ALWAYS use the search </span><span class="dl">'</span> <span class="o">+</span> <span class="dl">'</span><span class="s1">parameter to find the deepest matching subcategory (e.g. search "groceries" to </span><span class="dl">'</span> <span class="o">+</span> <span class="dl">'</span><span class="s1">find "Food &amp; Dining &gt; Groceries" at depth 2, not "Food &amp; Dining" at depth 0). </span><span class="dl">'</span> <span class="o">+</span> <span class="dl">'</span><span class="s1">Each result includes depth (0=root, 1-3=subcategory) - prefer the deepest match.</span><span class="dl">'</span><span class="p">,</span> <span class="na">inputSchema</span><span class="p">:</span> <span class="nx">z</span><span class="p">.</span><span class="nf">object</span><span class="p">({</span> <span class="na">type</span><span class="p">:</span> <span class="nx">z</span><span class="p">.</span><span class="nf">enum</span><span class="p">([</span><span class="dl">'</span><span class="s1">INCOME</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">EXPENSE</span><span class="dl">'</span><span class="p">]).</span><span class="nf">optional</span><span class="p">(),</span> <span class="na">search</span><span class="p">:</span> <span class="nx">z</span><span class="p">.</span><span class="nf">string</span><span class="p">().</span><span class="nf">max</span><span class="p">(</span><span class="mi">200</span><span class="p">).</span><span class="nf">optional</span><span class="p">(),</span> <span class="na">limit</span><span class="p">:</span> <span class="nx">z</span><span class="p">.</span><span class="nx">coerce</span><span class="p">.</span><span class="nf">number</span><span class="p">().</span><span class="nf">int</span><span class="p">().</span><span class="nf">min</span><span class="p">(</span><span class="mi">1</span><span class="p">).</span><span class="nf">max</span><span class="p">(</span><span class="mi">50</span><span class="p">).</span><span class="nf">optional</span><span class="p">(),</span> <span class="p">}),</span> <span class="na">annotations</span><span class="p">:</span> <span class="p">{</span> <span class="na">readOnlyHint</span><span class="p">:</span> <span class="kc">true</span> <span class="p">},</span> <span class="p">},</span> <span class="c1">// ...</span> <span class="p">);</span> </code></pre> </div> <p>Then it resolves "wise" to the correct financial account via <code>list-accounts</code>, and calls <code>create-transaction</code>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="nx">server</span><span class="p">.</span><span class="nf">registerTool</span><span class="p">(</span> <span class="dl">'</span><span class="s1">create-transaction</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">description</span><span class="p">:</span> <span class="dl">'</span><span class="s1">Record a financial transaction. </span><span class="dl">'</span> <span class="o">+</span> <span class="dl">'</span><span class="s1">Workflow: 1) Search category via list-categories with a keyword </span><span class="dl">'</span> <span class="o">+</span> <span class="dl">'</span><span class="s1">2) Confirm category + account with user 3) Create transaction.</span><span class="dl">'</span><span class="p">,</span> <span class="na">inputSchema</span><span class="p">:</span> <span class="nx">z</span><span class="p">.</span><span class="nf">object</span><span class="p">({</span> <span class="na">type</span><span class="p">:</span> <span class="nx">z</span><span class="p">.</span><span class="nf">enum</span><span class="p">([</span><span class="dl">'</span><span class="s1">INCOME</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">EXPENSE</span><span class="dl">'</span><span class="p">]),</span> <span class="na">amount</span><span class="p">:</span> <span class="nf">coerceAmount</span><span class="p">(),</span> <span class="na">description</span><span class="p">:</span> <span class="nx">z</span><span class="p">.</span><span class="nf">string</span><span class="p">().</span><span class="nf">max</span><span class="p">(</span><span class="mi">200</span><span class="p">),</span> <span class="na">accountId</span><span class="p">:</span> <span class="nx">z</span><span class="p">.</span><span class="nf">string</span><span class="p">(),</span> <span class="na">categoryId</span><span class="p">:</span> <span class="nx">z</span><span class="p">.</span><span class="nf">string</span><span class="p">().</span><span class="nf">optional</span><span class="p">(),</span> <span class="na">date</span><span class="p">:</span> <span class="nf">coerceDateString</span><span class="p">().</span><span class="nf">optional</span><span class="p">(),</span> <span class="p">}),</span> <span class="na">annotations</span><span class="p">:</span> <span class="p">{</span> <span class="na">destructiveHint</span><span class="p">:</span> <span class="kc">false</span><span class="p">,</span> <span class="na">idempotentHint</span><span class="p">:</span> <span class="kc">false</span> <span class="p">},</span> <span class="p">},</span> <span class="c1">// ...</span> <span class="p">);</span> </code></pre> </div> <p>Before creating anything, Claude confirms: "Record $12.50 expense 'Coffee beans' in Food &amp; Dining &gt; Groceries from Wise USD?" You say yes. Done.</p> <p>The time difference comes from category selection. In a form, you navigate a tree. In a conversation, you type a keyword and the AI searches for the deepest match. "Groceries" resolves to <code>Food &amp; Dining &gt; Groceries</code> (depth 2) without you knowing the tree structure.</p> <h2> Operation 2: A 6-item receipt </h2> <p><strong>Form: ~4 minutes</strong></p> <p>Six separate transactions. Open form, fill fields, save. Repeat five more times. Each one requires the same category navigation, same account selection. Copy-paste the date six times.</p> <p><strong>Conversation: ~20 seconds</strong></p> <blockquote> <p>"Receipt from today: milk 3.20, bread 2.10, eggs 4.50, butter 3.80, cheese 6.90, yogurt 2.40 - all groceries, wise account"</p> </blockquote> <p>Claude calls <code>create-transactions</code> - one batch operation:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="nx">server</span><span class="p">.</span><span class="nf">registerTool</span><span class="p">(</span> <span class="dl">'</span><span class="s1">create-transactions</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">description</span><span class="p">:</span> <span class="dl">'</span><span class="s1">Batch create multiple transactions in a single call. </span><span class="dl">'</span> <span class="o">+</span> <span class="dl">'</span><span class="s1">Use for multi-item receipts. Always confirm the full list of items, </span><span class="dl">'</span> <span class="o">+</span> <span class="dl">'</span><span class="s1">total amount, category, and account with the user before calling.</span><span class="dl">'</span><span class="p">,</span> <span class="na">inputSchema</span><span class="p">:</span> <span class="nx">z</span><span class="p">.</span><span class="nf">object</span><span class="p">({</span> <span class="na">accountId</span><span class="p">:</span> <span class="nx">z</span><span class="p">.</span><span class="nf">string</span><span class="p">(),</span> <span class="na">categoryId</span><span class="p">:</span> <span class="nx">z</span><span class="p">.</span><span class="nf">string</span><span class="p">().</span><span class="nf">optional</span><span class="p">(),</span> <span class="na">date</span><span class="p">:</span> <span class="nf">coerceDateString</span><span class="p">().</span><span class="nf">optional</span><span class="p">(),</span> <span class="na">transactions</span><span class="p">:</span> <span class="nf">coerceJsonArray</span><span class="p">(</span> <span class="nx">z</span><span class="p">.</span><span class="nf">object</span><span class="p">({</span> <span class="na">type</span><span class="p">:</span> <span class="nx">z</span><span class="p">.</span><span class="nf">enum</span><span class="p">([</span><span class="dl">'</span><span class="s1">INCOME</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">EXPENSE</span><span class="dl">'</span><span class="p">]),</span> <span class="na">amount</span><span class="p">:</span> <span class="nf">coerceAmount</span><span class="p">(),</span> <span class="na">description</span><span class="p">:</span> <span class="nx">z</span><span class="p">.</span><span class="nf">string</span><span class="p">().</span><span class="nf">max</span><span class="p">(</span><span class="mi">200</span><span class="p">),</span> <span class="na">categoryId</span><span class="p">:</span> <span class="nx">z</span><span class="p">.</span><span class="nf">string</span><span class="p">().</span><span class="nf">optional</span><span class="p">(),</span> <span class="na">date</span><span class="p">:</span> <span class="nf">coerceDateString</span><span class="p">().</span><span class="nf">optional</span><span class="p">(),</span> <span class="p">})</span> <span class="p">).</span><span class="nf">describe</span><span class="p">(</span><span class="dl">'</span><span class="s1">JSON array of 1-50 transactions</span><span class="dl">'</span><span class="p">),</span> <span class="p">}),</span> <span class="na">annotations</span><span class="p">:</span> <span class="p">{</span> <span class="na">destructiveHint</span><span class="p">:</span> <span class="kc">false</span><span class="p">,</span> <span class="na">idempotentHint</span><span class="p">:</span> <span class="kc">false</span> <span class="p">},</span> <span class="p">},</span> <span class="c1">// ...</span> <span class="p">);</span> </code></pre> </div> <p>The <code>accountId</code>, <code>categoryId</code>, and <code>date</code> are shared across all items - you specify them once. Individual transactions can override the category or date if needed. Claude confirms: "6 items, total $22.90, all Groceries, Wise USD, today. Create?" One tool call instead of six form submissions.</p> <p>The batch endpoint accepts up to 50 transactions. The AI sends them as a JSON array inside a single parameter - parsed and validated by our <code>coerceJsonArray</code> helper (covered in <a href="https://dev.to/ievgen_ch/anatomy-of-a-118-tool-mcp-server-how-we-organized-the-chaos-3h9a">post 2</a>).</p> <p>This is where the time gap is largest. 4 minutes vs 20 seconds is a 12x difference. And it's not because the form is badly designed - it's because the form treats each transaction as a separate operation.</p> <h2> Operation 3: Transfer between accounts </h2> <p><strong>Form: ~30 seconds</strong></p> <p>Open transfers page. Select source account. Select destination account. If currencies differ, manually check today's exchange rate. Enter amount. Calculate the destination amount yourself. Save.</p> <p><strong>Conversation: ~10 seconds</strong></p> <blockquote> <p>"Transfer $500 from Wise to Mono"</p> </blockquote> <p>Claude chains three operations: calls <code>get-exchange-rates</code> to find the USD/UAH rate, calculates the destination amount, then calls <code>create-transfer</code>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="nx">server</span><span class="p">.</span><span class="nf">registerTool</span><span class="p">(</span> <span class="dl">'</span><span class="s1">create-transfer</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">description</span><span class="p">:</span> <span class="dl">'</span><span class="s1">Transfer money between two financial accounts. </span><span class="dl">'</span> <span class="o">+</span> <span class="dl">'</span><span class="s1">Auto-fetches exchange rate for cross-currency transfers. </span><span class="dl">'</span> <span class="o">+</span> <span class="dl">'</span><span class="s1">For loan payments: confirm source account, loan account, amount, and category.</span><span class="dl">'</span><span class="p">,</span> <span class="na">inputSchema</span><span class="p">:</span> <span class="nx">z</span><span class="p">.</span><span class="nf">object</span><span class="p">({</span> <span class="na">fromAccountId</span><span class="p">:</span> <span class="nx">z</span><span class="p">.</span><span class="nf">string</span><span class="p">(),</span> <span class="na">toAccountId</span><span class="p">:</span> <span class="nx">z</span><span class="p">.</span><span class="nf">string</span><span class="p">(),</span> <span class="na">amount</span><span class="p">:</span> <span class="nf">coerceAmount</span><span class="p">(),</span> <span class="na">description</span><span class="p">:</span> <span class="nx">z</span><span class="p">.</span><span class="nf">string</span><span class="p">().</span><span class="nf">max</span><span class="p">(</span><span class="mi">200</span><span class="p">).</span><span class="nf">optional</span><span class="p">(),</span> <span class="na">date</span><span class="p">:</span> <span class="nf">coerceDateString</span><span class="p">().</span><span class="nf">optional</span><span class="p">(),</span> <span class="p">}),</span> <span class="na">annotations</span><span class="p">:</span> <span class="p">{</span> <span class="na">destructiveHint</span><span class="p">:</span> <span class="kc">false</span><span class="p">,</span> <span class="na">idempotentHint</span><span class="p">:</span> <span class="kc">false</span> <span class="p">},</span> <span class="p">},</span> <span class="c1">// ...</span> <span class="p">);</span> </code></pre> </div> <p>Claude confirms: "Transfer $500 from Wise USD to Mono UAH. Rate: 1 USD = 41.25 UAH. Destination: 20,625 UAH. Proceed?" The exchange rate lookup that takes you 15 seconds on Google takes Claude one tool call.</p> <h2> Operation 4: Setting up a recurring expense </h2> <p><strong>Form: ~60 seconds</strong></p> <p>Navigate to recurring transactions. Click "New." Fill in all the same fields as a regular transaction, plus: frequency (monthly), day of month, start date, optional end date. Save. Wonder if it actually worked until the first one generates.</p> <p><strong>Conversation: ~15 seconds</strong></p> <blockquote> <p>"Every month on the 1st, record $50 expense 'Spotify Family' from Wise, subscriptions category"</p> </blockquote> <p>Claude calls <code>create-recurring-transaction</code>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="nx">server</span><span class="p">.</span><span class="nf">registerTool</span><span class="p">(</span> <span class="dl">'</span><span class="s1">create-recurring-transaction</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">description</span><span class="p">:</span> <span class="dl">'</span><span class="s1">Schedule a recurring transaction template. </span><span class="dl">'</span> <span class="o">+</span> <span class="dl">'</span><span class="s1">Does NOT generate a transaction immediately - the daily cron handles generation.</span><span class="dl">'</span><span class="p">,</span> <span class="na">inputSchema</span><span class="p">:</span> <span class="nx">z</span><span class="p">.</span><span class="nf">object</span><span class="p">({</span> <span class="na">type</span><span class="p">:</span> <span class="nx">z</span><span class="p">.</span><span class="nf">enum</span><span class="p">([</span><span class="dl">'</span><span class="s1">INCOME</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">EXPENSE</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">TRANSFER</span><span class="dl">'</span><span class="p">]),</span> <span class="na">amount</span><span class="p">:</span> <span class="nf">coerceAmount</span><span class="p">(),</span> <span class="na">description</span><span class="p">:</span> <span class="nx">z</span><span class="p">.</span><span class="nf">string</span><span class="p">().</span><span class="nf">max</span><span class="p">(</span><span class="mi">200</span><span class="p">),</span> <span class="na">accountId</span><span class="p">:</span> <span class="nx">z</span><span class="p">.</span><span class="nf">string</span><span class="p">(),</span> <span class="na">categoryId</span><span class="p">:</span> <span class="nx">z</span><span class="p">.</span><span class="nf">string</span><span class="p">().</span><span class="nf">optional</span><span class="p">(),</span> <span class="na">targetAccountId</span><span class="p">:</span> <span class="nx">z</span><span class="p">.</span><span class="nf">string</span><span class="p">().</span><span class="nf">optional</span><span class="p">()</span> <span class="p">.</span><span class="nf">describe</span><span class="p">(</span><span class="dl">'</span><span class="s1">Required for TRANSFER type</span><span class="dl">'</span><span class="p">),</span> <span class="na">intervalUnit</span><span class="p">:</span> <span class="nx">z</span><span class="p">.</span><span class="nf">enum</span><span class="p">([</span><span class="dl">'</span><span class="s1">DAY</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">WEEK</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">MONTH</span><span class="dl">'</span><span class="p">]),</span> <span class="na">intervalValue</span><span class="p">:</span> <span class="nx">z</span><span class="p">.</span><span class="nx">coerce</span><span class="p">.</span><span class="nf">number</span><span class="p">().</span><span class="nf">int</span><span class="p">().</span><span class="nf">positive</span><span class="p">(),</span> <span class="na">dayOfMonth</span><span class="p">:</span> <span class="nx">z</span><span class="p">.</span><span class="nx">coerce</span><span class="p">.</span><span class="nf">number</span><span class="p">().</span><span class="nf">int</span><span class="p">().</span><span class="nf">min</span><span class="p">(</span><span class="mi">1</span><span class="p">).</span><span class="nf">max</span><span class="p">(</span><span class="mi">31</span><span class="p">).</span><span class="nf">optional</span><span class="p">()</span> <span class="p">.</span><span class="nf">describe</span><span class="p">(</span><span class="dl">'</span><span class="s1">Required when intervalUnit=MONTH</span><span class="dl">'</span><span class="p">),</span> <span class="na">startDate</span><span class="p">:</span> <span class="nf">coerceDateString</span><span class="p">(),</span> <span class="na">endDate</span><span class="p">:</span> <span class="nf">coerceDateString</span><span class="p">().</span><span class="nf">optional</span><span class="p">(),</span> <span class="p">}),</span> <span class="na">annotations</span><span class="p">:</span> <span class="p">{</span> <span class="na">destructiveHint</span><span class="p">:</span> <span class="kc">false</span><span class="p">,</span> <span class="na">idempotentHint</span><span class="p">:</span> <span class="kc">false</span> <span class="p">},</span> <span class="p">},</span> <span class="c1">// ...</span> <span class="p">);</span> </code></pre> </div> <p>One detail worth noting: the tool description says "Does NOT generate a transaction immediately." This is important for user expectations. The recurring transaction is a template - a daily cron job generates the actual transactions. Claude relays this: "Created monthly recurring expense. First transaction will generate on the 1st."</p> <p>You can also ask "What's my recurring forecast?" and Claude calls <code>get-recurring-forecast</code> to show projected expenses, income, and net for the next 30 days.</p> <h2> Operation 5: Financial overview </h2> <p><strong>Form: ~90 seconds</strong></p> <p>Open dashboard. Read the summary cards. Click into category breakdown. Switch the period filter. Go back. Open a different report. Mentally combine the numbers.</p> <p><strong>Conversation: ~10 seconds</strong></p> <blockquote> <p>"How did this month go compared to last month?"</p> </blockquote> <p>Claude calls <code>get-dashboard-stats</code> with <code>period: "thisMonth"</code>, then again with <code>period: "lastMonth"</code>, and summarizes:</p> <p>"This month: $4,200 income, $3,100 expenses, $1,100 net profit. Last month: $3,800 income, $2,900 expenses, $900 net. Income up 10.5%, expenses up 6.9%, net profit up 22.2%."</p> <p>Then you ask "Where did the extra spending go?" and Claude calls <code>get-category-breakdown</code>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="nx">server</span><span class="p">.</span><span class="nf">registerTool</span><span class="p">(</span> <span class="dl">'</span><span class="s1">get-category-breakdown</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">description</span><span class="p">:</span> <span class="dl">'</span><span class="s1">Category-level spending or income breakdown for a period.</span><span class="dl">'</span><span class="p">,</span> <span class="na">inputSchema</span><span class="p">:</span> <span class="nx">z</span><span class="p">.</span><span class="nf">object</span><span class="p">({</span> <span class="na">type</span><span class="p">:</span> <span class="nx">z</span><span class="p">.</span><span class="nf">enum</span><span class="p">([</span><span class="dl">'</span><span class="s1">INCOME</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">EXPENSE</span><span class="dl">'</span><span class="p">]),</span> <span class="na">period</span><span class="p">:</span> <span class="nx">z</span><span class="p">.</span><span class="nf">string</span><span class="p">().</span><span class="nf">optional</span><span class="p">()</span> <span class="p">.</span><span class="nf">describe</span><span class="p">(</span><span class="dl">'</span><span class="s1">thisMonth, lastMonth, last3Months, etc.</span><span class="dl">'</span><span class="p">),</span> <span class="na">dateFrom</span><span class="p">:</span> <span class="nf">coerceDateString</span><span class="p">().</span><span class="nf">optional</span><span class="p">(),</span> <span class="na">dateTo</span><span class="p">:</span> <span class="nf">coerceDateString</span><span class="p">().</span><span class="nf">optional</span><span class="p">(),</span> <span class="na">scope</span><span class="p">:</span> <span class="nx">z</span><span class="p">.</span><span class="nf">enum</span><span class="p">([</span><span class="dl">'</span><span class="s1">ALL</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">COMPANY</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">PERSONAL</span><span class="dl">'</span><span class="p">]).</span><span class="nf">optional</span><span class="p">(),</span> <span class="na">displayCurrency</span><span class="p">:</span> <span class="nx">z</span><span class="p">.</span><span class="nf">string</span><span class="p">().</span><span class="nf">optional</span><span class="p">(),</span> <span class="p">}),</span> <span class="na">annotations</span><span class="p">:</span> <span class="p">{</span> <span class="na">readOnlyHint</span><span class="p">:</span> <span class="kc">true</span> <span class="p">},</span> <span class="p">},</span> <span class="c1">// ...</span> <span class="p">);</span> </code></pre> </div> <p>"Top 3 expense categories this month: Rent $1,200 (38.7%), Food &amp; Dining $680 (21.9%), Software &amp; Subscriptions $420 (13.5%). The increase came from Food &amp; Dining - up $180 vs last month."</p> <p>The dashboard shows the same data. But the dashboard requires you to navigate between views and connect the dots yourself. The conversation connects them for you.</p> <h2> The timing table </h2> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Operation</th> <th>Form</th> <th>Conversation</th> <th>Speedup</th> </tr> </thead> <tbody> <tr> <td>Single expense</td> <td>~45s</td> <td>~10s</td> <td>4.5x</td> </tr> <tr> <td>6-item receipt</td> <td>~4min</td> <td>~20s</td> <td>12x</td> </tr> <tr> <td>Cross-currency transfer</td> <td>~30s</td> <td>~10s</td> <td>3x</td> </tr> <tr> <td>Recurring expense setup</td> <td>~60s</td> <td>~15s</td> <td>4x</td> </tr> <tr> <td>Financial overview + drill-down</td> <td>~90s</td> <td>~10s</td> <td>9x</td> </tr> <tr> <td>Edit a specific transaction field</td> <td>~15s</td> <td>~10s</td> <td>1.5x</td> </tr> <tr> <td>Bulk categorize 20 transactions</td> <td>~10min</td> <td>~2min</td> <td>5x</td> </tr> </tbody> </table></div> <p>The pattern: conversation wins on <strong>discovery</strong> (finding categories, accounts, rates) and <strong>batching</strong> (multiple items in one operation). The speedup is largest when the form requires repetitive navigation.</p> <h2> Where forms still win </h2> <p>Not everything is faster in a conversation.</p> <p><strong>Complex table editing.</strong> Rearranging 20 line items on an invoice - drag and drop, adjust quantities, reorder rows. A conversation would be "move item 3 above item 1, change quantity of item 5 to 3, delete item 7." By the time you've described the changes, you could have done it in the UI.</p> <p><strong>Visual layouts.</strong> Designing a document template, choosing colors, positioning logos. Visual tasks need a visual interface.</p> <p><strong>Browsing and comparing.</strong> Scrolling through a list of 50 transactions to spot patterns. Your eyes are faster than describing what you're looking for - unless you know the exact filter, in which case the conversation wins again.</p> <p><strong>Precision editing.</strong> Changing an amount from 12.50 to 12.55. In a form: click, backspace twice, type 55. In a conversation: "Change the amount of transaction X to 12.55." Similar time, but the form gives you a visual confirmation that the cursor is in the right field.</p> <p>The rule of thumb: <strong>if the task is about data entry, conversation wins. If the task is about spatial manipulation or visual comparison, forms win.</strong></p> <h2> The confirmation flow </h2> <p>Every write operation in our MCP server has a confirmation step built into the AI's workflow. This isn't a technical feature of MCP - it's a convention enforced through tool descriptions.</p> <p>Look at our <code>create-transaction</code> description:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Workflow: 1) Search category via list-categories with a keyword 2) Confirm category + account with user 3) Create transaction 4) Show full details </code></pre> </div> <p>And <code>create-transfer</code>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>For loan payments: confirm source account, loan account, amount, and category. </code></pre> </div> <p>And <code>delete-transaction</code>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>NEVER call without explicit user confirmation. Always show full transaction details first. Deletion is permanent and cannot be undone. </code></pre> </div> <p>The AI reads these instructions and follows them. It doesn't call <code>create-transaction</code> immediately after you say "12.50 coffee beans." It first resolves the category, resolves the account, and asks "Record $12.50 expense 'Coffee beans' in Food &amp; Dining &gt; Groceries from Wise USD?" Only after you confirm does it execute.</p> <p>This is different from a form's "Save" button. The form shows you what you're about to save, but you filled in every field yourself - typos are your problem. The conversation shows you what the AI understood, which catches misinterpretations before they become data.</p> <p>We've seen cases where the AI catches ambiguity that a form can't: "You said 'wise' - you have two Wise accounts: Wise USD and Wise EUR. Which one?" A form dropdown shows both, but it doesn't know which one you usually use for groceries. The AI does, and asks only when it's uncertain.</p> <h2> How we enforce confirmation in tool descriptions </h2> <p>The convention is simple: destructive or write tools include explicit workflow instructions in their <code>description</code> field. The AI treats these as guidelines for its behavior.</p> <p>Three levels:</p> <p><strong>Suggest workflow:</strong> "Search category first, confirm with user, then create." The AI usually follows this but might skip if the context is clear.</p> <p><strong>Strong warning:</strong> "NEVER call without explicit user confirmation. Show current values and proposed changes first." The AI almost always asks before proceeding.</p> <p><strong>Hard constraint:</strong> "Deletion is permanent and cannot be undone." Combined with <code>annotations: { destructiveHint: true }</code>, some MCP clients will add their own confirmation dialog on top of the AI's confirmation.</p> <p>This isn't bulletproof - the AI can still make mistakes. But the combination of tool descriptions, annotations, and the AI's natural tendency to confirm ambiguous operations catches most errors before they happen.</p> <h2> Multi-currency: the hidden complexity </h2> <p>PaperLink supports multiple currencies per team. This adds complexity that conversations handle better than forms.</p> <p>In a form: you pick a source account (Wise USD), pick a destination account (Mono UAH), then manually look up the exchange rate, calculate the destination amount, and enter it. If the rate changes between your Google search and clicking Save, you're off by a few cents.</p> <p>In a conversation: "Transfer $500 from Wise to Mono." The AI calls <code>get-exchange-rates</code>, gets the current rate, calculates automatically, and shows you the result for confirmation. If you have a manual rate override (set via <code>set-manual-exchange-rate</code> for internal transfers at a fixed rate), it uses that instead.</p> <p>The currency tools also handle setup:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>&gt; "Add British pounds to our currencies" Claude calls add-team-currency with currencyCode: "GBP". Auto-fetches the exchange rate. Done. &gt; "What are our current rates?" Claude calls list-team-currencies. "USD (base), EUR (0.92), UAH (41.25), GBP (0.79). All rates auto-updated." &gt; "Set EUR rate to 0.95 for this month's invoices" Claude calls set-manual-exchange-rate with base: "USD", target: "EUR", rate: 0.95. "Manual rate set: 1 USD = 0.95 EUR. This overrides the auto rate until you remove it." </code></pre> </div> <h2> The one-liner </h2> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>claude mcp add <span class="nt">--transport</span> http paperlink https://mcp.paperlink.online/api/mcp/mcp </code></pre> </div> <p>Connect, grant <code>accounting:read</code> and <code>accounting:write</code> scopes, and try: "What did I spend on groceries last month?"</p> ai mcp productivity ux Eugen Fri, 24 Apr 2026 14:22:51 +0000 https://forem.com/ievgen_ch/mcp-auth-that-actually-works-oauth-for-remote-servers-ka8 https://forem.com/ievgen_ch/mcp-auth-that-actually-works-oauth-for-remote-servers-ka8 <p>In the <a href="https://dev.to/ievgen_ch/we-built-118-mcp-tools-heres-what-ai-actually-does-with-them-4pdh">first post</a> I showed what an AI does with 118 MCP tools. In the <a href="https://dev.to/ievgen_ch/anatomy-of-a-118-tool-mcp-server-how-we-organized-the-chaos-3h9a">second</a> I showed how we organized them. Both posts assumed a working connection. This one covers the hardest part: getting that connection to work securely.</p> <p>Most MCP servers run locally. You add a JSON block to your Claude config, paste an API key, and you're done. That works for developer tools. It doesn't work for a SaaS product where users have teams, roles, and data they share with other people.</p> <p>We needed something different: a remote MCP server where users log in through their browser, pick a team, choose what the AI can access, and revoke it whenever they want. No API keys. No config files on disk.</p> <h2> The problem with local MCP servers </h2> <p>The standard MCP setup looks like this:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"mcpServers"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"my-tool"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"command"</span><span class="p">:</span><span class="w"> </span><span class="s2">"npx"</span><span class="p">,</span><span class="w"> </span><span class="nl">"args"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="s2">"my-mcp-server"</span><span class="p">],</span><span class="w"> </span><span class="nl">"env"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"API_KEY"</span><span class="p">:</span><span class="w"> </span><span class="s2">"sk-live-abc123"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p>This has three problems for a SaaS product:</p> <p><strong>1. API keys are static secrets.</strong> If a key leaks, it has full access until someone manually rotates it. There's no expiry, no scope, no revocation without generating a new key.</p> <p><strong>2. No user consent flow.</strong> The user pastes a key and hopes for the best. There's no screen that says "this AI assistant wants to read your invoices and create transactions - approve?"</p> <p><strong>3. No multi-tenancy.</strong> If your product has teams, which team does the API key belong to? If a user is on three teams, do they need three keys? How do they switch?</p> <p>A remote MCP server with OAuth solves all three. The user authenticates through a browser, picks a team, grants specific permissions, and gets a token that expires in an hour. The AI never sees a password. The user can disconnect from the app's settings page.</p> <h2> What we built </h2> <p>Our MCP server runs at <code>https://mcp.paperlink.online/api/mcp/mcp</code> and uses streamable HTTP transport - no local process, no stdio, no binary to install. The connection command is:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>claude mcp add <span class="nt">--transport</span> http paperlink https://mcp.paperlink.online/api/mcp/mcp </code></pre> </div> <p>When a client connects for the first time, it discovers the OAuth endpoints through two well-known documents. Then it runs a standard OAuth 2.1 authorization code flow with PKCE. The user sees a consent screen in their browser. After approval, the client gets a short-lived access token and a 30-day refresh token.</p> <p>Here's the full flow:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Client Server User's Browser | | | |-- GET /.well-known/ | | | oauth-protected-resource -&gt;| | |&lt;- {auth_server, scopes} | | | | | |-- GET /.well-known/ | | | oauth-authorization-server | | |&lt;- {authorize, token, revoke} | | | | | |-- Open browser: /authorize? | | | code_challenge=...&amp; | | | scope=invoices:read ------&gt;|-- Redirect to consent UI -------&gt;| | | | | | User picks team, | | | reviews scopes, | | | clicks Approve | | | | | |&lt;- POST consent (teamId, scopes) -| |&lt;- Redirect: ?code=abc123 -| | | | | |-- POST /token -| | | code=abc123&amp; | | | code_verifier=xyz | | |&lt;- {access_token, refresh} | | | | | |-- POST /api/mcp/mcp -| | | Authorization: Bearer ... | | |&lt;- Tool results | | </code></pre> </div> <p>Let me walk through each piece.</p> <h2> Step 1: Discovery </h2> <p>MCP clients discover auth endpoints through two standard documents. The protected resource metadata tells the client where to authenticate:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight http"><code><span class="err">GET https://mcp.paperlink.online/.well-known/oauth-protected-resource </span></code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"resource"</span><span class="p">:</span><span class="w"> </span><span class="s2">"https://mcp.paperlink.online/api/mcp/mcp"</span><span class="p">,</span><span class="w"> </span><span class="nl">"authorization_servers"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="s2">"https://app.paperlink.online"</span><span class="p">],</span><span class="w"> </span><span class="nl">"scopes_supported"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="s2">"invoices:read"</span><span class="p">,</span><span class="w"> </span><span class="s2">"accounting:read"</span><span class="p">,</span><span class="w"> </span><span class="s2">"accounting:write"</span><span class="p">,</span><span class="w"> </span><span class="s2">"accounting:delete"</span><span class="p">,</span><span class="w"> </span><span class="s2">"companies:read"</span><span class="p">,</span><span class="w"> </span><span class="s2">"companies:write"</span><span class="p">,</span><span class="w"> </span><span class="s2">"clients:read"</span><span class="p">,</span><span class="w"> </span><span class="s2">"clients:write"</span><span class="p">,</span><span class="w"> </span><span class="s2">"products:read"</span><span class="p">,</span><span class="w"> </span><span class="s2">"products:write"</span><span class="p">,</span><span class="w"> </span><span class="s2">"companies:delete"</span><span class="p">,</span><span class="w"> </span><span class="s2">"clients:delete"</span><span class="p">,</span><span class="w"> </span><span class="s2">"products:delete"</span><span class="p">,</span><span class="w"> </span><span class="s2">"invoices:write"</span><span class="p">,</span><span class="w"> </span><span class="s2">"invoices:delete"</span><span class="p">,</span><span class="w"> </span><span class="s2">"estimates:read"</span><span class="p">,</span><span class="w"> </span><span class="s2">"estimates:write"</span><span class="p">,</span><span class="w"> </span><span class="s2">"estimates:delete"</span><span class="p">,</span><span class="w"> </span><span class="s2">"teams:read"</span><span class="p">,</span><span class="w"> </span><span class="s2">"teams:write"</span><span class="p">,</span><span class="w"> </span><span class="s2">"billing:read"</span><span class="p">,</span><span class="w"> </span><span class="s2">"ai:read"</span><span class="p">,</span><span class="w"> </span><span class="s2">"ai:write"</span><span class="p">,</span><span class="w"> </span><span class="s2">"sharing:read"</span><span class="p">,</span><span class="w"> </span><span class="s2">"sharing:write"</span><span class="w"> </span><span class="p">]</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p>Then the authorization server metadata tells the client the exact endpoints:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight http"><code><span class="err">GET https://app.paperlink.online/.well-known/oauth-authorization-server </span></code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"issuer"</span><span class="p">:</span><span class="w"> </span><span class="s2">"https://app.paperlink.online"</span><span class="p">,</span><span class="w"> </span><span class="nl">"authorization_endpoint"</span><span class="p">:</span><span class="w"> </span><span class="s2">"https://app.paperlink.online/api/oauth/authorize"</span><span class="p">,</span><span class="w"> </span><span class="nl">"token_endpoint"</span><span class="p">:</span><span class="w"> </span><span class="s2">"https://app.paperlink.online/api/oauth/token"</span><span class="p">,</span><span class="w"> </span><span class="nl">"revocation_endpoint"</span><span class="p">:</span><span class="w"> </span><span class="s2">"https://app.paperlink.online/api/oauth/revoke"</span><span class="p">,</span><span class="w"> </span><span class="nl">"registration_endpoint"</span><span class="p">:</span><span class="w"> </span><span class="s2">"https://app.paperlink.online/api/oauth/register"</span><span class="p">,</span><span class="w"> </span><span class="nl">"response_types_supported"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="s2">"code"</span><span class="p">],</span><span class="w"> </span><span class="nl">"grant_types_supported"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="s2">"authorization_code"</span><span class="p">,</span><span class="w"> </span><span class="s2">"refresh_token"</span><span class="p">],</span><span class="w"> </span><span class="nl">"token_endpoint_auth_methods_supported"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="s2">"none"</span><span class="p">],</span><span class="w"> </span><span class="nl">"code_challenge_methods_supported"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="s2">"S256"</span><span class="p">],</span><span class="w"> </span><span class="nl">"scopes_supported"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="s2">"invoices:read"</span><span class="p">,</span><span class="w"> </span><span class="s2">"..."</span><span class="p">]</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p>Notice <code>code_challenge_methods_supported: ["S256"]</code>. We only support S256, not plain. This is intentional - plain PKCE offers almost no security benefit over no PKCE at all.</p> <p>Also notice <code>token_endpoint_auth_methods_supported: ["none"]</code>. MCP clients are public clients (no client secret), so authentication happens entirely through PKCE.</p> <h2> Step 2: Authorization </h2> <p>The client opens the user's browser to the authorization endpoint:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight http"><code><span class="err">GET /api/oauth/authorize? response_type=code&amp; client_id=claude-desktop&amp; redirect_uri=http://localhost:5555/callback&amp; code_challenge=E9Melhoa2OwvFrEMTJguCHaoeK1t8URWbuGJSstw-cM&amp; code_challenge_method=S256&amp; scope=invoices:read+accounting:write+sharing:read&amp; state=random-csrf-token </span></code></pre> </div> <p>The server validates the request and redirects to the consent UI. Two things get validated before the user sees anything:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// Only S256 - reject plain PKCE</span> <span class="k">if </span><span class="p">(</span><span class="nx">codeChallengeMethod</span> <span class="o">!==</span> <span class="dl">'</span><span class="s1">S256</span><span class="dl">'</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">NextResponse</span><span class="p">.</span><span class="nf">json</span><span class="p">({</span> <span class="na">error</span><span class="p">:</span> <span class="dl">'</span><span class="s1">invalid_request</span><span class="dl">'</span><span class="p">,</span> <span class="na">error_description</span><span class="p">:</span> <span class="dl">'</span><span class="s1">Only code_challenge_method=S256 is supported</span><span class="dl">'</span><span class="p">,</span> <span class="p">},</span> <span class="p">{</span> <span class="na">status</span><span class="p">:</span> <span class="mi">400</span> <span class="p">});</span> <span class="p">}</span> <span class="c1">// Redirect URI must match known patterns</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nf">isAllowedRedirectUri</span><span class="p">(</span><span class="nx">clientId</span><span class="p">,</span> <span class="nx">redirectUri</span><span class="p">))</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">NextResponse</span><span class="p">.</span><span class="nf">json</span><span class="p">({</span> <span class="na">error</span><span class="p">:</span> <span class="dl">'</span><span class="s1">invalid_request</span><span class="dl">'</span><span class="p">,</span> <span class="na">error_description</span><span class="p">:</span> <span class="dl">'</span><span class="s1">redirect_uri is not registered for this client</span><span class="dl">'</span><span class="p">,</span> <span class="p">},</span> <span class="p">{</span> <span class="na">status</span><span class="p">:</span> <span class="mi">400</span> <span class="p">});</span> <span class="p">}</span> </code></pre> </div> <p>The redirect URI validation is worth expanding on. MCP clients use localhost callbacks (Claude Desktop uses <code>http://localhost:PORT/callback</code>), and browser-based clients like Claude.ai and ChatGPT use their own domains. We maintain an allowlist:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">SAFE_REDIRECT_PATTERNS</span> <span class="o">=</span> <span class="p">[</span> <span class="dl">'</span><span class="s1">http://127.0.0.1:*/*</span><span class="dl">'</span><span class="p">,</span> <span class="c1">// Desktop clients (IP)</span> <span class="dl">'</span><span class="s1">http://localhost:*/*</span><span class="dl">'</span><span class="p">,</span> <span class="c1">// Desktop clients (hostname)</span> <span class="dl">'</span><span class="s1">https://*.claude.ai/*</span><span class="dl">'</span><span class="p">,</span> <span class="c1">// Claude.ai</span> <span class="dl">'</span><span class="s1">https://claude.ai/*</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">https://*.chatgpt.com/*</span><span class="dl">'</span><span class="p">,</span> <span class="c1">// ChatGPT</span> <span class="dl">'</span><span class="s1">https://chatgpt.com/*</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">https://*.openai.com/*</span><span class="dl">'</span><span class="p">,</span> <span class="c1">// OpenAI</span> <span class="dl">'</span><span class="s1">https://*.perplexity.ai/*</span><span class="dl">'</span><span class="p">,</span> <span class="c1">// Perplexity</span> <span class="dl">'</span><span class="s1">https://*.mistral.ai/*</span><span class="dl">'</span><span class="p">,</span> <span class="c1">// Mistral</span> <span class="dl">'</span><span class="s1">https://*.vscode.dev/*</span><span class="dl">'</span><span class="p">,</span> <span class="c1">// VS Code</span> <span class="c1">// ... full list in mcpClientRegistry.ts</span> <span class="p">];</span> </code></pre> </div> <p>The patterns use glob-like matching: <code>*</code> in a port position matches any port, <code>*.claude.ai</code> matches any subdomain. The matcher parses the URI and compares scheme, host, port, and path separately.</p> <p>Any <code>client_id</code> gets through as long as the redirect URI matches a known pattern. This is dynamic client registration - we don't pre-register clients. Security comes from PKCE plus redirect URI validation, not from client secrets.</p> <h2> Step 3: The consent screen </h2> <p>The consent screen is a regular Next.js page. The user must already be logged in (NextAuth session required). They see two things: a team picker and a scope list.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">export</span> <span class="kd">function</span> <span class="nf">OAuthConsentForm</span><span class="p">({</span> <span class="nx">teams</span><span class="p">,</span> <span class="nx">requestedScopes</span><span class="p">,</span> <span class="nx">clientId</span><span class="p">,</span> <span class="nx">redirectUri</span><span class="p">,</span> <span class="nx">state</span><span class="p">,</span> <span class="nx">codeChallenge</span><span class="p">,</span> <span class="nx">codeChallengeMethod</span><span class="p">,</span> <span class="nx">dict</span><span class="p">,</span> <span class="p">}:</span> <span class="nx">OAuthConsentFormProps</span><span class="p">)</span> <span class="p">{</span> <span class="kd">const</span> <span class="p">[</span><span class="nx">selectedTeamId</span><span class="p">,</span> <span class="nx">setSelectedTeamId</span><span class="p">]</span> <span class="o">=</span> <span class="nx">useState</span><span class="o">&lt;</span><span class="kr">string</span> <span class="o">|</span> <span class="kc">undefined</span><span class="o">&gt;</span><span class="p">(</span> <span class="nx">teams</span><span class="p">[</span><span class="mi">0</span><span class="p">]?.</span><span class="nx">id</span> <span class="p">);</span> <span class="k">return </span><span class="p">(</span> <span class="o">&lt;</span><span class="nx">form</span> <span class="nx">action</span><span class="o">=</span><span class="p">{</span><span class="nx">formAction</span><span class="p">}</span><span class="o">&gt;</span> <span class="p">{</span><span class="cm">/* Team selector - one connection = one team */</span><span class="p">}</span> <span class="o">&lt;</span><span class="nx">Dropdown</span> <span class="nx">options</span><span class="o">=</span><span class="p">{</span><span class="nx">teams</span><span class="p">.</span><span class="nf">map</span><span class="p">(</span><span class="nx">t</span> <span class="o">=&gt;</span> <span class="p">({</span> <span class="na">value</span><span class="p">:</span> <span class="nx">t</span><span class="p">.</span><span class="nx">id</span><span class="p">,</span> <span class="na">label</span><span class="p">:</span> <span class="nx">t</span><span class="p">.</span><span class="nx">name</span> <span class="p">}))}</span> <span class="nx">value</span><span class="o">=</span><span class="p">{</span><span class="nx">selectedTeamId</span><span class="p">}</span> <span class="nx">onChange</span><span class="o">=</span><span class="p">{</span><span class="nx">setSelectedTeamId</span><span class="p">}</span> <span class="nx">label</span><span class="o">=</span><span class="p">{</span><span class="nx">dict</span><span class="p">.</span><span class="nx">consent</span><span class="p">.</span><span class="nx">selectTeam</span><span class="p">}</span> <span class="sr">/</span><span class="err">&gt; </span> <span class="p">{</span><span class="cm">/* Scope display - user sees what they're granting */</span><span class="p">}</span> <span class="o">&lt;</span><span class="nx">ul</span><span class="o">&gt;</span> <span class="p">{</span><span class="nx">requestedScopes</span><span class="p">.</span><span class="nf">map</span><span class="p">(</span><span class="nx">scope</span> <span class="o">=&gt;</span> <span class="p">(</span> <span class="o">&lt;</span><span class="nx">li</span> <span class="nx">key</span><span class="o">=</span><span class="p">{</span><span class="nx">scope</span><span class="p">}</span><span class="o">&gt;</span> <span class="o">&lt;</span><span class="nx">span</span> <span class="nx">className</span><span class="o">=</span><span class="dl">"</span><span class="s2">text-success</span><span class="dl">"</span><span class="o">&gt;</span><span class="err">✓</span><span class="o">&lt;</span><span class="sr">/span</span><span class="err">&gt; </span> <span class="p">{</span><span class="nx">dict</span><span class="p">.</span><span class="nx">consent</span><span class="p">.</span><span class="nx">scopes</span><span class="p">[</span><span class="nx">scope</span><span class="p">]</span> <span class="o">??</span> <span class="nx">scope</span><span class="p">}</span> <span class="o">&lt;</span><span class="sr">/li</span><span class="err">&gt; </span> <span class="p">))}</span> <span class="o">&lt;</span><span class="sr">/ul</span><span class="err">&gt; </span> <span class="o">&lt;</span><span class="nx">button</span> <span class="kd">type</span><span class="o">=</span><span class="dl">"</span><span class="s2">button</span><span class="dl">"</span> <span class="nx">onClick</span><span class="o">=</span><span class="p">{</span><span class="nx">handleDeny</span><span class="p">}</span><span class="o">&gt;</span><span class="nx">Deny</span><span class="o">&lt;</span><span class="sr">/button</span><span class="err">&gt; </span> <span class="o">&lt;</span><span class="nx">button</span> <span class="kd">type</span><span class="o">=</span><span class="dl">"</span><span class="s2">submit</span><span class="dl">"</span><span class="o">&gt;</span><span class="nx">Approve</span><span class="o">&lt;</span><span class="sr">/button</span><span class="err">&gt; </span> <span class="o">&lt;</span><span class="sr">/form</span><span class="err">&gt; </span> <span class="p">);</span> <span class="p">}</span> </code></pre> </div> <p>The team picker is the key piece. PaperLink is multi-tenant - a user might belong to "My Freelance Business" and "Acme Corp." Each MCP connection is scoped to exactly one team. If you want AI access to both teams, you create two connections. This is intentional: you might want Claude to have full access to your personal team but read-only access to the company team.</p> <p>The scopes are displayed with human-readable labels from the i18n dictionary. <code>invoices:read</code> shows as "View invoices and estimates." <code>accounting:write</code> shows as "Create and modify transactions." Users understand what they're granting.</p> <h2> Step 4: Authorization code </h2> <p>When the user clicks Approve, a server action creates an authorization code:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">async</span> <span class="nf">execute</span><span class="p">(</span><span class="nx">input</span><span class="p">:</span> <span class="nx">CreateAuthorizationCodeInput</span><span class="p">):</span> <span class="nb">Promise</span><span class="o">&lt;</span><span class="nx">Result</span><span class="o">&lt;</span><span class="p">{</span> <span class="na">code</span><span class="p">:</span> <span class="kr">string</span> <span class="p">}</span><span class="o">&gt;&gt;</span> <span class="p">{</span> <span class="c1">// Verify user is an active member of the selected team</span> <span class="kd">const</span> <span class="nx">member</span> <span class="o">=</span> <span class="k">await</span> <span class="k">this</span><span class="p">.</span><span class="nx">teamMemberRepository</span><span class="p">.</span><span class="nf">findByTeamAndUser</span><span class="p">(</span> <span class="nx">input</span><span class="p">.</span><span class="nx">teamId</span><span class="p">,</span> <span class="nx">input</span><span class="p">.</span><span class="nx">userId</span> <span class="p">);</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">member</span><span class="p">?.</span><span class="nf">isActive</span><span class="p">())</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">Result</span><span class="p">.</span><span class="nc">Forbidden</span><span class="p">(</span><span class="nx">McpPermissionErrors</span><span class="p">.</span><span class="nx">teamAccessDenied</span><span class="p">);</span> <span class="p">}</span> <span class="c1">// 256-bit code (two UUIDs concatenated)</span> <span class="kd">const</span> <span class="nx">code</span> <span class="o">=</span> <span class="nx">crypto</span><span class="p">.</span><span class="nf">randomUUID</span><span class="p">()</span> <span class="o">+</span> <span class="nx">crypto</span><span class="p">.</span><span class="nf">randomUUID</span><span class="p">();</span> <span class="c1">// Only valid scopes pass through - invalid ones are silently dropped</span> <span class="kd">const</span> <span class="nx">validScopes</span> <span class="o">=</span> <span class="nx">input</span><span class="p">.</span><span class="nx">scopes</span><span class="p">.</span><span class="nf">filter</span><span class="p">((</span><span class="nx">s</span><span class="p">):</span> <span class="nx">s</span> <span class="k">is</span> <span class="nx">McpScope</span> <span class="o">=&gt;</span> <span class="nb">Object</span><span class="p">.</span><span class="nf">values</span><span class="p">(</span><span class="nx">McpScope</span><span class="p">).</span><span class="nf">includes</span><span class="p">(</span><span class="nx">s</span> <span class="k">as</span> <span class="nx">McpScope</span><span class="p">)</span> <span class="p">);</span> <span class="kd">const</span> <span class="nx">entity</span> <span class="o">=</span> <span class="nx">McpAuthorizationCodeEntity</span><span class="p">.</span><span class="nf">create</span><span class="p">({</span> <span class="nx">code</span><span class="p">,</span> <span class="na">userId</span><span class="p">:</span> <span class="nx">input</span><span class="p">.</span><span class="nx">userId</span><span class="p">,</span> <span class="na">teamId</span><span class="p">:</span> <span class="nx">input</span><span class="p">.</span><span class="nx">teamId</span><span class="p">,</span> <span class="na">teamRole</span><span class="p">:</span> <span class="nx">member</span><span class="p">.</span><span class="nf">getRole</span><span class="p">(),</span> <span class="c1">// OWNER, ADMIN, MANAGER, MEMBER</span> <span class="na">codeChallenge</span><span class="p">:</span> <span class="nx">input</span><span class="p">.</span><span class="nx">codeChallenge</span><span class="p">,</span> <span class="na">codeChallengeMethod</span><span class="p">:</span> <span class="nx">input</span><span class="p">.</span><span class="nx">codeChallengeMethod</span><span class="p">,</span> <span class="na">scopes</span><span class="p">:</span> <span class="nx">validScopes</span><span class="p">,</span> <span class="c1">// expiresAt: now + 10 minutes (set automatically)</span> <span class="p">});</span> <span class="k">await</span> <span class="k">this</span><span class="p">.</span><span class="nx">mcpAuthorizationCodeRepository</span><span class="p">.</span><span class="nf">save</span><span class="p">(</span><span class="nx">entity</span><span class="p">);</span> <span class="k">return</span> <span class="nx">Result</span><span class="p">.</span><span class="nc">Success</span><span class="p">({</span> <span class="nx">code</span> <span class="p">});</span> <span class="p">}</span> </code></pre> </div> <p>The authorization code is a domain entity, not a raw database record. <code>McpAuthorizationCodeEntity.create()</code> validates all inputs and sets the 10-minute expiry automatically. The PKCE challenge is stored alongside the code for verification in the next step.</p> <p>Two security details worth noting:</p> <p><strong>Invalid scopes are silently dropped, not rejected.</strong> If a client requests <code>invoices:read admin:superpower</code>, the code is created with only <code>invoices:read</code>. This prevents a misbehaving client from blocking the entire flow over an unrecognized scope.</p> <p><strong>Team membership is verified at code creation time, not just at consent display.</strong> A race condition where a user is removed from a team between seeing the consent screen and clicking Approve is handled here.</p> <h2> Step 5: Token exchange </h2> <p>The client exchanges the authorization code for tokens:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight http"><code><span class="err">POST /api/oauth/token Content-Type: application/x-www-form-urlencoded grant_type=authorization_code&amp; code=&lt;256-bit-code&gt;&amp; code_verifier=&lt;PKCE-verifier&gt;&amp; redirect_uri=http://localhost:5555/callback&amp; client_id=claude-desktop </span></code></pre> </div> <p>The exchange use case performs five validations:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">async</span> <span class="nf">execute</span><span class="p">(</span><span class="nx">input</span><span class="p">:</span> <span class="nx">ExchangeCodeForTokenInput</span><span class="p">):</span> <span class="nb">Promise</span><span class="o">&lt;</span><span class="nx">Result</span><span class="o">&lt;</span><span class="nx">TokenResponse</span><span class="o">&gt;&gt;</span> <span class="p">{</span> <span class="c1">// 1. Find and DELETE the code in one operation (one-time use)</span> <span class="kd">const</span> <span class="nx">authCode</span> <span class="o">=</span> <span class="k">await</span> <span class="k">this</span><span class="p">.</span><span class="nx">mcpAuthorizationCodeRepository</span> <span class="p">.</span><span class="nf">findByCodeAndDelete</span><span class="p">(</span><span class="nx">input</span><span class="p">.</span><span class="nx">code</span><span class="p">);</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">authCode</span><span class="p">)</span> <span class="k">return</span> <span class="nx">Result</span><span class="p">.</span><span class="nc">Error</span><span class="p">(</span><span class="dl">'</span><span class="s1">invalid_grant</span><span class="dl">'</span><span class="p">);</span> <span class="c1">// 2. Check the 10-minute window</span> <span class="k">if </span><span class="p">(</span><span class="nx">authCode</span><span class="p">.</span><span class="nf">isExpired</span><span class="p">())</span> <span class="k">return</span> <span class="nx">Result</span><span class="p">.</span><span class="nc">Error</span><span class="p">(</span><span class="dl">'</span><span class="s1">invalid_grant</span><span class="dl">'</span><span class="p">);</span> <span class="c1">// 3. PKCE verification (timing-safe comparison)</span> <span class="kd">const</span> <span class="nx">pkceValid</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">authCode</span><span class="p">.</span><span class="nf">verifyCodeChallenge</span><span class="p">(</span><span class="nx">input</span><span class="p">.</span><span class="nx">codeVerifier</span><span class="p">);</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">pkceValid</span><span class="p">)</span> <span class="k">return</span> <span class="nx">Result</span><span class="p">.</span><span class="nc">Error</span><span class="p">(</span><span class="dl">'</span><span class="s1">invalid_grant</span><span class="dl">'</span><span class="p">);</span> <span class="c1">// 4. Redirect URI must match exactly</span> <span class="k">if </span><span class="p">(</span><span class="nx">authCode</span><span class="p">.</span><span class="nf">getRedirectUri</span><span class="p">()</span> <span class="o">!==</span> <span class="nx">input</span><span class="p">.</span><span class="nx">redirectUri</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">Result</span><span class="p">.</span><span class="nc">Error</span><span class="p">(</span><span class="dl">'</span><span class="s1">invalid_grant</span><span class="dl">'</span><span class="p">);</span> <span class="p">}</span> <span class="c1">// 5. Client ID must match</span> <span class="k">if </span><span class="p">(</span><span class="nx">authCode</span><span class="p">.</span><span class="nf">getClientId</span><span class="p">()</span> <span class="o">!==</span> <span class="nx">input</span><span class="p">.</span><span class="nx">clientId</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">Result</span><span class="p">.</span><span class="nc">Error</span><span class="p">(</span><span class="dl">'</span><span class="s1">invalid_grant</span><span class="dl">'</span><span class="p">);</span> <span class="p">}</span> <span class="c1">// All checks passed - generate tokens</span> <span class="kd">const</span> <span class="nx">accessToken</span> <span class="o">=</span> <span class="nf">generateSecureToken</span><span class="p">();</span> <span class="c1">// 256-bit random</span> <span class="kd">const</span> <span class="nx">refreshToken</span> <span class="o">=</span> <span class="nf">generateSecureToken</span><span class="p">();</span> <span class="c1">// Hash before storing - raw tokens never touch the database</span> <span class="kd">const</span> <span class="p">[</span><span class="nx">tokenHash</span><span class="p">,</span> <span class="nx">refreshTokenHash</span><span class="p">]</span> <span class="o">=</span> <span class="k">await</span> <span class="nb">Promise</span><span class="p">.</span><span class="nf">all</span><span class="p">([</span> <span class="nf">sha256Hash</span><span class="p">(</span><span class="nx">accessToken</span><span class="p">),</span> <span class="nf">sha256Hash</span><span class="p">(</span><span class="nx">refreshToken</span><span class="p">),</span> <span class="p">]);</span> <span class="kd">const</span> <span class="nx">now</span> <span class="o">=</span> <span class="nb">Date</span><span class="p">.</span><span class="nf">now</span><span class="p">();</span> <span class="kd">const</span> <span class="nx">tokenEntity</span> <span class="o">=</span> <span class="nx">McpAccessTokenEntity</span><span class="p">.</span><span class="nf">create</span><span class="p">({</span> <span class="na">userId</span><span class="p">:</span> <span class="nx">authCode</span><span class="p">.</span><span class="nf">getUserId</span><span class="p">(),</span> <span class="na">teamId</span><span class="p">:</span> <span class="nx">authCode</span><span class="p">.</span><span class="nf">getTeamId</span><span class="p">(),</span> <span class="na">teamRole</span><span class="p">:</span> <span class="nx">authCode</span><span class="p">.</span><span class="nf">getTeamRole</span><span class="p">(),</span> <span class="nx">tokenHash</span><span class="p">,</span> <span class="nx">refreshTokenHash</span><span class="p">,</span> <span class="na">scopes</span><span class="p">:</span> <span class="nx">authCode</span><span class="p">.</span><span class="nf">getScopes</span><span class="p">(),</span> <span class="na">clientName</span><span class="p">:</span> <span class="nx">authCode</span><span class="p">.</span><span class="nf">getClientId</span><span class="p">(),</span> <span class="na">expiresAt</span><span class="p">:</span> <span class="k">new</span> <span class="nc">Date</span><span class="p">(</span><span class="nx">now</span> <span class="o">+</span> <span class="nx">ACCESS_TOKEN_TTL_MS</span><span class="p">),</span> <span class="c1">// 1 hour</span> <span class="na">refreshExpiresAt</span><span class="p">:</span> <span class="k">new</span> <span class="nc">Date</span><span class="p">(</span><span class="nx">now</span> <span class="o">+</span> <span class="nx">REFRESH_TOKEN_TTL_MS</span><span class="p">),</span> <span class="c1">// 30 days</span> <span class="p">});</span> <span class="k">await</span> <span class="k">this</span><span class="p">.</span><span class="nx">mcpAccessTokenRepository</span><span class="p">.</span><span class="nf">save</span><span class="p">(</span><span class="nx">tokenEntity</span><span class="p">);</span> <span class="k">return</span> <span class="nx">Result</span><span class="p">.</span><span class="nc">Success</span><span class="p">({</span> <span class="nx">accessToken</span><span class="p">,</span> <span class="c1">// Raw value - only time it exists</span> <span class="nx">refreshToken</span><span class="p">,</span> <span class="na">expiresIn</span><span class="p">:</span> <span class="nx">ACCESS_TOKEN_EXPIRES_IN_SECONDS</span><span class="p">,</span> <span class="na">tokenType</span><span class="p">:</span> <span class="dl">'</span><span class="s1">Bearer</span><span class="dl">'</span><span class="p">,</span> <span class="p">});</span> <span class="p">}</span> </code></pre> </div> <p>The route handler converts camelCase to the OAuth-standard snake_case response:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">token</span> <span class="o">=</span> <span class="nx">result</span><span class="p">.</span><span class="nx">value</span><span class="o">!</span><span class="p">;</span> <span class="k">return</span> <span class="nx">NextResponse</span><span class="p">.</span><span class="nf">json</span><span class="p">({</span> <span class="na">access_token</span><span class="p">:</span> <span class="nx">token</span><span class="p">.</span><span class="nx">accessToken</span><span class="p">,</span> <span class="na">token_type</span><span class="p">:</span> <span class="nx">token</span><span class="p">.</span><span class="nx">tokenType</span><span class="p">,</span> <span class="na">expires_in</span><span class="p">:</span> <span class="nx">token</span><span class="p">.</span><span class="nx">expiresIn</span><span class="p">,</span> <span class="na">refresh_token</span><span class="p">:</span> <span class="nx">token</span><span class="p">.</span><span class="nx">refreshToken</span><span class="p">,</span> <span class="p">});</span> </code></pre> </div> <p>The critical security choice here: <strong>tokens are hashed before storage.</strong> The database holds <code>SHA-256(token)</code>, never the raw token. If someone dumps the database, they get hashes that can't be reversed into working tokens. The raw token is returned to the client exactly once and never stored on the server side.</p> <p>This is the same pattern GitHub uses for personal access tokens. It's more secure than JWTs for this use case because tokens can be individually revoked without maintaining a blocklist. Find the hash in the database, delete it, done.</p> <h2> Step 6: Token verification on every request </h2> <p>Every MCP request hits the verification flow:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">async</span> <span class="kd">function</span> <span class="nf">handleMcpRequest</span><span class="p">(</span><span class="nx">request</span><span class="p">:</span> <span class="nx">Request</span><span class="p">):</span> <span class="nb">Promise</span><span class="o">&lt;</span><span class="nx">Response</span><span class="o">&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">authInfo</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">verifyBearerToken</span><span class="p">(</span><span class="nx">request</span><span class="p">);</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">authInfo</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="nf">withMcpCors</span><span class="p">(</span> <span class="k">new</span> <span class="nc">Response</span><span class="p">(</span> <span class="nx">JSON</span><span class="p">.</span><span class="nf">stringify</span><span class="p">({</span> <span class="na">error</span><span class="p">:</span> <span class="dl">'</span><span class="s1">invalid_token</span><span class="dl">'</span><span class="p">,</span> <span class="na">error_description</span><span class="p">:</span> <span class="dl">'</span><span class="s1">No authorization provided</span><span class="dl">'</span><span class="p">,</span> <span class="p">}),</span> <span class="p">{</span> <span class="na">status</span><span class="p">:</span> <span class="mi">401</span><span class="p">,</span> <span class="na">headers</span><span class="p">:</span> <span class="p">{</span> <span class="dl">'</span><span class="s1">Content-Type</span><span class="dl">'</span><span class="p">:</span> <span class="dl">'</span><span class="s1">application/json</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">WWW-Authenticate</span><span class="dl">'</span><span class="p">:</span> <span class="dl">'</span><span class="s1">Bearer resource_metadata="https://mcp.paperlink.online/.well-known/oauth-protected-resource"</span><span class="dl">'</span><span class="p">,</span> <span class="p">},</span> <span class="p">}</span> <span class="p">)</span> <span class="p">);</span> <span class="p">}</span> <span class="kd">const</span> <span class="nx">server</span> <span class="o">=</span> <span class="nf">createMcpServer</span><span class="p">(</span><span class="nx">authInfo</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">transport</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">WebStandardStreamableHTTPServerTransport</span><span class="p">({});</span> <span class="k">await</span> <span class="nx">server</span><span class="p">.</span><span class="nf">connect</span><span class="p">(</span><span class="nx">transport</span><span class="p">);</span> <span class="k">return</span> <span class="nf">withMcpCors</span><span class="p">(</span><span class="k">await</span> <span class="nx">transport</span><span class="p">.</span><span class="nf">handleRequest</span><span class="p">(</span><span class="nx">request</span><span class="p">));</span> <span class="p">}</span> </code></pre> </div> <p>The <code>verifyBearerToken</code> function does three checks:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">async</span> <span class="nf">execute</span><span class="p">(</span><span class="nx">bearerToken</span><span class="p">:</span> <span class="kr">string</span><span class="p">):</span> <span class="nb">Promise</span><span class="o">&lt;</span><span class="nx">McpAuthInfoDto</span> <span class="o">|</span> <span class="kc">null</span><span class="o">&gt;</span> <span class="p">{</span> <span class="c1">// 1. Hash the incoming token and look it up</span> <span class="kd">const</span> <span class="nx">tokenHash</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">sha256Hash</span><span class="p">(</span><span class="nx">bearerToken</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">token</span> <span class="o">=</span> <span class="k">await</span> <span class="k">this</span><span class="p">.</span><span class="nx">mcpAccessTokenRepository</span><span class="p">.</span><span class="nf">findByTokenHash</span><span class="p">(</span><span class="nx">tokenHash</span><span class="p">);</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">token</span><span class="p">)</span> <span class="k">return</span> <span class="kc">null</span><span class="p">;</span> <span class="c1">// 2. Check expiry and revocation</span> <span class="k">if </span><span class="p">(</span><span class="nx">token</span><span class="p">.</span><span class="nf">isExpired</span><span class="p">()</span> <span class="o">||</span> <span class="nx">token</span><span class="p">.</span><span class="nf">isRevoked</span><span class="p">())</span> <span class="k">return</span> <span class="kc">null</span><span class="p">;</span> <span class="c1">// 3. Live membership check - is user still active in this team?</span> <span class="kd">const</span> <span class="nx">member</span> <span class="o">=</span> <span class="k">await</span> <span class="k">this</span><span class="p">.</span><span class="nx">teamMemberRepository</span><span class="p">.</span><span class="nf">findByTeamAndUser</span><span class="p">(</span> <span class="nx">token</span><span class="p">.</span><span class="nf">getTeamId</span><span class="p">(),</span> <span class="nx">token</span><span class="p">.</span><span class="nf">getUserId</span><span class="p">()</span> <span class="p">);</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">member</span><span class="p">?.</span><span class="nf">isActive</span><span class="p">())</span> <span class="k">return</span> <span class="kc">null</span><span class="p">;</span> <span class="k">return</span> <span class="p">{</span> <span class="na">userId</span><span class="p">:</span> <span class="nx">token</span><span class="p">.</span><span class="nf">getUserId</span><span class="p">(),</span> <span class="na">teamId</span><span class="p">:</span> <span class="nx">token</span><span class="p">.</span><span class="nf">getTeamId</span><span class="p">(),</span> <span class="na">teamRole</span><span class="p">:</span> <span class="nx">member</span><span class="p">.</span><span class="nf">getRole</span><span class="p">(),</span> <span class="na">scopes</span><span class="p">:</span> <span class="nx">token</span><span class="p">.</span><span class="nf">getScopes</span><span class="p">(),</span> <span class="p">};</span> <span class="p">}</span> </code></pre> </div> <p>Check #3 is the one most OAuth implementations skip. If a team admin removes a user, their MCP token should stop working immediately - not in an hour when the token expires. We check team membership on every request. It's one extra database query, and it means "remove from team" actually removes access.</p> <p>The returned <code>McpAuthInfoDto</code> is a lightweight object that flows into every tool handler:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kr">interface</span> <span class="nx">McpAuthInfoDto</span> <span class="p">{</span> <span class="nl">userId</span><span class="p">:</span> <span class="kr">string</span><span class="p">;</span> <span class="nl">teamId</span><span class="p">:</span> <span class="kr">string</span><span class="p">;</span> <span class="nl">teamRole</span><span class="p">:</span> <span class="kr">string</span><span class="p">;</span> <span class="c1">// OWNER, ADMIN, MANAGER, MEMBER</span> <span class="nl">scopes</span><span class="p">:</span> <span class="nx">McpScope</span><span class="p">[];</span> <span class="c1">// [McpScope.INVOICES_READ, McpScope.ACCOUNTING_WRITE]</span> <span class="p">}</span> </code></pre> </div> <p>No password, no token, no hash - just the identity and permissions the tool needs.</p> <h2> Step 7: Scope enforcement in tools </h2> <p>Every tool checks its required scope before executing:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">export</span> <span class="kd">const</span> <span class="nx">registerAccountingReadTools</span><span class="p">:</span> <span class="nx">ToolRegistrar</span> <span class="o">=</span> <span class="p">(</span><span class="nx">server</span><span class="p">,</span> <span class="nx">authInfo</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nx">server</span><span class="p">.</span><span class="nf">registerTool</span><span class="p">(</span> <span class="dl">'</span><span class="s1">list-invoices</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">title</span><span class="p">:</span> <span class="dl">'</span><span class="s1">List Invoices</span><span class="dl">'</span><span class="p">,</span> <span class="na">description</span><span class="p">:</span> <span class="dl">'</span><span class="s1">List invoices for the authenticated team.</span><span class="dl">'</span><span class="p">,</span> <span class="na">inputSchema</span><span class="p">:</span> <span class="nx">z</span><span class="p">.</span><span class="nf">object</span><span class="p">({</span> <span class="na">status</span><span class="p">:</span> <span class="nx">z</span><span class="p">.</span><span class="nf">string</span><span class="p">().</span><span class="nf">optional</span><span class="p">(),</span> <span class="na">clientName</span><span class="p">:</span> <span class="nx">z</span><span class="p">.</span><span class="nf">string</span><span class="p">().</span><span class="nf">optional</span><span class="p">(),</span> <span class="na">limit</span><span class="p">:</span> <span class="nx">z</span><span class="p">.</span><span class="nx">coerce</span><span class="p">.</span><span class="nf">number</span><span class="p">().</span><span class="nf">int</span><span class="p">().</span><span class="nf">min</span><span class="p">(</span><span class="mi">1</span><span class="p">).</span><span class="nf">max</span><span class="p">(</span><span class="mi">100</span><span class="p">).</span><span class="nf">optional</span><span class="p">(),</span> <span class="na">offset</span><span class="p">:</span> <span class="nx">z</span><span class="p">.</span><span class="nx">coerce</span><span class="p">.</span><span class="nf">number</span><span class="p">().</span><span class="nf">int</span><span class="p">().</span><span class="nf">min</span><span class="p">(</span><span class="mi">0</span><span class="p">).</span><span class="nf">optional</span><span class="p">(),</span> <span class="p">}),</span> <span class="na">annotations</span><span class="p">:</span> <span class="p">{</span> <span class="na">readOnlyHint</span><span class="p">:</span> <span class="kc">true</span> <span class="p">},</span> <span class="p">},</span> <span class="k">async </span><span class="p">(</span><span class="nx">params</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">authInfo</span><span class="p">.</span><span class="nx">scopes</span><span class="p">.</span><span class="nf">includes</span><span class="p">(</span><span class="dl">'</span><span class="s1">invoices:read</span><span class="dl">'</span><span class="p">))</span> <span class="p">{</span> <span class="k">return</span> <span class="p">{</span> <span class="na">content</span><span class="p">:</span> <span class="p">[{</span> <span class="na">type</span><span class="p">:</span> <span class="dl">'</span><span class="s1">text</span><span class="dl">'</span><span class="p">,</span> <span class="na">text</span><span class="p">:</span> <span class="dl">'</span><span class="s1">Insufficient scope - invoices:read required.</span><span class="dl">'</span> <span class="p">}],</span> <span class="na">isError</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="p">};</span> <span class="p">}</span> <span class="kd">const</span> <span class="nx">useCase</span> <span class="o">=</span> <span class="nx">mcpUseCases</span><span class="p">.</span><span class="nf">getListInvoicesViaMcpUseCase</span><span class="p">();</span> <span class="kd">const</span> <span class="nx">result</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">useCase</span><span class="p">.</span><span class="nf">execute</span><span class="p">({</span> <span class="na">teamId</span><span class="p">:</span> <span class="nx">authInfo</span><span class="p">.</span><span class="nx">teamId</span><span class="p">,</span> <span class="c1">// Always from auth, never from params</span> <span class="na">status</span><span class="p">:</span> <span class="nx">params</span><span class="p">.</span><span class="nx">status</span><span class="p">,</span> <span class="na">clientName</span><span class="p">:</span> <span class="nx">params</span><span class="p">.</span><span class="nx">clientName</span><span class="p">,</span> <span class="na">limit</span><span class="p">:</span> <span class="nx">params</span><span class="p">.</span><span class="nx">limit</span><span class="p">,</span> <span class="na">offset</span><span class="p">:</span> <span class="nx">params</span><span class="p">.</span><span class="nx">offset</span><span class="p">,</span> <span class="p">});</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">result</span><span class="p">.</span><span class="nx">isSuccess</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="p">{</span> <span class="na">content</span><span class="p">:</span> <span class="p">[{</span> <span class="na">type</span><span class="p">:</span> <span class="dl">'</span><span class="s1">text</span><span class="dl">'</span><span class="p">,</span> <span class="na">text</span><span class="p">:</span> <span class="nx">result</span><span class="p">.</span><span class="nx">errors</span><span class="p">.</span><span class="nf">join</span><span class="p">(</span><span class="dl">'</span><span class="s1">, </span><span class="dl">'</span><span class="p">)</span> <span class="p">}],</span> <span class="na">isError</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="p">};</span> <span class="p">}</span> <span class="k">return</span> <span class="p">{</span> <span class="na">content</span><span class="p">:</span> <span class="p">[</span> <span class="p">{</span> <span class="na">type</span><span class="p">:</span> <span class="dl">'</span><span class="s1">text</span><span class="dl">'</span><span class="p">,</span> <span class="na">text</span><span class="p">:</span> <span class="s2">`Found </span><span class="p">${</span><span class="nx">result</span><span class="p">.</span><span class="nx">value</span><span class="p">.</span><span class="nx">length</span><span class="p">}</span><span class="s2"> invoices.`</span> <span class="p">},</span> <span class="p">{</span> <span class="na">type</span><span class="p">:</span> <span class="dl">'</span><span class="s1">text</span><span class="dl">'</span><span class="p">,</span> <span class="na">text</span><span class="p">:</span> <span class="nx">JSON</span><span class="p">.</span><span class="nf">stringify</span><span class="p">(</span><span class="nx">result</span><span class="p">.</span><span class="nx">value</span><span class="p">,</span> <span class="kc">null</span><span class="p">,</span> <span class="mi">2</span><span class="p">)</span> <span class="p">},</span> <span class="p">],</span> <span class="p">};</span> <span class="p">}</span> <span class="p">);</span> <span class="p">};</span> </code></pre> </div> <p>Two things never come from the AI's parameters: <code>teamId</code> and <code>userId</code>. They always come from <code>authInfo</code>, which is populated from the verified token. Even if the AI sends <code>teamId: "someone-elses-team"</code> in the tool call, it's ignored. The auth context wins.</p> <p>This is the same principle as "don't trust the client" in web apps, applied to AI clients. The AI is a client. It sends parameters. You validate them, but identity always comes from the token.</p> <h2> Token refresh </h2> <p>Access tokens expire in one hour. The client refreshes without user interaction:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">async</span> <span class="nf">execute</span><span class="p">(</span><span class="nx">input</span><span class="p">:</span> <span class="p">{</span> <span class="nl">refreshToken</span><span class="p">:</span> <span class="kr">string</span> <span class="p">}):</span> <span class="nb">Promise</span><span class="o">&lt;</span><span class="nx">Result</span><span class="o">&lt;</span><span class="nx">TokenResponse</span><span class="o">&gt;&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">refreshTokenHash</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">sha256Hash</span><span class="p">(</span><span class="nx">input</span><span class="p">.</span><span class="nx">refreshToken</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">existingToken</span> <span class="o">=</span> <span class="k">await</span> <span class="k">this</span><span class="p">.</span><span class="nx">mcpAccessTokenRepository</span><span class="p">.</span><span class="nf">findByRefreshTokenHash</span><span class="p">(</span><span class="nx">refreshTokenHash</span><span class="p">);</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">existingToken</span><span class="p">)</span> <span class="k">return</span> <span class="nx">Result</span><span class="p">.</span><span class="nc">Error</span><span class="p">(</span><span class="dl">'</span><span class="s1">invalid_grant</span><span class="dl">'</span><span class="p">);</span> <span class="k">if </span><span class="p">(</span><span class="nx">existingToken</span><span class="p">.</span><span class="nf">isRefreshExpired</span><span class="p">()</span> <span class="o">||</span> <span class="nx">existingToken</span><span class="p">.</span><span class="nf">isRevoked</span><span class="p">())</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">Result</span><span class="p">.</span><span class="nc">Error</span><span class="p">(</span><span class="dl">'</span><span class="s1">invalid_grant</span><span class="dl">'</span><span class="p">);</span> <span class="p">}</span> <span class="c1">// Issue new pair with same scopes</span> <span class="kd">const</span> <span class="nx">newAccessToken</span> <span class="o">=</span> <span class="nf">generateSecureToken</span><span class="p">();</span> <span class="kd">const</span> <span class="nx">newRefreshToken</span> <span class="o">=</span> <span class="nf">generateSecureToken</span><span class="p">();</span> <span class="kd">const</span> <span class="p">[</span><span class="nx">newTokenHash</span><span class="p">,</span> <span class="nx">newRefreshTokenHash</span><span class="p">]</span> <span class="o">=</span> <span class="k">await</span> <span class="nb">Promise</span><span class="p">.</span><span class="nf">all</span><span class="p">([</span> <span class="nf">sha256Hash</span><span class="p">(</span><span class="nx">newAccessToken</span><span class="p">),</span> <span class="nf">sha256Hash</span><span class="p">(</span><span class="nx">newRefreshToken</span><span class="p">),</span> <span class="p">]);</span> <span class="kd">const</span> <span class="nx">now</span> <span class="o">=</span> <span class="nb">Date</span><span class="p">.</span><span class="nf">now</span><span class="p">();</span> <span class="kd">const</span> <span class="nx">newTokenEntity</span> <span class="o">=</span> <span class="nx">McpAccessTokenEntity</span><span class="p">.</span><span class="nf">create</span><span class="p">({</span> <span class="na">userId</span><span class="p">:</span> <span class="nx">existingToken</span><span class="p">.</span><span class="nf">getUserId</span><span class="p">(),</span> <span class="na">teamId</span><span class="p">:</span> <span class="nx">existingToken</span><span class="p">.</span><span class="nf">getTeamId</span><span class="p">(),</span> <span class="na">teamRole</span><span class="p">:</span> <span class="nx">existingToken</span><span class="p">.</span><span class="nf">getTeamRole</span><span class="p">(),</span> <span class="na">tokenHash</span><span class="p">:</span> <span class="nx">newTokenHash</span><span class="p">,</span> <span class="na">refreshTokenHash</span><span class="p">:</span> <span class="nx">newRefreshTokenHash</span><span class="p">,</span> <span class="na">scopes</span><span class="p">:</span> <span class="nx">existingToken</span><span class="p">.</span><span class="nf">getScopes</span><span class="p">(),</span> <span class="na">clientName</span><span class="p">:</span> <span class="nx">existingToken</span><span class="p">.</span><span class="nf">getClientName</span><span class="p">(),</span> <span class="na">expiresAt</span><span class="p">:</span> <span class="k">new</span> <span class="nc">Date</span><span class="p">(</span><span class="nx">now</span> <span class="o">+</span> <span class="nx">ACCESS_TOKEN_TTL_MS</span><span class="p">),</span> <span class="na">refreshExpiresAt</span><span class="p">:</span> <span class="k">new</span> <span class="nc">Date</span><span class="p">(</span><span class="nx">now</span> <span class="o">+</span> <span class="nx">REFRESH_TOKEN_TTL_MS</span><span class="p">),</span> <span class="p">});</span> <span class="k">await</span> <span class="k">this</span><span class="p">.</span><span class="nx">mcpAccessTokenRepository</span><span class="p">.</span><span class="nf">save</span><span class="p">(</span><span class="nx">newTokenEntity</span><span class="p">);</span> <span class="c1">// Revoke old token pair (rotation - prevents replay)</span> <span class="k">await</span> <span class="k">this</span><span class="p">.</span><span class="nx">mcpAccessTokenRepository</span><span class="p">.</span><span class="nf">revoke</span><span class="p">(</span><span class="nx">existingToken</span><span class="p">.</span><span class="nf">revoke</span><span class="p">());</span> <span class="k">return</span> <span class="nx">Result</span><span class="p">.</span><span class="nc">Success</span><span class="p">({</span> <span class="na">accessToken</span><span class="p">:</span> <span class="nx">newAccessToken</span><span class="p">,</span> <span class="na">refreshToken</span><span class="p">:</span> <span class="nx">newRefreshToken</span><span class="p">,</span> <span class="na">expiresIn</span><span class="p">:</span> <span class="nx">ACCESS_TOKEN_EXPIRES_IN_SECONDS</span><span class="p">,</span> <span class="na">tokenType</span><span class="p">:</span> <span class="dl">'</span><span class="s1">Bearer</span><span class="dl">'</span><span class="p">,</span> <span class="p">});</span> <span class="p">}</span> </code></pre> </div> <p>We use <strong>refresh token rotation</strong>: every refresh issues a new refresh token and revokes the old one. If a refresh token is used twice, the second attempt fails - which signals a possible token theft.</p> <p>The refresh token lives for 30 days. After that, the user re-authenticates through the browser. This is the only time they see the consent screen again.</p> <h2> The scope model </h2> <p>We have 25 scopes organized by domain and permission level:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>invoices:read invoices:write invoices:delete accounting:read accounting:write accounting:delete companies:read companies:write companies:delete clients:read clients:write clients:delete products:read products:write products:delete estimates:read estimates:write estimates:delete sharing:read sharing:write teams:read teams:write billing:read ai:read ai:write </code></pre> </div> <p>The pattern is <code>{domain}:{level}</code>. Three levels: read, write, delete. Some domains don't have all three - <code>billing</code> is read-only because there's no "create a subscription" tool.</p> <p>This maps directly to our <a href="https://dev.to/ievgen_ch/anatomy-of-a-118-tool-mcp-server-how-we-organized-the-chaos-3h9a">file organization from post 2</a>. <code>accountingReadTools.ts</code> checks <code>accounting:read</code>. <code>accountingWriteTools.ts</code> checks <code>accounting:write</code>. The file name tells you the scope.</p> <p>A typical connection grants 5-10 scopes. A freelancer connecting their personal AI assistant might grant everything. A company admin connecting a shared AI might grant <code>invoices:read</code> and <code>accounting:read</code> only - the AI can look at data but can't change anything.</p> <h2> Why remote is better than local for SaaS </h2> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th></th> <th>Local (stdio + API key)</th> <th>Remote (HTTP + OAuth)</th> </tr> </thead> <tbody> <tr> <td><strong>Setup</strong></td> <td>Edit JSON config file</td> <td>Run one command</td> </tr> <tr> <td><strong>Security</strong></td> <td>Static key with full access</td> <td>Scoped token, 1-hour expiry</td> </tr> <tr> <td><strong>Multi-tenancy</strong></td> <td>Manual key-per-team</td> <td>Team picker in consent UI</td> </tr> <tr> <td><strong>Revocation</strong></td> <td>Generate new key, update config</td> <td>Click "disconnect" in app settings</td> </tr> <tr> <td><strong>User consent</strong></td> <td>None - paste key and hope</td> <td>Browser-based scope approval</td> </tr> <tr> <td><strong>Cross-device</strong></td> <td>Config file per device</td> <td>Token syncs across Claude.ai devices</td> </tr> <tr> <td><strong>Updates</strong></td> <td>Reinstall/rebuild server binary</td> <td>Server updates without client changes</td> </tr> <tr> <td><strong>Dependencies</strong></td> <td>Node.js + npm + binary</td> <td>None (HTTP transport)</td> </tr> </tbody> </table></div> <p>The last row matters more than you'd think. Local MCP servers require the user to have Node.js installed, run <code>npx</code>, and keep the process alive. Our remote server is just an HTTP endpoint. Claude Desktop, Claude.ai, ChatGPT, Cursor - they all connect with a URL. No local runtime.</p> <h2> Security model summary </h2> <p>What the AI <strong>can</strong> do:</p> <ul> <li>Call any tool that's within the granted scopes</li> <li>Read, create, update, or delete data within the selected team</li> <li>Chain multiple tools in a single conversation</li> </ul> <p>What the AI <strong>cannot</strong> do:</p> <ul> <li>Access data from a team the user didn't select</li> <li>Exceed the granted scopes (read-only connection stays read-only)</li> <li>Impersonate another user (userId always comes from the token)</li> <li>Use an expired or revoked token</li> <li>Access data after the user is removed from the team (live membership check)</li> </ul> <p>What the <strong>user</strong> controls:</p> <ul> <li>Which team to grant access to</li> <li>Which scopes to approve</li> <li>When to disconnect (revoke from app settings)</li> </ul> <h2> If you're building a remote MCP server </h2> <p>Here's what we'd recommend based on what worked and what didn't:</p> <p><strong>Start with PKCE from day one.</strong> We briefly considered simple API keys as an MVP. Glad we didn't - retrofitting auth into a working server is painful, and users who connected with API keys would need to re-authenticate anyway.</p> <p><strong>Hash tokens before storing.</strong> This is a one-time cost (two lines of code) that eliminates an entire class of data breach scenarios.</p> <p><strong>Check team membership on every request.</strong> The extra database query is worth it. "Remove user from team" should mean "remove access immediately," not "remove access when their token expires."</p> <p><strong>Use domain:level scope naming.</strong> It scales. When we added the <code>estimates</code> domain, we added <code>estimates:read</code>, <code>estimates:write</code>, <code>estimates:delete</code> and it was obvious where each scope goes.</p> <p><strong>Return two content blocks.</strong> A human-readable summary and the full JSON data. The AI shows the summary to the user and uses the JSON for follow-up operations.</p> <h2> Try it </h2> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>claude mcp add <span class="nt">--transport</span> http paperlink https://mcp.paperlink.online/api/mcp/mcp </code></pre> </div> <p>You'll see the consent screen, pick a team, and be connected in about 10 seconds. 118 tools, scoped to exactly what you approved.</p> mcp ai typescript saas Eugen Thu, 23 Apr 2026 18:25:56 +0000 https://forem.com/ievgen_ch/your-claude-max-weekly-limit-runs-out-in-3-days-heres-why-and-the-fix-45mk https://forem.com/ievgen_ch/your-claude-max-weekly-limit-runs-out-in-3-days-heres-why-and-the-fix-45mk <p>Your Claude Max weekly limit runs out in 3-4 days instead of 7.</p> <p>You're paying $200/month. You're not imagining it.</p> <p>We run Claude Code full-time building <a href="https://paperlink.online" rel="noopener noreferrer">PaperLink</a> - a document sharing and analytics platform. 8+ hour daily sessions, Clean Architecture across 4 layers, 30+ custom Claude skills, 9 automated hooks. We're not casual users - and we burned through limits faster than anyone we talked to.</p> <p>We tracked this for months and found <strong>4 root causes stacking simultaneously</strong>. None of them were obvious.</p> <h2> Root Cause #1: Anthropic Quietly Changed the Rules </h2> <p>In March 2026, Anthropic reduced peak-hour limits and removed the off-peak bonus that heavy users relied on.</p> <p>There was no announcement. No changelog entry. We noticed when our weekly limit started dying on Wednesday instead of lasting until Sunday. The community confirmed it:</p> <blockquote> <p>"Claude Code is the best coding tool I've ever used, for the 45 minutes a day I can actually use it."</p> </blockquote> <p>This is the new baseline. Anthropic did not restore previous limits.</p> <h2> Root Cause #2: Cache Bug (10-20x Token Inflation) </h2> <p>Claude Code CLI versions <strong>2.1.110 through 2.1.117</strong> had a prompt caching bug that caused 10-20x token inflation per request.</p> <p>What this means: a request that should have cost 5,000 tokens was costing 50,000-100,000. We run dozens of requests per session across our skill pipeline - the weekly limit was evaporating before we could finish a single feature.</p> <p>Most people never noticed because token spend is not visible in the Claude Code UI by default.</p> <p><strong>Fix:</strong> Update to CLI version <strong>2.1.118</strong> or later.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># Check your current version</span> claude <span class="nt">--version</span> <span class="c"># Update</span> npm i <span class="nt">-g</span> @anthropic-ai/claude-code@latest </code></pre> </div> <h2> Root Cause #3: The Most Expensive Configuration Possible </h2> <p>After the Opus 4.7 release, we were running the most expensive configuration possible:</p> <ul> <li> <strong>Model:</strong> <code>claude-opus-4-7</code> (most expensive model)</li> <li> <strong>Effort level:</strong> <code>xhigh</code> (maximum thinking tokens per request)</li> </ul> <p>We wanted the best output quality for our Clean Architecture codebase. But every single request - including trivial ones like "rename this variable" - was using the maximum token budget.</p> <p><strong>Fix:</strong> Pin the model to <code>claude-opus-4-6</code>. For 95% of coding tasks, the output quality is identical. The token cost is significantly lower.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"model"</span><span class="p">:</span><span class="w"> </span><span class="s2">"claude-opus-4-6"</span><span class="p">,</span><span class="w"> </span><span class="nl">"effortLevel"</span><span class="p">:</span><span class="w"> </span><span class="s2">"high"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <h2> Root Cause #4: Long Sessions Are Token Killers </h2> <p>We analyzed our usage patterns and found <strong>87% of token spend came from agentic sessions lasting 8+ hours</strong>.</p> <p>PaperLink has a full skill pipeline - business requirements, technical plans, implementation, code review, tests - all running through Claude Code. A single feature can mean 50+ tool calls in one session. Here's why that's expensive:</p> <ul> <li>Context grows with every request/response pair</li> <li>At 100,000 tokens of context, every new response costs roughly <strong>2x</strong> what it costs at 50,000</li> <li>After 6-7 hours, Claude starts "freelancing" - renaming variables, refactoring out-of-scope files, doing things you didn't ask for</li> <li>Quality degrades, you correct it, corrections add more context, which increases cost further</li> </ul> <p>It's a vicious cycle.</p> <p><strong>Fix:</strong> Set an auto-compact window and disable the 1M context option.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"env"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"CLAUDE_CODE_AUTO_COMPACT_WINDOW"</span><span class="p">:</span><span class="w"> </span><span class="s2">"200000"</span><span class="p">,</span><span class="w"> </span><span class="nl">"CLAUDE_CODE_DISABLE_1M_CONTEXT"</span><span class="p">:</span><span class="w"> </span><span class="s2">"1"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p><code>CLAUDE_CODE_AUTO_COMPACT_WINDOW</code> at 200k tokens forces context compression before it balloons. <code>CLAUDE_CODE_DISABLE_1M_CONTEXT</code> caps the per-request token ceiling.</p> <h2> The Complete settings.json Fix </h2> <p>Here's the full configuration that doubled our weekly limit:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"model"</span><span class="p">:</span><span class="w"> </span><span class="s2">"claude-opus-4-6"</span><span class="p">,</span><span class="w"> </span><span class="nl">"effortLevel"</span><span class="p">:</span><span class="w"> </span><span class="s2">"high"</span><span class="p">,</span><span class="w"> </span><span class="nl">"autoUpdatesChannel"</span><span class="p">:</span><span class="w"> </span><span class="s2">"stable"</span><span class="p">,</span><span class="w"> </span><span class="nl">"alwaysThinkingEnabled"</span><span class="p">:</span><span class="w"> </span><span class="kc">false</span><span class="p">,</span><span class="w"> </span><span class="nl">"env"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"DISABLE_AUTOUPDATER"</span><span class="p">:</span><span class="w"> </span><span class="s2">"1"</span><span class="p">,</span><span class="w"> </span><span class="nl">"CLAUDE_CODE_DISABLE_1M_CONTEXT"</span><span class="p">:</span><span class="w"> </span><span class="s2">"1"</span><span class="p">,</span><span class="w"> </span><span class="nl">"CLAUDE_CODE_AUTO_COMPACT_WINDOW"</span><span class="p">:</span><span class="w"> </span><span class="s2">"200000"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p>Two settings worth explaining:</p> <p><strong><code>alwaysThinkingEnabled: false</code></strong> - This was forcing extended thinking tokens on every request, even trivial ones. Extended thinking is powerful for complex architectural decisions - we use it when Claude needs to reason across domain, application, infrastructure, and presentation layers. But burning thinking tokens on "add a semicolon" is pure waste.</p> <p><strong><code>DISABLE_AUTOUPDATER: 1</code></strong> - After the cache bug in versions 2.1.110-2.1.117, we pinned to a stable version. Auto-updates to buggy CLI versions can silently inflate your token spend for days before you notice.</p> <h2> One Thing I Removed </h2> <p>We had <code>ENABLE_PROMPT_CACHING_1H</code> in our env vars. Turns out Max subscription already gets 1-hour prompt cache TTL automatically. This variable was redundant - and according to the community, may have actually added overhead rather than helping.</p> <h2> The Result </h2> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Before</th> <th>After</th> </tr> </thead> <tbody> <tr> <td>Weekly limit exhausted in 3-4 days</td> <td>Weekly limit lasts 6-7 days</td> </tr> <tr> <td>Frequent "limit reached" mid-session</td> <td>Rare limit hits, usually end of week</td> </tr> <tr> <td>Long sessions degrading quality</td> <td>Shorter, higher-quality sessions</td> </tr> </tbody> </table></div> <h2> What Did NOT Change </h2> <p>Anthropic did not restore previous limits. This is the new normal.</p> <p>These settings minimize your token spend within the current pricing model. If Anthropic changes limits again, the fundamentals still apply: control your model cost, control your context size, avoid buggy CLI versions.</p> <h2> Quick Checklist </h2> <p>Before your next session, verify:</p> <ul> <li>[ ] CLI version &gt;= 2.1.118 (<code>claude --version</code>)</li> <li>[ ] Model pinned to <code>claude-opus-4-6</code> (or <code>claude-sonnet-4-6</code> for lighter tasks)</li> <li>[ ] Effort level set to <code>high</code>, not <code>xhigh</code> </li> <li>[ ] <code>alwaysThinkingEnabled</code> is <code>false</code> </li> <li>[ ] Auto-compact window set to 200k</li> <li>[ ] 1M context disabled</li> <li>[ ] Auto-updater disabled (update manually when stable)</li> <li>[ ] No redundant <code>ENABLE_PROMPT_CACHING_1H</code> env var</li> </ul> <p>We're still pushing Claude Code hard every day on PaperLink - if we find more optimizations, we'll update this post.</p> <p>What's the biggest Claude Code frustration you've hit? Drop your experience in the comments - curious how common these patterns are.</p> Eugen Thu, 23 Apr 2026 07:49:07 +0000 https://forem.com/ievgen_ch/your-mcp-server-is-a-qa-engineer-you-havent-hired-yet-1dn5 https://forem.com/ievgen_ch/your-mcp-server-is-a-qa-engineer-you-havent-hired-yet-1dn5 <p>We built <a href="https://dev.to/ievgen_ch/we-built-118-mcp-tools-heres-what-ai-actually-does-with-them-4pdh">118 MCP tools</a> for our SaaS and <a href="https://dev.to/ievgen_ch/anatomy-of-a-118-tool-mcp-server-how-we-organized-the-chaos-3h9a">organized them into 19 files</a>. Then we ran 722 manual test scenarios by talking to Claude. What we found changed how we think about MCP servers.</p> <p>Unit tests verify that code does what you wrote. They do not verify that your data makes sense.</p> <h2> The accidental discovery </h2> <p>We built the MCP server for data entry - "record this expense," "create this invoice." Standard operations. Then we started asking different questions. Not "create X" but "show me everything that looks wrong."</p> <p>The first one: "Show me all transactions without a category." Claude called <code>list-transactions</code> and returned entries we had forgotten about. Expenses recorded but never categorized. Not a code bug. A data gap. Invisible to every test we run.</p> <p>That was the moment we realized: an AI with read access to multiple domains is a QA engineer. Not the kind that writes Playwright tests - the kind that audits your actual production data.</p> <h2> Cross-domain queries humans don't think to run </h2> <p>Here are the checks we now run regularly. Each one targets the boundary between two domains where no single test has jurisdiction.</p> <h3> Stuck state machines </h3> <p>"Which invoices have been in Sent status for more than 30 days?"</p> <p>Claude calls <code>list-invoices</code> filtered by status, then checks dates. An invoice sitting in "Sent" for 47 days should have transitioned to "Overdue" automatically. If it didn't, the scheduled job failed, the client record was deleted, or there's a timezone bug. The AI doesn't fix these - it surfaces them.</p> <h3> Balance reconciliation </h3> <p>"Does the bank account balance match the sum of its transactions?"</p> <p>Claude calls <code>get-account-balances</code> for current balances, then <code>list-transactions</code> filtered by account to sum recorded entries. If the numbers diverge, a transaction was missed during import or a balance sync failed silently. Both systems pass their own tests. The inconsistency lives between them.</p> <h3> Revenue consistency </h3> <p>"Compare total invoiced revenue with total recorded income in accounting."</p> <p>Invoice totals are computed from line items. Accounting revenue comes from payment transactions. If these two numbers disagree, a payment was recorded without matching an invoice, or an invoice was paid but the income transaction was never created.</p> <h3> Ghost references </h3> <p>"Show me products referenced in invoices but marked as archived."</p> <p>An archived product shouldn't appear on active invoices. If it does, the archive operation didn't cascade properly, or the invoice was created in a narrow window between the product lookup and the archive. Edge cases that unit tests don't model because they cross entity boundaries.</p> <h3> Dormant clients </h3> <p>"Which clients have zero invoices in the last 6 months?"</p> <p>Not a bug - a business insight. But it's the same query pattern: cross-domain, read-only, using filters that no UI was designed to combine.</p> <h2> 722 test scenarios: what we actually found </h2> <p>We didn't stop at ad hoc questions. We wrote 722 acceptance test scenarios and ran every one through Claude. Each tool got happy path tests, error handling, boundary values, unicode input, and cross-tool E2E flows.</p> <p>We categorized results as PASS, SKIP, BUG-FIXED, or KNOWN-LIMITATION. The BUG-FIXED category is where it gets interesting.</p> <h3> Bug class 1: Zod coercion </h3> <p>MCP sends parameters as strings over JSON-RPC. Six of our <code>list</code> tools used <code>z.number()</code> for pagination params. Claude sends <code>"3"</code> as a string. Zod rejects it. The tools worked in our test suite (which passes native numbers) but failed through Claude.</p> <p>Fix: <code>z.number()</code> to <code>z.coerce.number()</code> across all pagination params.</p> <p>This is the kind of bug that automated tests miss because they test the code path, not the transport path. The Zod schema was correct TypeScript. It just didn't match the real-world input format.</p> <h3> Bug class 2: Required fields on partial updates </h3> <p>Three update tools (<code>update-company</code>, <code>update-client</code>, <code>update-product</code>) had <code>name: z.string()</code> in their schema. Name was required. But for a partial update, you might only want to change the phone number. Claude would send <code>{ phone: "..." }</code> and Zod would reject it because <code>name</code> was missing.</p> <p>Fix: <code>z.string()</code> to <code>z.string().optional()</code> for every field that shouldn't be mandatory on update.</p> <h3> Bug class 3: Missing ownership checks (IDOR) </h3> <p><code>update-document-status</code> didn't verify that the status belonged to the authenticated team. A user could theoretically update another team's status by guessing the UUID. The web UI never exposed this because it only showed the user's own statuses. The MCP tool, being a raw API, had no such guard.</p> <p>Fix: add <code>teamId</code> to the WHERE clause in the repository query. Same fix applied to <code>delete-document-status</code>.</p> <p>This is the most important category. MCP tools are public API endpoints. If your web UI has implicit security (only showing the user's data), your MCP tools need explicit security (checking ownership in every query). The acceptance tests caught two IDOR vulnerabilities that would have passed code review.</p> <h3> Bug class 4: Method name mismatches </h3> <p><code>update-invoice</code> called <code>service.update()</code> but the actual method was <code>service.updateDocument()</code>. TypeScript didn't catch it because the DI wiring used <code>as never</code> to bypass a complex generic. The tool compiled fine and would crash at runtime.</p> <p><code>convert-estimate-to-invoice</code> used <code>require()</code> instead of a static import, hiding another type mismatch. ESM context + <code>require()</code> = silent failure.</p> <p>Fix: remove <code>require()</code>, use proper DI factory functions, fix the method names.</p> <h3> Bug class 5: Archived entities in list results </h3> <p><code>list-clients</code>, <code>list-companies</code>, and <code>list-products</code> returned archived entities by default. The web UI filtered them out in the component. The MCP tool didn't. Claude would show the user a client they had already archived, they'd try to create an invoice for it, and get a confusing error.</p> <p>Fix: filter archived entities by default, add <code>includeArchived</code> param for explicit requests.</p> <h2> The pattern: MCP tests the full stack </h2> <p>What these 5 bug classes have in common: they all live at integration boundaries that unit tests don't cross.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Unit test: UseCase -&gt; Mock Repository -&gt; Assert result MCP test: Claude -&gt; JSON-RPC -&gt; Zod -&gt; UseCase -&gt; Prisma -&gt; Response -&gt; Claude What unit tests verify: - Business logic - Input validation - Error handling What MCP tests add: - Transport coercion (string -&gt; number) - Schema completeness (required vs optional) - Authorization at the API boundary (not UI boundary) - Response format (can the AI actually use the output?) - Cross-tool data integrity (tool A's output feeds tool B) </code></pre> </div> <h2> What MCP gives you that SQL doesn't </h2> <p>You could run consistency checks with SQL. The difference isn't capability - it's friction.</p> <p><strong>Authorization is built into every tool.</strong> Every MCP tool in our server filters by team automatically. With raw SQL, you write <code>WHERE team_id = X</code> on every query and hope nobody forgets.</p> <p><strong>No schema knowledge required.</strong> In our database, <code>Account</code> is the NextAuth OAuth model while <code>FinancialAccount</code> is a bank account, categories have polymorphic ownership (<code>teamId</code> OR <code>userId</code>, never both), and invoices and estimates live in separate tables with different schemas. The MCP tools abstract all of this away. You ask for "invoices" and get invoices.</p> <p><strong>Checks evolve without code changes.</strong> When you think of a new consistency check, you type it in English. "Which clients have invoices but no recorded payments in the last 90 days?" That check didn't exist before you asked - and it required no engineering work to create.</p> <h2> How to do this with your own MCP server </h2> <p><strong>1. Identify boundary questions.</strong> Where should two domains agree? Revenue in invoices vs. revenue in accounting. Document access logs vs. NDA signatures. User counts vs. subscription seats.</p> <p><strong>2. Run 722 scenarios (or start with 10).</strong> Pick your most complex tool. Test: happy path, missing required params, invalid UUIDs, cross-team access, boundary values (amount: 0, limit: 101), unicode (Cyrillic descriptions, emoji). You'll find bugs on the first day.</p> <p><strong>3. Categorize what you find.</strong> PASS, BUG-FIXED, KNOWN-LIMITATION, SKIP. Track it. The BUG-FIXED count tells you how much value this approach adds. Ours was high enough that we made acceptance testing a standard step before every MCP release.</p> <p><strong>4. Make it routine.</strong> Ask your AI the boundary questions weekly. The data drifts. The questions stay relevant.</p> <h2> Try it </h2> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>claude mcp add <span class="nt">--transport</span> http paperlink https://mcp.paperlink.online/api/mcp/mcp </code></pre> </div> ai mcp testing saas Eugen Thu, 23 Apr 2026 07:27:50 +0000 https://forem.com/ievgen_ch/anatomy-of-a-118-tool-mcp-server-how-we-organized-the-chaos-3h9a https://forem.com/ievgen_ch/anatomy-of-a-118-tool-mcp-server-how-we-organized-the-chaos-3h9a <p>In the <a href="https://dev.to/ievgen_ch/we-built-118-mcp-tools-heres-what-ai-actually-does-with-them-4pdh">last post</a> I showed what an AI does with 118 MCP tools. The first question people asked was: "How do you organize all of that without going insane?"</p> <p>The honest answer: we didn't start with 118 tools. We started with 25 and hit every organizational problem you'd expect. This is what we ended up with after three rewrites.</p> <h2> The file structure </h2> <p>Every tool lives in one of 19 files, grouped by domain:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>tools/ accountingReadTools.ts 8 tools accountingWriteTools.ts 5 tools entityReadTools.ts 9 tools entityWriteTools.ts 9 tools entityDeleteTools.ts 3 tools documentReadTools.ts 3 tools documentCreateTools.ts 11 tools documentLifecycleTools.ts 10 tools categoryTools.ts 5 tools financialAccountTools.ts 5 tools currencyTools.ts 6 tools teamTools.ts 6 tools billingTools.ts 2 tools aiInsightTools.ts 3 tools folderTools.ts 6 tools fileTools.ts 8 tools linkTools.ts 4 tools sharingAnalyticsTools.ts 8 tools recurringTransactionTools.ts 7 tools types.ts shared type </code></pre> </div> <p>Each file exports a single function:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">export</span> <span class="kd">type</span> <span class="nx">ToolRegistrar</span> <span class="o">=</span> <span class="p">(</span><span class="nx">server</span><span class="p">:</span> <span class="nx">McpServer</span><span class="p">,</span> <span class="nx">authInfo</span><span class="p">:</span> <span class="nx">McpAuthInfoDto</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="k">void</span><span class="p">;</span> </code></pre> </div> <p>The entry point calls all 19 registrars:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">function</span> <span class="nf">createMcpServer</span><span class="p">(</span><span class="nx">authInfo</span><span class="p">:</span> <span class="nx">McpAuthInfoDto</span><span class="p">)</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">server</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">McpServer</span><span class="p">(</span> <span class="p">{</span> <span class="na">name</span><span class="p">:</span> <span class="dl">'</span><span class="s1">PaperLink</span><span class="dl">'</span><span class="p">,</span> <span class="na">version</span><span class="p">:</span> <span class="dl">'</span><span class="s1">1.0.0</span><span class="dl">'</span> <span class="p">},</span> <span class="p">{</span> <span class="na">instructions</span><span class="p">:</span> <span class="nx">MCP_INSTRUCTIONS</span> <span class="p">}</span> <span class="p">);</span> <span class="nf">registerAccountingReadTools</span><span class="p">(</span><span class="nx">server</span><span class="p">,</span> <span class="nx">authInfo</span><span class="p">);</span> <span class="nf">registerAccountingWriteTools</span><span class="p">(</span><span class="nx">server</span><span class="p">,</span> <span class="nx">authInfo</span><span class="p">);</span> <span class="nf">registerEntityReadTools</span><span class="p">(</span><span class="nx">server</span><span class="p">,</span> <span class="nx">authInfo</span><span class="p">);</span> <span class="c1">// ... 16 more</span> <span class="k">return</span> <span class="nx">server</span><span class="p">;</span> <span class="p">}</span> </code></pre> </div> <p>Adding a new domain is one file and one line in the entry point. No config, no registry, no plugin system.</p> <h2> Why read/write/delete are separate files </h2> <p>Version one had one file per domain: <code>accountingTools.ts</code> with all 13 tools. That worked until we added OAuth scopes.</p> <p>Our OAuth consent screen lets users grant granular permissions: <code>accounting:read</code>, <code>accounting:write</code>, <code>accounting:delete</code>. A user might connect their AI assistant with read-only access to invoices but full write access to accounting.</p> <p>When tools were in a single file, scope checks were scattered across the file with no clear boundary. Splitting by permission level made each file internally consistent: every tool in <code>accountingReadTools.ts</code> checks <code>accounting:read</code>, every tool in <code>accountingWriteTools.ts</code> checks <code>accounting:write</code>.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>invoices:read invoices:write invoices:delete accounting:read accounting:write accounting:delete companies:read companies:write companies:delete clients:read clients:write clients:delete products:read products:write products:delete estimates:read estimates:write estimates:delete sharing:read sharing:write teams:read teams:write billing:read ai:read ai:write </code></pre> </div> <p>25 scopes total. Each maps to a clear set of tools. You never wonder "does this tool need read or write?" because the filename tells you.</p> <p>For smaller domains (categories, currencies, team), read and write stay in one file. We split when it starts to matter for permissions or when the file gets too long.</p> <h2> Tool naming: {verb}-{resource} </h2> <p>Most tools follow one pattern:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>list-invoices get-invoice create-invoice update-invoice archive-invoice restore-invoice delete-invoice </code></pre> </div> <p>Seven core verbs cover the CRUD lifecycle:</p> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Verb</th> <th>What it does</th> <th>Reversible</th> </tr> </thead> <tbody> <tr> <td><code>list</code></td> <td>Paginated collection</td> <td>-</td> </tr> <tr> <td><code>get</code></td> <td>Single item by ID</td> <td>-</td> </tr> <tr> <td><code>create</code></td> <td>New record</td> <td>Yes (archive)</td> </tr> <tr> <td><code>update</code></td> <td>Modify existing</td> <td>Yes (update again)</td> </tr> <tr> <td><code>archive</code></td> <td>Soft delete</td> <td>Yes (restore)</td> </tr> <tr> <td><code>restore</code></td> <td>Undo archive</td> <td>Yes (archive)</td> </tr> <tr> <td><code>delete</code></td> <td>Hard delete</td> <td>No</td> </tr> </tbody> </table></div> <p>Then there are domain-specific verbs for operations that don't fit the CRUD model: <code>change-invoice-status</code>, <code>convert-estimate-to-invoice</code>, <code>record-invoice-payment</code>, <code>pause-recurring-transaction</code>, <code>generate-document-insight</code>. About a dozen specialized verbs for a dozen specialized operations.</p> <p>Batch operations get a plural noun: <code>create-transactions</code> (not <code>create-transaction-batch</code>). The AI figures it out from the plural.</p> <p>This matters more than you'd think. AI models pattern-match on tool names. If you name one tool <code>fetchInvoices</code>, another <code>getClients</code>, and a third <code>list-products</code>, the model has to learn three conventions. Consistent naming means the model can predict tool names it hasn't seen yet.</p> <h2> Zod schemas as SSOT </h2> <p>Every tool input is a Zod schema:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="nx">server</span><span class="p">.</span><span class="nf">registerTool</span><span class="p">(</span> <span class="dl">'</span><span class="s1">list-invoices</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">title</span><span class="p">:</span> <span class="dl">'</span><span class="s1">List Invoices</span><span class="dl">'</span><span class="p">,</span> <span class="na">description</span><span class="p">:</span> <span class="dl">'</span><span class="s1">List invoices for the authenticated team.</span><span class="dl">'</span><span class="p">,</span> <span class="na">inputSchema</span><span class="p">:</span> <span class="nx">z</span><span class="p">.</span><span class="nf">object</span><span class="p">({</span> <span class="na">status</span><span class="p">:</span> <span class="nx">z</span><span class="p">.</span><span class="nf">string</span><span class="p">().</span><span class="nf">optional</span><span class="p">().</span><span class="nf">describe</span><span class="p">(</span><span class="dl">'</span><span class="s1">Filter by status name</span><span class="dl">'</span><span class="p">),</span> <span class="na">clientName</span><span class="p">:</span> <span class="nx">z</span><span class="p">.</span><span class="nf">string</span><span class="p">().</span><span class="nf">optional</span><span class="p">().</span><span class="nf">describe</span><span class="p">(</span><span class="dl">'</span><span class="s1">Filter by client name</span><span class="dl">'</span><span class="p">),</span> <span class="na">dateFrom</span><span class="p">:</span> <span class="nf">coerceDateString</span><span class="p">().</span><span class="nf">optional</span><span class="p">().</span><span class="nf">describe</span><span class="p">(</span><span class="dl">'</span><span class="s1">From date (YYYY-MM-DD)</span><span class="dl">'</span><span class="p">),</span> <span class="na">dateTo</span><span class="p">:</span> <span class="nf">coerceDateString</span><span class="p">().</span><span class="nf">optional</span><span class="p">().</span><span class="nf">describe</span><span class="p">(</span><span class="dl">'</span><span class="s1">To date (YYYY-MM-DD)</span><span class="dl">'</span><span class="p">),</span> <span class="na">limit</span><span class="p">:</span> <span class="nx">z</span><span class="p">.</span><span class="nx">coerce</span><span class="p">.</span><span class="nf">number</span><span class="p">().</span><span class="nf">int</span><span class="p">().</span><span class="nf">min</span><span class="p">(</span><span class="mi">1</span><span class="p">).</span><span class="nf">max</span><span class="p">(</span><span class="mi">100</span><span class="p">).</span><span class="nf">optional</span><span class="p">(),</span> <span class="na">offset</span><span class="p">:</span> <span class="nx">z</span><span class="p">.</span><span class="nx">coerce</span><span class="p">.</span><span class="nf">number</span><span class="p">().</span><span class="nf">int</span><span class="p">().</span><span class="nf">min</span><span class="p">(</span><span class="mi">0</span><span class="p">).</span><span class="nf">optional</span><span class="p">(),</span> <span class="p">}),</span> <span class="na">annotations</span><span class="p">:</span> <span class="p">{</span> <span class="na">readOnlyHint</span><span class="p">:</span> <span class="kc">true</span> <span class="p">},</span> <span class="p">},</span> <span class="k">async </span><span class="p">(</span><span class="nx">params</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="cm">/* ... */</span> <span class="p">}</span> <span class="p">);</span> </code></pre> </div> <p>The Zod schema does three things at once:</p> <ol> <li> <strong>Validation</strong> - bad input gets rejected before your handler runs</li> <li> <strong>TypeScript types</strong> - params are fully typed inside the handler</li> <li> <strong>JSON Schema</strong> - the MCP SDK generates the schema that AI clients see</li> </ol> <p>No separate type definitions, no OpenAPI spec, no manual JSON Schema. One Zod object is the single source of truth.</p> <h3> The coercion problem </h3> <p>MCP sends parameters as JSON-RPC, and some clients serialize everything as strings. A number field might arrive as <code>"10"</code> instead of <code>10</code>. A date might be <code>"2024-03-15"</code> or just <code>2024-03-15</code>.</p> <p>We wrote five coerce helpers to handle this:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="nf">coerceDateString</span><span class="p">()</span> <span class="c1">// validates YYYY-MM-DD, accepts string</span> <span class="nf">coerceAmount</span><span class="p">()</span> <span class="c1">// positive number, min 0.01, max 999,999,999</span> <span class="nf">coerceBoolean</span><span class="p">()</span> <span class="c1">// "true"/"false" string -&gt; boolean</span> <span class="nf">coerceNullableString</span><span class="p">()</span> <span class="c1">// "null" string -&gt; null</span> <span class="nf">coerceJsonArray</span><span class="p">(</span><span class="nx">inner</span><span class="p">)</span> <span class="c1">// JSON string -&gt; parsed array</span> </code></pre> </div> <p><code>coerceJsonArray</code> is the interesting one. Our <code>create-transactions</code> tool accepts a batch of up to 50 transactions. The AI sends them as a JSON string inside a single parameter:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"transactions"</span><span class="p">:</span><span class="w"> </span><span class="s2">"[{</span><span class="se">\"</span><span class="s2">amount</span><span class="se">\"</span><span class="s2">: 12.50, ...}, {</span><span class="se">\"</span><span class="s2">amount</span><span class="se">\"</span><span class="s2">: 8.00, ...}]"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p>The coercer parses the string, validates each element against the inner schema, and gives you a typed array. One helper, used in one tool, but it saved us from building a separate batch API.</p> <h2> Tool annotations </h2> <p>Every tool carries metadata hints:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// Read tools</span> <span class="p">{</span> <span class="nl">readOnlyHint</span><span class="p">:</span> <span class="kc">true</span> <span class="p">}</span> <span class="c1">// Create tools</span> <span class="p">{</span> <span class="na">destructiveHint</span><span class="p">:</span> <span class="kc">false</span><span class="p">,</span> <span class="na">idempotentHint</span><span class="p">:</span> <span class="kc">false</span> <span class="p">}</span> <span class="c1">// Update tools (modifying data = destructive + idempotent)</span> <span class="p">{</span> <span class="na">destructiveHint</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="na">idempotentHint</span><span class="p">:</span> <span class="kc">true</span> <span class="p">}</span> <span class="c1">// Restore tools (reversing a soft delete = safe + idempotent)</span> <span class="p">{</span> <span class="na">destructiveHint</span><span class="p">:</span> <span class="kc">false</span><span class="p">,</span> <span class="na">idempotentHint</span><span class="p">:</span> <span class="kc">true</span> <span class="p">}</span> <span class="c1">// Archive/delete tools</span> <span class="p">{</span> <span class="na">destructiveHint</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="na">idempotentHint</span><span class="p">:</span> <span class="kc">false</span> <span class="p">}</span> </code></pre> </div> <p>MCP clients can use these to decide whether to auto-approve a tool call or ask the user first. A <code>readOnlyHint: true</code> tool is safe to run without confirmation. A <code>destructiveHint: true</code> tool should probably ask first.</p> <p>We adopted this convention early and it paid off. Some MCP clients show a different UI for destructive operations, and ours just worked.</p> <h2> The handler pattern </h2> <p>All 118 tool handlers follow the same five-step structure:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">async </span><span class="p">(</span><span class="nx">params</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="c1">// 1. Check scope</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">authInfo</span><span class="p">.</span><span class="nx">scopes</span><span class="p">.</span><span class="nf">includes</span><span class="p">(</span><span class="nx">SCOPE_ACCOUNTING_WRITE</span><span class="p">))</span> <span class="p">{</span> <span class="k">return</span> <span class="p">{</span> <span class="na">content</span><span class="p">:</span> <span class="p">[{</span> <span class="na">type</span><span class="p">:</span> <span class="dl">'</span><span class="s1">text</span><span class="dl">'</span><span class="p">,</span> <span class="na">text</span><span class="p">:</span> <span class="dl">'</span><span class="s1">Insufficient scope - accounting:write required.</span><span class="dl">'</span> <span class="p">}],</span> <span class="na">isError</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="p">};</span> <span class="p">}</span> <span class="c1">// 2. Get use case from DI container</span> <span class="kd">const</span> <span class="nx">useCase</span> <span class="o">=</span> <span class="nx">mcpUseCases</span><span class="p">.</span><span class="nf">getCreateTransactionViaMcpUseCase</span><span class="p">();</span> <span class="c1">// 3. Execute (teamId/userId always come from auth, never from params)</span> <span class="kd">const</span> <span class="nx">result</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">useCase</span><span class="p">.</span><span class="nf">execute</span><span class="p">({</span> <span class="p">...</span><span class="nx">params</span><span class="p">,</span> <span class="na">teamId</span><span class="p">:</span> <span class="nx">authInfo</span><span class="p">.</span><span class="nx">teamId</span><span class="p">,</span> <span class="na">userId</span><span class="p">:</span> <span class="nx">authInfo</span><span class="p">.</span><span class="nx">userId</span><span class="p">,</span> <span class="na">memberRole</span><span class="p">:</span> <span class="nx">authInfo</span><span class="p">.</span><span class="nx">teamRole</span><span class="p">,</span> <span class="p">});</span> <span class="c1">// 4. Handle failure</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">result</span><span class="p">.</span><span class="nx">isSuccess</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="p">{</span> <span class="na">content</span><span class="p">:</span> <span class="p">[{</span> <span class="na">type</span><span class="p">:</span> <span class="dl">'</span><span class="s1">text</span><span class="dl">'</span><span class="p">,</span> <span class="na">text</span><span class="p">:</span> <span class="nx">result</span><span class="p">.</span><span class="nx">errors</span><span class="p">.</span><span class="nf">join</span><span class="p">(</span><span class="dl">'</span><span class="s1">, </span><span class="dl">'</span><span class="p">)</span> <span class="p">}],</span> <span class="na">isError</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="p">};</span> <span class="p">}</span> <span class="c1">// 5. Return summary + structured data</span> <span class="k">return</span> <span class="p">{</span> <span class="na">content</span><span class="p">:</span> <span class="p">[</span> <span class="p">{</span> <span class="na">type</span><span class="p">:</span> <span class="dl">'</span><span class="s1">text</span><span class="dl">'</span><span class="p">,</span> <span class="na">text</span><span class="p">:</span> <span class="s2">`Created transaction: </span><span class="p">${</span><span class="nx">data</span><span class="p">.</span><span class="nx">description</span><span class="p">}</span><span class="s2"> - $</span><span class="p">${</span><span class="nx">data</span><span class="p">.</span><span class="nx">amount</span><span class="p">}</span><span class="s2">`</span> <span class="p">},</span> <span class="p">{</span> <span class="na">type</span><span class="p">:</span> <span class="dl">'</span><span class="s1">text</span><span class="dl">'</span><span class="p">,</span> <span class="na">text</span><span class="p">:</span> <span class="nx">JSON</span><span class="p">.</span><span class="nf">stringify</span><span class="p">(</span><span class="nx">result</span><span class="p">.</span><span class="nx">value</span><span class="p">,</span> <span class="kc">null</span><span class="p">,</span> <span class="mi">2</span><span class="p">)</span> <span class="p">},</span> <span class="p">],</span> <span class="p">};</span> <span class="p">}</span> </code></pre> </div> <p>A few things to notice:</p> <p><strong>teamId and userId never come from parameters.</strong> They come from <code>authInfo</code>, which is populated from the OAuth token. The AI can't impersonate another user or access another team's data, even if it tries.</p> <p><strong>Two content blocks in every response.</strong> The first is a human-readable summary the AI can relay directly to the user. The second is the full JSON data the AI can parse and use for follow-up operations. This convention makes the AI's responses more natural without losing precision.</p> <p><strong>Result pattern, not exceptions.</strong> Every use case returns <code>Result&lt;T&gt;</code> with <code>isSuccess</code>, <code>value</code>, and <code>errors</code>. No try/catch in tool handlers, no exception-based flow control.</p> <h2> Use Cases: not raw queries </h2> <p>This is where we broke from what most MCP servers do.</p> <p>The typical approach: tool handler takes params, runs a database query, returns the result. Fast to build, works fine for 10 tools.</p> <p>At 118 tools, that approach means 118 handlers with database logic, validation, authorization checks, and business rules all mixed together. We'd already built these for our web app, so we reused them.</p> <p>Every MCP tool calls a Use Case:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Tool handler (presentation layer) -&gt; MCP Use Case (application layer) -&gt; Domain Use Case (business logic) -&gt; Repository (data access) </code></pre> </div> <p>The MCP Use Cases are thin wrappers that add AI-friendly enrichment. For example, <code>CreateTransactionViaMcpUseCase</code> calls the same <code>CreateTransactionUseCase</code> that the web UI uses, then resolves account names and category paths so the AI can confirm with "Added $12.50 to Food &amp; Dining &gt; Groceries in your Wise USD account" instead of raw UUIDs.</p> <p>This matters because business rules stay in one place. When we added a rule that transactions over $10,000 require approval, it worked in the web UI, the API, and the MCP server simultaneously. Zero duplication.</p> <h2> DRY patterns that actually helped </h2> <h3> Polymorphic use cases </h3> <p>Companies, clients, and products share the same lifecycle: create, update, archive, restore, delete. Instead of nine separate use cases:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// One use case handles all three entity types</span> <span class="nx">useCase</span><span class="p">.</span><span class="nf">execute</span><span class="p">(</span><span class="dl">'</span><span class="s1">company</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="nx">id</span><span class="p">,</span> <span class="nx">teamId</span><span class="p">,</span> <span class="nx">userId</span><span class="p">,</span> <span class="nx">memberRole</span> <span class="p">});</span> <span class="nx">useCase</span><span class="p">.</span><span class="nf">execute</span><span class="p">(</span><span class="dl">'</span><span class="s1">client</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="nx">id</span><span class="p">,</span> <span class="nx">teamId</span><span class="p">,</span> <span class="nx">userId</span><span class="p">,</span> <span class="nx">memberRole</span> <span class="p">});</span> <span class="nx">useCase</span><span class="p">.</span><span class="nf">execute</span><span class="p">(</span><span class="dl">'</span><span class="s1">product</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="nx">id</span><span class="p">,</span> <span class="nx">teamId</span><span class="p">,</span> <span class="nx">userId</span><span class="p">,</span> <span class="nx">memberRole</span> <span class="p">});</span> </code></pre> </div> <p>Three entity types, three operations each, nine tool handlers - but only three use case classes.</p> <h3> Category path resolver </h3> <p>Several tools need to show a category as a human-readable path: "Food &amp; Dining &gt; Groceries" instead of a UUID. We had the same ancestor-walking loop copy-pasted across four use cases before extracting it:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">resolved</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">resolveCategoryPath</span><span class="p">(</span><span class="nx">categoryId</span><span class="p">,</span> <span class="nx">categoryRepository</span><span class="p">);</span> <span class="c1">// { name: "Groceries", path: "Food &amp; Dining &gt; Groceries" }</span> </code></pre> </div> <h3> Scope constants </h3> <p>All 25 scope strings defined once:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">export</span> <span class="kd">const</span> <span class="nx">MCP_SCOPE_ACCOUNTING_READ</span> <span class="o">=</span> <span class="dl">'</span><span class="s1">accounting:read</span><span class="dl">'</span><span class="p">;</span> <span class="k">export</span> <span class="kd">const</span> <span class="nx">MCP_SCOPE_ACCOUNTING_WRITE</span> <span class="o">=</span> <span class="dl">'</span><span class="s1">accounting:write</span><span class="dl">'</span><span class="p">;</span> <span class="c1">// ... 23 more</span> </code></pre> </div> <p>Not exciting, but it means "rename a scope" is a single-line change with TypeScript catching every reference.</p> <h2> What we'd do differently </h2> <p><strong>Start with the verb table.</strong> We defined verbs (<code>list</code>, <code>get</code>, <code>create</code>...) after building 60 tools. The first 60 had inconsistencies we had to fix. If we'd started with the verb convention, we'd have saved the refactor.</p> <p><strong>Split by permission from day one.</strong> The read/write file split happened at tool 40 when OAuth scopes forced it. It would have been easier at tool 1.</p> <p><strong>Invest in coerce helpers early.</strong> The MCP string coercion problem bit us on every tool. We wrote the helpers at tool 30. Should have been tool 1.</p> <h2> The one-liner </h2> <p>If you want to see all 118 tools in action:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>claude mcp add <span class="nt">--transport</span> http paperlink https://mcp.paperlink.online/api/mcp/mcp </code></pre> </div> ai productivity saas mcp Eugen Wed, 22 Apr 2026 14:00:16 +0000 https://forem.com/ievgen_ch/we-built-118-mcp-tools-heres-what-ai-actually-does-with-them-4pdh https://forem.com/ievgen_ch/we-built-118-mcp-tools-heres-what-ai-actually-does-with-them-4pdh <p>A couple of months ago we finished exposing our SaaS through an MCP server. It now has 118 tools across 12 domains. I want to show what an AI actually does with all of that, because it's not really what we designed for.</p> <p>PaperLink is a document-sharing and accounting SaaS. You connect Claude, ChatGPT, or any MCP client with one command and start talking to your data. Five examples from real conversations.</p> <h2> 1. A receipt photo becomes 6 categorized transactions </h2> <p>Someone snaps a photo of a coffee-shop receipt. The AI reads six line items, calls <code>create-transactions</code> once with all six in a batch, assigns categories, and asks for confirmation before it saves anything. One tool call instead of six form submissions.</p> <h2> 2. "Show me invoices stuck in SENT for 30+ days" </h2> <p>We built <code>list-invoices</code> so the UI could show a list of invoices. It takes filters as arguments, and those filters ended up doing more than we expected.</p> <p>The AI composed a query we never built a UI for: <code>status=SENT</code>, sent over 30 days ago, status history never transitioned to OVERDUE. Five invoices came back that should have auto-transitioned and didn't. That's a bug we had been shipping without noticing.</p> <h2> 3. "Upload this contract, password-protect it, expire Friday" </h2> <p>Three tools run from one sentence:</p> <ul> <li> <code>create-file-from-source</code> uploads the file</li> <li> <code>create-link</code> generates the protected share link</li> <li> <code>update-link</code> sets the expiration date</li> </ul> <p>The AI chains them, then asks "who should get access?" before sending.</p> <h2> 4. "Transfer $500 from Wise to Mono" </h2> <p>Two accounts, different currencies. The AI calls <code>get-exchange-rates</code>, works out the destination amount, then calls <code>create-transfer</code> with both amounts paired and waits for confirmation. A transfer that takes about 45 seconds on a form takes roughly 10 seconds to type.</p> <h2> 5. "Who actually read my proposal?" </h2> <p>The AI runs <code>get-link-analytics</code>, then <code>get-top-viewers</code>, then <code>get-page-heatmap</code>, and summarizes: "3 of 5 recipients opened it. One spent 6 minutes on the pricing page. The others skimmed." You get the answer without opening a dashboard.</p> <h2> The full map </h2> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Domain</th> <th>Tools</th> <th>Examples</th> </tr> </thead> <tbody> <tr> <td>Accounting &amp; transactions</td> <td>20</td> <td> <code>create-transaction</code>, <code>create-transfer</code>, <code>get-category-breakdown</code> </td> </tr> <tr> <td>Files &amp; folders</td> <td>14</td> <td> <code>upload-file-from-url</code>, <code>create-folder</code>, <code>archive-file</code> </td> </tr> <tr> <td>Clients &amp; companies</td> <td>14</td> <td> <code>create-client</code>, <code>create-company</code>, <code>archive-company</code> </td> </tr> <tr> <td>Document sharing &amp; analytics</td> <td>12</td> <td> <code>create-link</code>, <code>get-page-heatmap</code>, <code>get-top-viewers</code> </td> </tr> <tr> <td>Invoicing &amp; payments</td> <td>12</td> <td> <code>create-invoice</code>, <code>record-invoice-payment</code>, <code>change-invoice-status</code> </td> </tr> <tr> <td>Categories &amp; accounts</td> <td>10</td> <td> <code>create-category</code>, <code>create-financial-account</code> </td> </tr> <tr> <td>Estimates</td> <td>8</td> <td> <code>create-estimate</code>, <code>convert-estimate-to-invoice</code> </td> </tr> <tr> <td>Products &amp; services</td> <td>7</td> <td> <code>create-product</code>, <code>update-product</code> </td> </tr> <tr> <td>Recurring transactions</td> <td>7</td> <td> <code>create-recurring-transaction</code>, <code>get-recurring-forecast</code> </td> </tr> <tr> <td>Team &amp; permissions</td> <td>6</td> <td> <code>invite-member</code>, <code>change-member-role</code> </td> </tr> <tr> <td>Currency &amp; exchange</td> <td>6</td> <td> <code>get-exchange-rates</code>, <code>add-team-currency</code> </td> </tr> <tr> <td>AI insights &amp; billing</td> <td>5</td> <td> <code>generate-document-insight</code>, <code>get-subscription-info</code> </td> </tr> </tbody> </table></div> <p>Read, write, and delete tools live in separate files so OAuth scopes can stay granular.</p> <h2> Try it in 10 seconds </h2> <p>Sign up for a free account, then run:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>claude mcp add <span class="nt">--transport</span> http paperlink https://mcp.paperlink.online/api/mcp/mcp </code></pre> </div> <p>The server is remote, so you get an OAuth consent screen with a team picker and scope checkboxes. Disconnect anytime from the app.</p> <p>Next post: how we organized 118 tools across 19 files without writing the same boilerplate 118 times.</p> ai mcp typescript saas