Bring your agent
Your agents can drive PromptEden.
Connect Claude Code, Cursor, ChatGPT agents, or your own orchestration over hosted MCP and the v1 API. Reads are scoped. Writes flow through the same approval and policy system as Eden.
Use MCP or API keys today. OAuth + PKCE is available for provisioned connector clients. CLI npm packaging is coming soon.
{
"mcpServers": {
"prompteden": {
"url": "https://app.prompteden.com/api/mcp",
"headers": {
"Authorization": "Bearer ${PROMPTEDEN_API_KEY}"
}
}
}
} Surfaces
Agent-first access, without bypassing policy.
Hosted MCP
Claude Code, Cursor, ChatGPT agents, and other MCP clients can connect to PromptEden at the hosted MCP endpoint.
https://app.prompteden.com/api/mcp API keys
Server-side agents can use scoped pe_ keys for REST and MCP bearer-token auth.
Authorization: Bearer pe_... OAuth + PKCE
Connector clients can use OAuth authorization code with S256 PKCE. Clients are provisioned by PromptEden.
/oauth/authorize -> /oauth/token CLI
The CLI package is coming soon on npm. Use hosted MCP or API keys today.
@prompteden/cli Approval over MCP
Agents can propose writes. PromptEden decides when they run.
Every write action your agent proposes goes through the same queue Eden uses in the app. Approve it once, reject it, or turn it into a standing permission with a credit ceiling.
Read tools return data directly when the bearer token has the required scope.
Hosted MCP write tools return approval_required with an approval ID, estimate, and browser deep link.
The human approves in the app or grants a standing permission from the same approval system Eden uses.
The agent polls check_approval until the action is executed, rejected, expired, vetoed, or failed.
Agent result
{
"status": "approval_required",
"tool": "content_generate_article",
"approvalId": 42,
"deepLinkUrl": "https://app.prompteden.com/approvals/42",
"estimate": { "credits": 40 }
} Security model
External agents use Eden's guardrails.
Same approval system
MCP writes map into Eden's app tools and approval queue instead of creating a parallel permission path.
Taint defense on tool output
Untrusted content is marked, disclosed, or withheld before a risky write can become an approvable action.
Scoped identity
API keys and OAuth grants resolve to a team context on the server; agent-supplied tenant fields are not trusted.
Getting started
Connect the first agent.
Connect Claude Code to PromptEden (MCP)
Remote MCP config, first list_monitors call, approval_required writes, and 401/403 troubleshooting.
Read guideAgent auth: OAuth + PKCE
Authorization-code flow, S256 verifier, seeded client IDs, scopes, resource binding, and refresh tokens.
Read guideAPI keys quickstart
Create a scoped key, call REST v1, list monitors, and map the common error responses.
Read guideBring your agent
Let your agents drive the growth engine
Use hosted MCP or scoped API keys today. Writes still pass through PromptEden approvals, standing permissions, veto windows, and receipts.
Full access for 7 days. Card required, cancel anytime.