Umbrella MCP Server

authentication-guide.md•2.71 kB

# Authentication Guide for Umbrella MCP Server ## Method 1: Direct HTTP API (for scripts/testing) ### Step 1: Authenticate ```bash curl -X POST http://localhost:3000/auth \ -H "Content-Type: application/json" \ -d '{ "username": "your-email@example.com", "password": "your-password" }' ``` Response: ```json { "success": true, "bearerToken": "eyJhbGciOiJIUzI1NiIs...", "expiresIn": 86400 } ``` ### Step 2: Use the token for MCP calls ```bash curl -X POST http://localhost:3000/mcp \ -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIs..." \ -H "Content-Type: application/json" \ -d '{ "jsonrpc": "2.0", "id": 1, "method": "tools/call", "params": { "name": "get_recommendations", "arguments": { "customer_account_key": "16185" } } }' ``` ## Method 2: MCP Tool Authentication (for Claude Desktop) ### Step 1: Call authenticate_user tool When using Claude Desktop or mcp-remote, first call: ```json { "jsonrpc": "2.0", "method": "tools/call", "params": { "name": "authenticate_user", "arguments": { "username": "your-email@example.com", "password": "your-password" } }, "id": 1 } ``` ### Step 2: Use other tools After authentication, you can call other tools in the same session: ```json { "jsonrpc": "2.0", "method": "tools/call", "params": { "name": "get_recommendations", "arguments": { "customer_account_key": "16185" } }, "id": 2 } ``` ## Demo Mode For testing, you can use demo credentials: - **Username**: `demo@test.com` - **Password**: `demo` This will give you mock data without hitting the real API. ## How It Works Internally 1. **HTTP /auth endpoint**: - Authenticates with Umbrella API (Cognito or Keycloak) - Creates a JWT token with session info - Returns token to client 2. **MCP authenticate_user tool**: - Authenticates with Umbrella API - Stores session in memory (`activeSessions` Map) - Session persists for the connection 3. **Session Storage**: - HTTP: JWT token contains session data - MCP: Session stored in server memory - Both methods store: username, umbrellaToken, apiKey ## Important Notes - **Session Duration**: 24 hours for JWT tokens - **Multiple Accounts**: Use `customer_account_key` to switch accounts (e.g., Bank Hapoalim: `16185`) - **Cloud Context**: Use `cloud_context` parameter for GCP/Azure (auto-switches account) ## Real Account Examples ### Allcloud Account (has Bank Hapoalim access) ```json { "username": "david+allcloud@umbrellacost.com", "password": "B4*zcI7#F7poEC" } ``` ### Saola Account ```json { "username": "david+saola@umbrellacost.com", "password": "Dsamsung1!" } ```

Latest Blog Posts

Federated Learning with MCP: Building Privacy-Preserving Agents Across Distributed Edges
By Om-Shree-0709 on December 21, 2025.
Secure
mcp
Learning
What Is Context Bloat in MCP?
By Om-Shree-0709 on December 16, 2025.
mcp
Context Bloat
MCP Moves to the Linux Foundation: Neutral Stewardship for Agentic Infrastructure
By Om-Shree-0709 on December 15, 2025.
mcp
anthropic
Linux Foundation

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/daviddraiumbrella/invoice-monitoring'

If you have feedback or need assistance with the MCP directory API, please join our Discord server