bill4time-mcp
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@bill4time-mcpShow all unpaid invoices"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
bill4time-mcp
MCP server for Bill4Time — API coverage for legal billing and time tracking. Use Bill4Time from Claude Desktop with natural language.
What you can do
Clients — list, filter by status, search active/disabled
Projects — list, filter by client, status, billing method
Time Entries — list by client, project, user, invoice, date range, billing status
Expenses — list by client, project, invoice, date range
Invoices — list by status (prebill/finalized), paid status, client, project, date range
Payments — list by client, project, date range
Payments Applied — track payment-to-invoice applications
Users — list and look up users
Contacts — list by status, date range, contact connections
Trust Accounting — list trust records by client, project, date range
All resources support OData-style filtering via filter_expr parameter for advanced queries.
Related MCP server: Clio Manage MCP
Requirements
Python 3.10+
Claude Desktop (or any MCP-compatible client)
Bill4Time API key (create in Settings → API tab)
Note: The Bill4Time API is currently read-only. All tools retrieve data only.
Installation
pip install bill4time-mcpSetup
bill4time-mcp-setupThis prompts for your API key and tests the connection.
Verify:
bill4time-mcp-verifyCredential storage
By default the API key is stored in your operating system's native secret store
via the cross-platform keyring library:
OS | Backend |
macOS | Keychain |
Windows | Credential Manager |
Linux | Secret Service (GNOME Keyring / KWallet) |
The secret is saved under the service name bill4time-mcp. Nothing is written to
disk in clear text.
File fallback. On a host with no keyring backend (e.g. a headless Linux box
without Secret Service), or if you set BILL4TIME_MCP_USE_KEYRING=0, the key
falls back to a ~/.bill4time-mcp/.env file with 0600 permissions.
Read order. The key resolves in the order OS keyring → process environment →
.env file. So a rotated key in the keyring always wins, and a
BILL4TIME_API_KEY exported in your shell overrides the file fallback without
touching the keyring.
Pluggable backend. keyring lets you point at any secret store. For example,
install keyrings.cryptfile for
an encrypted file backend, or a cloud backend, then select it with the standard
PYTHON_KEYRING_BACKEND environment variable or a keyringrc.cfg. See the
keyring configuration docs.
Claude Desktop Configuration
{
"mcpServers": {
"bill4time": {
"command": "bill4time-mcp"
}
}
}Authentication Notes
Bill4Time uses an API key embedded directly in the URL path:
https://secure.bill4time.com/b4t-api/{api_key}/v1/{resource}No OAuth or token refresh required. Create API keys from Settings → API in your Bill4Time account.
OData Filtering
All list_* tools accept a filter_expr parameter for advanced filtering:
"status eq 'Active'"
"clientId eq 751"
"invoiceDate ge '2024-01-01' AND invoiceDate le '2024-12-31'"
"billingStatus eq 'Ready For Billing'"Supported operators: eq, ne, gt, ge, lt, le
Use top to limit results, orderby to sort, skip for pagination.
Example usage in Claude
"Show all unpaid invoices"
"List time entries for project 456 this month"
"Get all payments received from client 123 in 2024"
"Show trust account activity for client 789"
"List open projects ordered by project name"
Security note
API key in URL path. Bill4Time's API design embeds the API key directly as a path segment in every request URL (/b4t-api/{api_key}/v1/...). This is a Bill4Time API architecture constraint — the MCP loads your key from a local env file and never commits it to this repository. However, the key-in-URL design has the following implications you should be aware of:
Server/proxy access logs on any machine between your client and Bill4Time's servers will record the full request URL, including the API key, for the duration of their log retention policy.
Network monitoring tools that capture request URLs (e.g. HTTP proxies, security appliances, debugging tools) will expose the key in logged URLs.
If your key is compromised, all API access to your Bill4Time account — billing data, client records, invoices, payments — is accessible until the key is rotated.
Recommended practices:
Rotate your API key periodically (quarterly at minimum) from Settings → API in your Bill4Time account.
Keep access logs on this machine private — ensure
~/.bill4time-mcp/is not world-readable, and that any HTTP proxy or network capture tool running on this machine is restricted to authorised users.Rotate immediately if you suspect the key has been exposed (e.g. via a shared log file, a network trace, or an accidental
curl -vpaste).Use least-privilege — if Bill4Time offers read-only API keys in the future, prefer those for this MCP (all current tools are read-only).
License
MIT
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/RosenAdvertising/bill4time-mcp'
If you have feedback or need assistance with the MCP directory API, please join our Discord server