Clawallex MCP Server

bootstrap

Establish agent identity by binding a client ID to your API key before making payments. Use this tool to generate a server-assigned ID or specify your preferred identifier for secure transaction handling.

Instructions

Bind a client_id to the current API Key, or let the server generate one. This is the recommended way to establish agent identity before making payment calls. Once bound, the client_id cannot be changed for this API Key. Behavior: • API Key not yet bound + no preferred_client_id → server generates a ca_ prefixed ID. • API Key not yet bound + preferred_client_id → binds the provided value. • API Key already bound + same value (or omitted) → idempotent, returns existing binding. • API Key already bound + different value → 409 conflict. On success, the returned client_id is automatically saved locally. Example: bootstrap() → { client_id: 'ca_abc123', created: true } Example: bootstrap({ preferred_client_id: 'my-agent-uuid' }) → { client_id: 'my-agent-uuid', created: true }

Input Schema

TableJSON Schema

Name	Required	Description	Default
`preferred_client_id`	No	Optional: your preferred client_id value. If omitted, server generates one with ca_ prefix.

Implementation Reference

src/tools/auth.ts:70-110 (handler)

Implementation of the "bootstrap" tool, which binds a client_id to the API key, either using a provided preferred_client_id or by letting the server generate one. It also handles the local saving of the bound client ID.

server.tool(
  "bootstrap",
  [
    "Bind a client_id to the current API Key, or let the server generate one.",
    "This is the recommended way to establish agent identity before making payment calls.",
    "Once bound, the client_id cannot be changed for this API Key.",
    "",
    "Behavior:",
    "• API Key not yet bound + no preferred_client_id → server generates a ca_ prefixed ID.",
    "• API Key not yet bound + preferred_client_id → binds the provided value.",
    "• API Key already bound + same value (or omitted) → idempotent, returns existing binding.",
    "• API Key already bound + different value → 409 conflict.",
    "",
    "On success, the returned client_id is automatically saved locally.",
    "",
    "Example: bootstrap() → { client_id: 'ca_abc123', created: true }",
    "Example: bootstrap({ preferred_client_id: 'my-agent-uuid' }) → { client_id: 'my-agent-uuid', created: true }",
  ].join(" "),
  {
    preferred_client_id: z.string()
      .describe("Optional: your preferred client_id value. If omitted, server generates one with ca_ prefix.")
      .optional(),
  },
  async ({ preferred_client_id }) => {
    try {
      const body: Record<string, unknown> = {};
      if (preferred_client_id) body.preferred_client_id = preferred_client_id;
      const result = await client.postAuth<{ client_id: string; created: boolean }>("/auth/bootstrap", body);
      saveClientId(client.baseUrlValue, result.client_id);
      client.setClientId(result.client_id);
      return toolOk({
        ...result,
        _hint: result.created
          ? `client_id '${result.client_id}' has been bound to this API Key and saved locally. All subsequent payment operations will use this identity.`
          : `Already bound to client_id '${result.client_id}'. No changes made.`,
      });
    } catch (err) {
      return toolError(err);
    }
  },
);

Tool Definition Quality

A4.4/5.0

Behavior5/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

With no annotations provided, the description carries the full burden and excels: it details the four-state behavior matrix (bound/unbound × provided/generated), declares idempotency, warns of 409 conflicts, and discloses the local side effect ('automatically saved locally').

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness4/5

Is the description appropriately sized, front-loaded, and free of redundancy?

Well-structured with front-loaded purpose, followed by usage context, constraint warning, bulleted behavior specifications, and examples. Slightly verbose but information-dense; every sentence serves a specific function for agent decision-making.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness5/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Despite lacking an output schema, the description provides explicit JSON return examples showing the structure ({client_id, created}), covers error conditions (409 conflict), and explains the immutable binding constraint—sufficient for a stateful initialization tool with complex idempotency rules.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema coverage is 100%, so the baseline is 3. The description adds concrete usage examples that clarify the parameter's role, but the schema already fully documents the optional string parameter and its 'ca_' prefix generation behavior.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description opens with the specific action ('Bind a client_id to the current API Key') and clearly distinguishes this identity-establishment tool from payment-oriented siblings like 'clawallex_pay' or 'create_card_order' in the function list.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines4/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

Explicitly states this is the 'recommended way to establish agent identity before making payment calls,' providing clear temporal context. However, it doesn't explicitly contrast with the 'whoami' sibling tool or state when NOT to use it (beyond the implicit 409 conflict case).

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security
Open Source Has a Bot Problem
By punkpeye on March 19, 2026.
open source

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/clawallex/clawallex-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server