Kite MCP Server

Give Claude or ChatGPT direct access to your Zerodha Kite trading account — with order placement, paper trading, options Greeks, backtesting, Telegram alerts, and 11 pre-trade safety checks. 110+ tools. Open source, MIT.

Try the hosted demo (read-only) · Self-host in 60 seconds (full trading) · Compare vs official Zerodha MCP

claude mcp add --transport http kite https://kite-mcp-server.fly.dev/mcp

Then say: "Log me in to Kite. Show my portfolio. Backtest SMA crossover on INFY. Set an alert for RELIANCE 2% drop."

Works inside Claude Desktop, Claude Code, claude.ai, ChatGPT Connectors, Cursor, VS Code Copilot, Windsurf — anything MCP-compliant. Complementary to Zerodha's official read-only MCP (22 tools, GTT only); this server adds order placement, alerts, paper trading, options Greeks, and analytics.

Why trust this

• ~9,000 tests across 493 test files (44 in deploy repo + 449 in 32 externalized algo2go/kite-mcp-* modules) — run go test ./... -count=1 in each module

• Security audit: 27-pass manual analysis, 181 findings catalogued — 6 HIGH all FIXED; MEDIUM/LOW/INFO triage in progress (74 FIXED / 107 OPEN as of 2026-05-16). See SECURITY_AUDIT_FINDINGS.md for the line-item status table, SECURITY_AUDIT_REPORT.md for the original audit narrative, and SECURITY_PENTEST_RESULTS.md for pentest evidence.

• AES-256-GCM encryption at rest for every sensitive value — Kite tokens, API secrets, OAuth client secrets — key derived via HKDF from OAUTH_JWT_SECRET

• RiskGuard (11 pre-trade checks) — per-order value cap (Rs 50,000 default), quantity limit, daily order count (20/day), rate limit (10/min), per-second rate limit, duplicate detection (30s window), daily cumulative value cap (Rs 2,00,000), idempotency dedup, confirmation required, anomaly μ+3σ, off-hours block — plus kill switch + circuit breaker + global freeze layers + OTR-band + margin-sufficiency boundary checks. Last verified 2026-05-16 against algo2go/kite-mcp-riskguard/guard.go (16 RejectionReason constants total; 11 fire on every trade).

• Per-tool-call audit trail with 90-day retention — every MCP call logged to SQLite, CSV/JSON export via dashboard

• CI on every push — go build, go vet, go test -race (see .github/workflows/ci.yml)

• MIT license, open source — inspect anything. Upstream attribution to Zerodha Tech preserved in LICENSE

• Threat model: THREAT_MODEL.md. Security policy: SECURITY.md

Quick start

Option A — hosted demo (read-only)

Point your MCP client at:

https://kite-mcp-server.fly.dev/mcp

Order-placement tools are gated off on the hosted instance pursuant to NSE/INVG/69255 Annexure I Para 2.8. Read-only tools (portfolio, market data, backtesting, analytics) work. You still bring your own Kite developer app (per-user OAuth).

Option B — run locally (personal use, full functionality)

git clone https://github.com/Sundeepg98/kite-mcp-server && cd kite-mcp-server
cp .env.example .env               # edit: set OAUTH_JWT_SECRET (required)
docker compose up -d               # builds Dockerfile.selfhost and starts it
curl http://localhost:8080/healthz # should return "ok"

Point your client at http://localhost:8080/mcp (use --allow-http if your client requires it). Running locally against your own Kite account is the personal-use safe-harbor path — you remain the Zerodha Client; the software just helps you place orders.

Go users can skip Docker: go build -o kite-mcp-server && ./kite-mcp-server.

Option C — connect from your MCP client

Add this to your client config (~/.claude.json, claude_desktop_config.json, .vscode/mcp.json, etc.):

{
  "mcpServers": {
    "kite": {
      "command": "npx",
      "args": ["mcp-remote", "https://kite-mcp-server.fly.dev/mcp"]
    }
  }
}

Then say: "Log me in to Kite" — complete the OAuth flow in your browser — then ask anything: "Show my portfolio", "Backtest SMA crossover on INFY", "Enable paper trading mode".

New to this? Start with paper trading: "Enable paper trading mode" — virtual Rs 1 crore portfolio, no real money at risk.

Windows + Claude Code footnote: On Windows, cmd /c silently swallows JSON args containing escaped quotes (\"). If you need to pass static OAuth client info to mcp-remote, write the JSON to a file and reference it via --static-oauth-client-info @path/to/client-info.json instead of inline. Example client-info file lives at ~/.claude/mcp-servers/kite-fly-client.json in the canonical Windows setup.

OAuth discovery follows the standards: RFC 8414 (OAuth 2.0 Authorization Server Metadata at /.well-known/oauth-authorization-server) and RFC 9728 (OAuth 2.0 Protected Resource Metadata at /.well-known/oauth-protected-resource). mcp-remote auto-discovers via these endpoints — no manual auth configuration required on the client side.

Features

• Portfolio analysis — holdings, positions, margins, P&L, sector exposure (150+ stocks mapped), tax-loss harvest, concentration, dividends

• Market data — quotes, LTP, OHLC, historical candles, instrument search, 10+ technical indicators (SMA, EMA, RSI, MACD, Bollinger Bands)

• Options — Black-Scholes Greeks (delta, gamma, theta, vega, IV), option chain, 8 multi-leg strategy templates

• Backtesting — 4 built-in strategies (SMA crossover, RSI reversal, breakout, mean reversion) with Sharpe ratio and max drawdown

• Alerts — price above/below, percentage drop/rise, composite conditions, volume spike, Telegram delivery + native Kite GTT alerts

• Paper trading — virtual Rs 1 crore portfolio, simulated orders, background LIMIT fill monitor, toggle on/off

• RiskGuard — 11 pre-trade checks run before every order hits the exchange (kill switch, order value cap, quantity limit, daily count, rate limit, per-second rate limit, duplicate detection, daily notional cap, idempotency dedup, anomaly μ+3σ, off-hours block) — plus circuit breaker + global freeze layers

• MCP Apps widgets — inline portfolio / orders / alerts / activity UI on claude.ai, Claude Desktop, and ChatGPT

• Telegram bot — /buy, /sell, /quick, /setalert with inline keyboard confirmation; morning briefing (9 AM IST) and daily P&L (3:35 PM IST)

• Order placement — place, modify, cancel, GTT, convert positions, close-all (local build only; hosted deployment is read-only)

Full tool taxonomy with counts per category in ARCHITECTURE.md.

Architecture

Clean / hexagonal architecture:

AI Client <-> MCP Protocol <-> Tool Handler <-> Use Case <-> CQRS Command/Query <-> Broker Port <-> Kite Adapter <-> Kite Connect API <-> NSE/BSE

Go 1.25 + mcp-go v0.46.0. SQLite for persistence (credentials, alerts, sessions, audit trail — all AES-256-GCM encrypted), with Litestream continuous replication to Cloudflare R2. OAuth 2.1 + PKCE, each user brings their own Kite developer app. Middleware chain: Timeout -> Audit -> Hooks -> RiskGuard -> Rate Limiter -> Billing -> Paper Trading -> Dashboard URL. Deployed on Fly.io (Mumbai region) with static egress IP for SEBI-mandated whitelisting. See ARCHITECTURE.md.

Legal / compliance status

Not a SEBI-registered intermediary. This is infrastructure software, not an advisory or brokerage service.

• Per-user BYO Kite developer app — you remain the Zerodha Client of record. The server holds no pooled user funds and executes no trades on its own behalf.

• The hosted deployment at kite-mcp-server.fly.dev is read-only; order-placement tools are gated off pursuant to NSE/INVG/69255 Annexure I Para 2.8. Order placement requires running the server locally against your own account.

• Running the server locally against your personal Kite account is the personal-use safe-harbor path — analogous to running your own algo script. See OpenAlgo's framing of the compliance landscape for Indian algo vendors.

• Static egress IP (209.71.68.157, Mumbai) is published so users can whitelist it in their Kite developer console per the SEBI April 2026 mandate.

• TERMS.md and PRIVACY.md are DRAFT and under independent legal review. Do not rely on them as final legal agreements.

• Trading involves risk. This software is not financial advice. Not affiliated with Zerodha.

Environment variables

OAUTH_JWT_SECRET is the only required variable for multi-user HTTP deployments. Everything else is optional and activates specific features when set. Full table:

Client setup

Any MCP-compliant client works with the same mcp-remote bridge above. Client-specific file locations:

• Claude Code — ~/.claude.json (mcpServers key)

• Claude Desktop — %APPDATA%\Claude\claude_desktop_config.json (Windows) or ~/.config/Claude/claude_desktop_config.json (macOS/Linux)

• ChatGPT Desktop — Settings -> Tools & Integrations -> MCP Servers -> add URL

• VS Code / Cursor / Windsurf — .vscode/mcp.json or equivalent

Documentation

For users

• Quick start — run locally or connect to hosted

• Terms of Service & Privacy Policy (currently DRAFT — under legal review)

• BYO Anthropic API key — bypass Claude.ai Pro tool-call limits

• Uninstall + DPDP data deletion — disconnect or fully purge your stored data

For developers

• Architecture / how it works — 2,500-word OAuth deep-dive (also published as blog)

• Contributing

• Adding a new tool

• Environment variables

Operations

• Release checklist

• Operator playbook

• Incident response runbook — 4 crisis scenarios + contact directory

• Evidence package skeleton — pre-built for regulator/incident response

Compliance / legal

• NSE algo framework status — Path 1-4 comparison

• Kite v4 migration hedge — dependency risk mitigation

• SBOM generation — software bill of materials for supply chain transparency

• SECURITY.md

Funding / ecosystem

• FLOSS/fund proposal — Zerodha open-source grant application

• funding.json — machine-readable funding manifest

Claude Skills wrapper

• 8 Skills — /kite:morning, /kite:trade, /kite:eod, etc.

Research / strategic

• Launch materials

• Billing activation plan

• Multi-broker plan

Dashboard

Once logged in via MCP OAuth, the dashboard cookie is set automatically (no second login).

Comparison

The official server is the right choice for read-only, zero-setup use. This server is for traders who want order placement, safety rails, and analytics.

Prerequisites

• A Kite Connect developer app (Rs 500/month from Zerodha)

• npx (Node.js 18+) for mcp-remote — or Go 1.25+ to self-host from source

Registry

Submission to the official MCP Registry is pending — the io.github.Sundeepg98/kite-mcp-server namespace is reserved via server.json and will be published once final pre-launch verification completes. Auto-indexing by Smithery and Glama follows registry publication.

Contributing / funding

• Issues / PRs — github.com/Sundeepg98/kite-mcp-server/issues. See CONTRIBUTING.md.

• Built on — zerodha/kite-mcp-server (MIT). Huge thanks to Kailash Nadh and the Zerodha team for open-sourcing the foundation.

• Development —

  nix develop          # or: install Go 1.25+
  just build           # compile
  just test            # run the full test suite
  just lint            # format + vet + golangci-lint

License

MIT. Copyright notice preserved for original Zerodha Tech contribution.

Disclaimer

Trademark: kite-mcp-server is not affiliated with, endorsed by, or sponsored by Zerodha Broking Ltd. "Kite" and "Kite Connect" are trademarks of Zerodha Broking Ltd. This project is an independent open-source implementation of the Model Context Protocol server for the Kite Connect developer API.

Not investment advice: This software is a developer tool. Nothing in this repository, its documentation, or any output generated by the server constitutes investment, financial, legal, or tax advice. Trading decisions are the sole responsibility of the user operating their own Kite Connect developer application.

Personal-use scope: This server is designed for personal self-use by retail investors operating their own Kite Connect developer applications, consistent with SEBI's February 4, 2025 retail algorithmic trading framework §I(c) "family" carve-out (self, spouse, dependent children, dependent parents) and the <10 orders-per-second threshold. Multi-user hosting requires broker empanelment per SEBI §III(a) and NSE/INVG/67858 and is NOT supported by this repository.

Compliance

Applicable regulatory regimes (India):

• SEBI (Stock Brokers) Regulations 2026 — retail algorithmic trading framework (effective April 1, 2026)

• Digital Personal Data Protection Act, 2023 (DPDP Act) — enforcement ramping 2026; rules partially notified

• CERT-In Directions (April 2022) — cybersecurity incident reporting

What this server enforces out of the box:

SEBI framework posture:

• Self + family scope under SEBI §I(c) retail algo framework (Feb 4, 2025 circular): permitted for retail investor coding their own algo, on their own account, below 10 OPS threshold, for self/spouse/dependent-children/dependent-parents

• Multi-user hosting = empanelment required under §III(a) + broker-hosting mandate under NSE/INVG/67858 §I(h). Not supported by this repository.

• Algo-ID tagging (mandatory from April 1, 2026): injected server-side by Zerodha OMS for <10 OPS retail users — no client-side action required

DPDP posture:

• Data fiduciary: operator of the deployment

• Encryption at rest: AES-256-GCM via HKDF-derived keys

• Encryption in transit: TLS

• Audit log retention: 90 days (configurable via AUDIT_RETENTION_DAYS)

• Deletion on request: email <grievance officer email> or use dashboard tool

• Breach notification: CERT-In within 6 hours, users within 72 hours

• Personal/household exemption under DPDP s.17(2)(a): applies to self-only self-hosted use; voided by any external user

If you are self-hosting: you are the data fiduciary for your deployment. This section describes the code's capabilities; legal responsibilities belong to the operator.

Where this code cannot help:

• SEBI Investment Adviser / Research Analyst registration (different regime; out of scope)

• Tax compliance / GST (44ADA for sole prop, see your CA)

• Kite Connect Rs 500/month subscription (payable to Zerodha directly)

Reference documents in this repo:

• docs/PRIVACY.md — DPDP-aligned privacy notice (to be customized before hosting)

• docs/TERMS.md — SEBI-safe terms of service

• docs/incident-response.md — breach playbook

• docs/algo2go-tm-search.md — trademark search procedure (if renaming)