Back to blog
Integrationstriperecipe

Turn the Stripe API into MCP tools for Claude

A step-by-step recipe to expose Stripe's REST API as a secure MCP server — read-only by default — so you can pull customers, invoices, and balances straight from your AI client.

June 12, 2026·7 min read

Stripe is the API most teams want their AI to read first — customers, invoices, balances, and subscriptions all in one place. In this recipe you'll expose Stripe's REST API as a secure, read-only MCP server so you can ask "what's our balance?" or "show this customer's invoices" straight from Claude. We keep it read-only by default, because money operations deserve human hands.

Key takeaways
  • Stripe's API uses a secret key as a bearer token — store it server-side, never in the client.
  • Use a restricted, read-only API key for AI access.
  • Expose read tools (customers, invoices, balance); keep refunds and deletes off.
  • Cast injects the key on every call, so your AI client only ever sees a URL.
  • Every tool call is logged so you can audit what was read.
⚠️

Treat this as read access to financial data. Create a restricted key scoped to read-only resources in your Stripe dashboard, and never expose tools that move money to an autonomous agent.

1. Create a restricted Stripe API key

In the Stripe Dashboard, go to Developers → API keys → Create restricted key. Grant readpermissions only on the resources you want (Customers, Invoices, Balance), and leave everything else at "None." Copy the key — it starts with rk_live_ (or rk_test_ for test mode).

2. Create a workspace and point it at Stripe's spec

Create a new workspace in Cast, open the Upload tab, and provide Stripe's OpenAPI specification. Stripe publishes one publicly, so you can paste its URL or upload the file. Wait for tool generation to finish.

Workspace navigationactual UI
overview
upload
configure
connect
analytics
logs

3. Configure auth — Bearer Token

Stripe authenticates with the secret key as a bearer token (Authorization: Bearer rk_live_…). Switch to the Configure tab, choose Bearer Token, set the API base URL to https://api.stripe.com, and paste your restricted key.

Workspace navigationactual UI
overview
upload
configure
connect
analytics
logs
Configure → Authactual UI

API Base URL

https://api.stripe.com
🔑

Bearer Token

Authorization: Bearer <token>

#

API Key Header

X-Api-Key: <key>

Custom Headers

Any header name + value

🌐

OAuth 2.0

PKCE · DCR support

Bearer Token

eyJhbGciOi…

Stored encrypted — never visible after saving.

Save auth configuration
🔒

Cast encrypts the key with AES-256-GCM. It's never returned to the UI or written to logs. Rotate it anytime by pasting a new value and saving — no client changes needed.

4. Enable read tools, disable the rest

Stripe's spec is large. Enable just the read operations you need and leave anything that changes state switched off:

Configure → Toolsactual UI
GET

listCustomers

/v1/customers

GET

getCustomer

/v1/customers/{id}

GET

listInvoices

/v1/invoices

GET

getBalance

/v1/balance

POST

createRefund

/v1/refunds

DELETE

deleteCustomer

/v1/customers/{id}

Save changes

5. Get your MCP URL

Open the Connect tab and copy the snippet for your client. Your AI client connects to the URL; Cast adds the Stripe key on every upstream request.

Connect → Your MCP URLactual UI
Claude Desktop
Cursor
Windsurf
Cline
claude_desktop_config.json Copy
{
  "mcpServers": {
    "stripe": {
      "command": "npx",
      "args": [
        "-y",
        "mcp-remote@latest",
        "https://mcp.getcast.io/stripe-cmpstrp9001"
      ]
    }
  }
}
Server active · 0 errors

Try it

prompt
"List our 5 most recent Stripe customers and their email addresses."
"What is our current available balance?"
"Show unpaid invoices for customer cus_123."

6. Watch sessions, then add the next tools

Launching read-only isn't the finish line — it's the start of a feedback loop. Cast tracks every client connection as a session, with its geography, duration, and tool-call count, so you can see who's actually using your Stripe server:

Analytics → Sessionsactual UI
🇺🇸

United States

1m 54s · 11 tool calls

sselive
🇨🇦

Canada

32s · 4 tool calls

httpended
🇬🇧

United Kingdom

3m 12s · 16 tool calls

sseended

More valuable still, Cast analyzes the order of calls across sessions and surfaces recurring patterns — including the moments where agents reach for something you haven't enabled. That's your signal for which tool to add next:

Analytics → Patternsactual UI
getCustomerlistInvoicesgetInvoice

"show this customer's latest unpaid invoice"

seen in 37 sessions
getCustomergetSubscription?

"is this customer's subscription active?"

seen in 21 sessions

Here the data shows users repeatedly trying to check a subscription right after looking up a customer — but getSubscription was never enabled. Rather than guess, you go back to the Configure tab, toggle it on, save, and the next session has the tool it was looking for. You expand the server based on real demand, not assumptions.

When a pattern is both common and successful (like the invoice lookup above), Cast can even draft a reusable skill from it — turning a three-step sequence into a one-step workflow.

Production checklist

  • Use a restricted, read-only key — never your full secret key.
  • Keep refunds, charges, and deletes disabled.
  • Start in test mode (rk_test_) to validate before going live.
  • Review the Logs and Patterns tabs to confirm what's read and what to add next.

Connect Stripe — and any other API — to your AI

Upload an OpenAPI spec, configure auth, and get a live MCP endpoint in minutes — no infrastructure to manage.

Try Cast free

Frequently asked questions

Is it safe to connect Stripe to an AI assistant?

Yes, if you use a restricted read-only key and don't expose money-moving tools. The key stays encrypted on the server; the AI client only sees a URL.

Can the AI issue refunds or charges?

Only if you explicitly enable those tools and grant write scopes on the key. The safe default is read-only — keep refunds and charges off.

Where is my Stripe key stored?

Encrypted at rest with AES-256-GCM. It's injected into upstream calls server-side and never returned to the UI or written to logs.

Does this work with Stripe test mode?

Yes. Use a test-mode restricted key (rk_test_) to validate the setup before pointing it at live data.

Keep reading

Connect the GitHub API to Claude with an MCP server

Expose the GitHub REST API as MCP tools so your AI client can read issues, PRs, and repos. Covers token auth, choosing safe tools, and the connect snippet.