Skip to main content

MCP server

Cairn exposes a Model Context Protocol server so AI agents can work with your activity data — scoped to your account, over OAuth, read-only by default.

Endpoint & auth

  • Endpoint: https://<your-cairn>/mcp (Streamable HTTP transport).
  • The MCP server is an OAuth-protected resource. It advertises protected-resource metadata; the client then runs Authorization Code + PKCE (with Dynamic Client Registration) against Cairn's authorization server and calls /mcp with a bearer access token.
  • Every tool call is executed as the authenticated user, bounded by the token's scopes.

Connecting an agent

Point an MCP-capable client at the endpoint; OAuth is automatic:

// example MCP client config
{
"mcpServers": {
"cairn": {
"url": "https://cairn.example/mcp"
// OAuth (PKCE + DCR) is handled by the client; approve read-only scopes
}
}
}

Tools (read-only)

The current tool set is read-only — safe to hand to an assistant. Each tool is gated on the token's scope and runs as the token's user:

ToolScopeDescription
list_activitiesactivities:readyour most recent activities (newest first; limit arg)
get_activityactivities:readfull detail for one activity (owner-only)
activity_statsactivities:readlifetime totals: count, distance, moving time, elevation
personal_recordsactivities:readyour current personal records / best efforts
profileprofile:readyour profile + unit/locale preferences

Writes (creating manual activities, edits, social actions) are intentionally not exposed; they can be added later behind *:write scopes and explicit consent. More read tools (streams, training-load curves, segments) are straightforward follow-ons.

Protocol

Streamable HTTP, JSON-RPC 2.0. The server implements initialize, tools/list, tools/call and ping. A request without a valid bearer token gets 401 with:

WWW-Authenticate: Bearer resource_metadata="https://<your-cairn>/.well-known/oauth-protected-resource"

which is how the client discovers the authorization server and begins OAuth.

Security notes

  • Read-only tools + per-user scoping mean an agent can summarize and analyze but not change or delete anything.
  • Revoke an agent any time from your authorized-apps settings — its tokens stop working immediately.