MCP integration overview

What MCP is

Model Context Protocol (MCP) is an open protocol for connecting LLM-driven applications to tools and data sources. Packagento exposes its marketplace operations as MCP tools so an assistant can call them on your behalf, with your explicit OAuth consent, exactly as if you were clicking around the customer area yourself.

What you can do through it

• Read your account. Identity, orgs, vendors, packages, versions, licences, projects, project tokens, orders, invoices, pending invites, and org members — every list_* tool is read-only.
• Set up projects + tokens. Create a buyer project and have a ready-to-paste auth.json snippet returned in one call (setup_project).
• Publish packages. Point at a Git repo URL; if your Git integration is connected, the package is ingested. If not, you get an OAuth URL to authorise (publish_package).
• Buy and install. Add to cart, charge a saved payment method off-session, attach the licence to a project, and receive the auth.json snippet — all in one call (purchase_and_install_package).
• Switch active org. Cart, projects, licences, orders, and webhooks are org-scoped — set_active_org swaps the context for every subsequent tool call.

How authorisation works

The first time an MCP client connects, you complete an OAuth consent dance in your browser. Packagento mints a long-lived refresh token (rotated every 90 days) plus short-lived access tokens (refreshed every hour). The MCP client stores those tokens; Packagento records the connected application on the MCP Integrations page in your customer area, where you can revoke access at any time.

Every MCP request runs as you — same role checks, same org gates, same audit log. The assistant cannot do anything you could not do yourself, and every action is attributed to your customer account.

Next steps

• Connect Claude Code or another MCP client
• Browse the MCP tool reference
• Manage your connected MCP applications