tru-mcp 0.1.1 → 0.2.0

package/README.md

@@ -1,6 +1,6 @@
 # tru MCP Server
 
-MCP server for [tru](https://tru-by29.onrender.com) — portable identity and billing for AI agents. Lets any MCP-compatible agent (Claude, Cursor, etc.) verify users, request credentials, create charges, and issue virtual cards.
+MCP server for [tru](https://tru-by29.onrender.com) — auth and billing API in one. Verify identity, charge users, issue virtual cards, and get risk signals on every user. Payments flow to your existing Stripe account.
 
 ## Quick Setup
 
@@ -10,6 +10,8 @@ npx tru-mcp init
 
 This detects your MCP client (Claude Code, Claude Desktop, Cursor) and writes the config automatically.
 
+Don't have an API key yet? That's fine — add the MCP server first, then ask your agent to run `get_started`. It walks you through the entire setup.
+
 ### Manual Config
 
 Add to your `.mcp.json` (Claude Code) or equivalent:
@@ -36,39 +38,79 @@ Add to your `.mcp.json` (Claude Code) or equivalent:
 | `TRU_API_KEY` | Yes | Your tru API key (starts with `tru_ak_`) |
 | `TRU_API_URL` | No | tru server URL (default: `https://tru-by29.onrender.com`) |
 
+## Getting Started
+
+The MCP tools walk you through setup step by step:
+
+1. **`get_started`** — Full guide: what tru is, why it matters, risk signals, setup walkthrough
+2. **`register_app`** — Create your app, get an API key
+3. **`connect_stripe`** — Link your Stripe account to receive payments
+
+After that, you're live. All the tools below work immediately.
+
 ## Tools
 
 | Tool | Description |
 |------|-------------|
-| `check_identity` | Check if a user has a verified tru identity |
-| `request_credentials` | Request verified credential data from a user's vault |
+| **Setup** | |
+| `get_started` | Full setup guide — what tru is, how to integrate, risk signals explained |
+| `register_app` | Register a new app on tru and get an API key |
+| `connect_stripe` | Link your existing Stripe account to receive payments |
+| **Identity & Credentials** | |
+| `check_identity` | Verify a user + get risk signals (level, score, card funding, country) |
+| `request_credentials` | Request verified data from a user's vault (name, email, phone, address) |
 | `check_request_status` | Poll the status of a credential request |
+| **Billing** | |
 | `create_charge` | Create a direct charge or subscription |
 | `check_charge_status` | Check the status of a charge request |
 | `request_virtual_card` | Issue a single-use virtual card for agent purchases |
+| **Discovery** | |
 | `discover_apps` | Browse registered apps on the tru platform |
 | `read_skill` | Read an app's agent skill guide |
 | `initiate_oauth` | Start an OAuth login flow with a tru-registered app |
-| `register_app` | [Developer] Register a new app on the tru platform |
 
-## Example Agent Conversation
+## Why tru?
+
+- **Risk signals from day one** — every user carries a risk profile built from Stripe Radar. Use risk level, score, card funding type, country, and fingerprint reuse to set trial length, spending limits, and feature access.
+- **Auth + billing in one API** — stop stitching together Stripe, an identity provider, a KYC vendor, and your own spending controls.
+- **Payments to your Stripe** — connect via OAuth, money flows to your existing account. Same dashboard, same bank, same everything.
+- **Users control spending** — they set per-app rules ("auto-approve under $10"), which builds trust and increases conversion.
+
+## Example: Developer Setup
+
+```
+Developer: I want to integrate tru into my app
+
+Agent: → get_started()
+       Here's how tru works...
+
+Agent: Let's register your app.
+       → register_app(service_name: "my-app", display_name: "My App", owner_email: "dev@example.com")
+       ✓ App created — API key: tru_ak_...
+
+Agent: Now let's connect your Stripe account.
+       → connect_stripe(service_name: "my-app")
+       Open this URL to authorize: https://connect.stripe.com/oauth/authorize?...
 
+Agent: You're live. Charges approved by tru users will flow to your Stripe account.
 ```
-User: "Sign me up for that new service"
-Agent: Let me check your tru identity first.
-       → check_identity(email: "user@example.com")
-       ✓ Verified
 
-Agent: I'll request your credentials for signup.
-       → request_credentials(email: "user@example.com", fields: ["name", "email"])
+## Example: End User Flow
+
+```
+User: Sign me up for that new service
+
+Agent: → check_identity(email: "user@example.com")
+       ✓ Verified — risk: low, score: 12, debit card, US
+
+Agent: → request_credentials(email: "user@example.com", fields: ["name", "email"])
        ⏳ Pending — approve on your tru dashboard
 
 Agent: → check_request_status(request_id: "req_abc123")
        ✓ Approved — got name and email
 
-Agent: Now let me create the account and handle payment.
-       → create_charge(email: "user@example.com", amount_cents: 999, description: "Monthly plan")
-       ✓ Auto-approved by your spending rules
+Agent: → create_charge(email: "user@example.com", amount_cents: 999, description: "Monthly plan")
+       ✓ Auto-approved by spending rules
 ```
 
 ## License

package/dist/api-client.d.ts

@@ -103,5 +103,15 @@ export interface ChargeStatusResponse {
     [key: string]: unknown;
 }
 export declare function getChargeStatus(id: string): Promise<ChargeStatusResponse>;
+export interface ConnectOAuthResponse {
+    already_connected: boolean;
+    app_id: string;
+    display_name: string;
+    url?: string;
+    status?: string;
+    charges_enabled?: boolean;
+    payouts_enabled?: boolean;
+}
+export declare function getConnectOAuthUrl(serviceName: string): Promise<ConnectOAuthResponse>;
 export declare function requestAgentCard(email: string, amountCents: number, description?: string, targetService?: string, currency?: string, action?: string): Promise<AgentCardResponse>;
 export {};

package/dist/api-client.js

@@ -59,6 +59,9 @@ export async function registerApp(params) {
 export async function getChargeStatus(id) {
     return (await request(`/api/billing/charges/${encodeURIComponent(id)}`));
 }
+export async function getConnectOAuthUrl(serviceName) {
+    return (await request(`/api/connect/by-service/${encodeURIComponent(serviceName)}/oauth-url`));
+}
 export async function requestAgentCard(email, amountCents, description, targetService, currency, action) {
     return (await request("/api/billing/agent-card", {
         method: "POST",

package/dist/api-client.js.map

@@ -1 +1 @@
-{"version":3,"file":"api-client.js","sourceRoot":"","sources":["../src/api-client.ts"],"names":[],"mappings":"AAAA,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,WAAW,IAAI,uBAAuB,CAAC;AACpE,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,WAAW,IAAI,EAAE,CAAC;AA8B9C,KAAK,UAAU,OAAO,CAAC,IAAY,EAAE,UAAuB,EAAE;IAC5D,MAAM,GAAG,GAAG,GAAG,QAAQ,GAAG,IAAI,EAAE,CAAC;IACjC,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;QAC3B,GAAG,OAAO;QACV,OAAO,EAAE;YACP,cAAc,EAAE,kBAAkB;YAClC,WAAW,EAAE,OAAO;YACpB,GAAG,OAAO,CAAC,OAAO;SACnB;KACF,CAAC,CAAC;IAEH,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;QACZ,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC;QAC9B,MAAM,IAAI,KAAK,CAAC,aAAa,GAAG,CAAC,MAAM,KAAK,IAAI,EAAE,CAAC,CAAC;IACtD,CAAC;IAED,OAAO,GAAG,CAAC,IAAI,EAAE,CAAC;AACpB,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,aAAa,CAAC,KAAa;IAC/C,OAAO,CAAC,MAAM,OAAO,CAAC,0BAA0B,kBAAkB,CAAC,KAAK,CAAC,EAAE,CAAC,CAA0B,CAAC;AACzG,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,KAAa,EACb,OAAe,EACf,MAAgB;IAEhB,OAAO,CAAC,MAAM,OAAO,CAAC,kBAAkB,EAAE;QACxC,MAAM,EAAE,MAAM;QACd,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;YACnB,KAAK;YACL,OAAO;YACP,MAAM;SACP,CAAC;KACH,CAAC,CAAsB,CAAC;AAC3B,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,EAAU;IAC/C,OAAO,CAAC,MAAM,OAAO,CAAC,oBAAoB,kBAAkB,CAAC,EAAE,CAAC,EAAE,CAAC,CAAsB,CAAC;AAC5F,CAAC;AAmBD,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,KAAa,EACb,WAAmB,EACnB,WAAoB,EACpB,IAAa,EACb,QAAiB,EACjB,QAAiB,EACjB,WAAoB,EACpB,MAAe;IAEf,OAAO,CAAC,MAAM,OAAO,CAAC,sBAAsB,EAAE;QAC5C,MAAM,EAAE,MAAM;QACd,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;YACnB,KAAK;YACL,YAAY,EAAE,WAAW;YACzB,QAAQ,EAAE,QAAQ,IAAI,KAAK;YAC3B,WAAW;YACX,IAAI,EAAE,IAAI,IAAI,UAAU;YACxB,QAAQ;YACR,YAAY,EAAE,WAAW,IAAI,QAAQ;YACrC,MAAM;SACP,CAAC;KACH,CAAC,CAAmB,CAAC;AACxB,CAAC;AAoCD,MAAM,CAAC,KAAK,UAAU,sBAAsB,CAAC,WAAmB;IAC9D,OAAO,CAAC,MAAM,OAAO,CAAC,wBAAwB,kBAAkB,CAAC,WAAW,CAAC,EAAE,CAAC,CAAsB,CAAC;AACzG,CAAC;AAyBD,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,MAAyB;IACzD,OAAO,CAAC,MAAM,OAAO,CAAC,oBAAoB,EAAE;QAC1C,MAAM,EAAE,MAAM;QACd,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC;KAC7B,CAAC,CAAwB,CAAC;AAC7B,CAAC;AAgBD,MAAM,CAAC,KAAK,UAAU,eAAe,CAAC,EAAU;IAC9C,OAAO,CAAC,MAAM,OAAO,CAAC,wBAAwB,kBAAkB,CAAC,EAAE,CAAC,EAAE,CAAC,CAAyB,CAAC;AACnG,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,gBAAgB,CACpC,KAAa,EACb,WAAmB,EACnB,WAAoB,EACpB,aAAsB,EACtB,QAAiB,EACjB,MAAe;IAEf,OAAO,CAAC,MAAM,OAAO,CAAC,yBAAyB,EAAE;QAC/C,MAAM,EAAE,MAAM;QACd,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;YACnB,KAAK;YACL,YAAY,EAAE,WAAW;YACzB,QAAQ,EAAE,QAAQ,IAAI,KAAK;YAC3B,WAAW;YACX,cAAc,EAAE,aAAa;YAC7B,MAAM;SACP,CAAC;KACH,CAAC,CAAsB,CAAC;AAC3B,CAAC"}
+{"version":3,"file":"api-client.js","sourceRoot":"","sources":["../src/api-client.ts"],"names":[],"mappings":"AAAA,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,WAAW,IAAI,uBAAuB,CAAC;AACpE,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,WAAW,IAAI,EAAE,CAAC;AA8B9C,KAAK,UAAU,OAAO,CAAC,IAAY,EAAE,UAAuB,EAAE;IAC5D,MAAM,GAAG,GAAG,GAAG,QAAQ,GAAG,IAAI,EAAE,CAAC;IACjC,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;QAC3B,GAAG,OAAO;QACV,OAAO,EAAE;YACP,cAAc,EAAE,kBAAkB;YAClC,WAAW,EAAE,OAAO;YACpB,GAAG,OAAO,CAAC,OAAO;SACnB;KACF,CAAC,CAAC;IAEH,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;QACZ,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC;QAC9B,MAAM,IAAI,KAAK,CAAC,aAAa,GAAG,CAAC,MAAM,KAAK,IAAI,EAAE,CAAC,CAAC;IACtD,CAAC;IAED,OAAO,GAAG,CAAC,IAAI,EAAE,CAAC;AACpB,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,aAAa,CAAC,KAAa;IAC/C,OAAO,CAAC,MAAM,OAAO,CAAC,0BAA0B,kBAAkB,CAAC,KAAK,CAAC,EAAE,CAAC,CAA0B,CAAC;AACzG,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,KAAa,EACb,OAAe,EACf,MAAgB;IAEhB,OAAO,CAAC,MAAM,OAAO,CAAC,kBAAkB,EAAE;QACxC,MAAM,EAAE,MAAM;QACd,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;YACnB,KAAK;YACL,OAAO;YACP,MAAM;SACP,CAAC;KACH,CAAC,CAAsB,CAAC;AAC3B,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,EAAU;IAC/C,OAAO,CAAC,MAAM,OAAO,CAAC,oBAAoB,kBAAkB,CAAC,EAAE,CAAC,EAAE,CAAC,CAAsB,CAAC;AAC5F,CAAC;AAmBD,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,KAAa,EACb,WAAmB,EACnB,WAAoB,EACpB,IAAa,EACb,QAAiB,EACjB,QAAiB,EACjB,WAAoB,EACpB,MAAe;IAEf,OAAO,CAAC,MAAM,OAAO,CAAC,sBAAsB,EAAE;QAC5C,MAAM,EAAE,MAAM;QACd,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;YACnB,KAAK;YACL,YAAY,EAAE,WAAW;YACzB,QAAQ,EAAE,QAAQ,IAAI,KAAK;YAC3B,WAAW;YACX,IAAI,EAAE,IAAI,IAAI,UAAU;YACxB,QAAQ;YACR,YAAY,EAAE,WAAW,IAAI,QAAQ;YACrC,MAAM;SACP,CAAC;KACH,CAAC,CAAmB,CAAC;AACxB,CAAC;AAoCD,MAAM,CAAC,KAAK,UAAU,sBAAsB,CAAC,WAAmB;IAC9D,OAAO,CAAC,MAAM,OAAO,CAAC,wBAAwB,kBAAkB,CAAC,WAAW,CAAC,EAAE,CAAC,CAAsB,CAAC;AACzG,CAAC;AAyBD,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,MAAyB;IACzD,OAAO,CAAC,MAAM,OAAO,CAAC,oBAAoB,EAAE;QAC1C,MAAM,EAAE,MAAM;QACd,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC;KAC7B,CAAC,CAAwB,CAAC;AAC7B,CAAC;AAgBD,MAAM,CAAC,KAAK,UAAU,eAAe,CAAC,EAAU;IAC9C,OAAO,CAAC,MAAM,OAAO,CAAC,wBAAwB,kBAAkB,CAAC,EAAE,CAAC,EAAE,CAAC,CAAyB,CAAC;AACnG,CAAC;AAcD,MAAM,CAAC,KAAK,UAAU,kBAAkB,CAAC,WAAmB;IAC1D,OAAO,CAAC,MAAM,OAAO,CAAC,2BAA2B,kBAAkB,CAAC,WAAW,CAAC,YAAY,CAAC,CAAyB,CAAC;AACzH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,gBAAgB,CACpC,KAAa,EACb,WAAmB,EACnB,WAAoB,EACpB,aAAsB,EACtB,QAAiB,EACjB,MAAe;IAEf,OAAO,CAAC,MAAM,OAAO,CAAC,yBAAyB,EAAE;QAC/C,MAAM,EAAE,MAAM;QACd,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;YACnB,KAAK;YACL,YAAY,EAAE,WAAW;YACzB,QAAQ,EAAE,QAAQ,IAAI,KAAK;YAC3B,WAAW;YACX,cAAc,EAAE,aAAa;YAC7B,MAAM;SACP,CAAC;KACH,CAAC,CAAsB,CAAC;AAC3B,CAAC"}

package/dist/server.js

@@ -10,6 +10,8 @@ import { createChargeTool } from "./tools/create_charge.js";
 import { checkChargeStatusTool } from "./tools/check_charge_status.js";
 import { registerAppTool } from "./tools/register_app.js";
 import { initiateOAuthTool } from "./tools/initiate_oauth.js";
+import { connectStripeTool } from "./tools/connect_stripe.js";
+import { getStartedTool } from "./tools/get_started.js";
 const server = new McpServer({
     name: "tru-identity",
     version: "0.1.0",
@@ -25,6 +27,8 @@ server.tool(createChargeTool.name, createChargeTool.description, createChargeToo
 server.tool(checkChargeStatusTool.name, checkChargeStatusTool.description, checkChargeStatusTool.inputSchema, checkChargeStatusTool.handler);
 server.tool(registerAppTool.name, registerAppTool.description, registerAppTool.inputSchema, registerAppTool.handler);
 server.tool(initiateOAuthTool.name, initiateOAuthTool.description, initiateOAuthTool.inputSchema, initiateOAuthTool.handler);
+server.tool(connectStripeTool.name, connectStripeTool.description, connectStripeTool.inputSchema, connectStripeTool.handler);
+server.tool(getStartedTool.name, getStartedTool.description, getStartedTool.inputSchema, getStartedTool.handler);
 export async function run() {
     const transport = new StdioServerTransport();
     await server.connect(transport);

package/dist/server.js.map

@@ -1 +1 @@
-{"version":3,"file":"server.js","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,yCAAyC,CAAC;AACpE,OAAO,EAAE,oBAAoB,EAAE,MAAM,2CAA2C,CAAC;AACjF,OAAO,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAC;AAC9D,OAAO,EAAE,sBAAsB,EAAE,MAAM,gCAAgC,CAAC;AACxE,OAAO,EAAE,sBAAsB,EAAE,MAAM,iCAAiC,CAAC;AACzE,OAAO,EAAE,sBAAsB,EAAE,MAAM,iCAAiC,CAAC;AACzE,OAAO,EAAE,gBAAgB,EAAE,MAAM,0BAA0B,CAAC;AAC5D,OAAO,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AACtD,OAAO,EAAE,gBAAgB,EAAE,MAAM,0BAA0B,CAAC;AAC5D,OAAO,EAAE,qBAAqB,EAAE,MAAM,gCAAgC,CAAC;AACvE,OAAO,EAAE,eAAe,EAAE,MAAM,yBAAyB,CAAC;AAC1D,OAAO,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAC;AAE9D,MAAM,MAAM,GAAG,IAAI,SAAS,CAAC;IAC3B,IAAI,EAAE,cAAc;IACpB,OAAO,EAAE,OAAO;CACjB,CAAC,CAAC;AAEH,iBAAiB;AACjB,MAAM,CAAC,IAAI,CACT,iBAAiB,CAAC,IAAI,EACtB,iBAAiB,CAAC,WAAW,EAC7B,iBAAiB,CAAC,WAAW,EAC7B,iBAAiB,CAAC,OAAO,CAC1B,CAAC;AAEF,MAAM,CAAC,IAAI,CACT,sBAAsB,CAAC,IAAI,EAC3B,sBAAsB,CAAC,WAAW,EAClC,sBAAsB,CAAC,WAAW,EAClC,sBAAsB,CAAC,OAAO,CAC/B,CAAC;AAEF,MAAM,CAAC,IAAI,CACT,sBAAsB,CAAC,IAAI,EAC3B,sBAAsB,CAAC,WAAW,EAClC,sBAAsB,CAAC,WAAW,EAClC,sBAAsB,CAAC,OAAO,CAC/B,CAAC;AAEF,MAAM,CAAC,IAAI,CACT,sBAAsB,CAAC,IAAI,EAC3B,sBAAsB,CAAC,WAAW,EAClC,sBAAsB,CAAC,WAAW,EAClC,sBAAsB,CAAC,OAAO,CAC/B,CAAC;AAEF,MAAM,CAAC,IAAI,CACT,gBAAgB,CAAC,IAAI,EACrB,gBAAgB,CAAC,WAAW,EAC5B,gBAAgB,CAAC,WAAW,EAC5B,gBAAgB,CAAC,OAAO,CACzB,CAAC;AAEF,MAAM,CAAC,IAAI,CACT,aAAa,CAAC,IAAI,EAClB,aAAa,CAAC,WAAW,EACzB,aAAa,CAAC,WAAW,EACzB,aAAa,CAAC,OAAO,CACtB,CAAC;AAEF,MAAM,CAAC,IAAI,CACT,gBAAgB,CAAC,IAAI,EACrB,gBAAgB,CAAC,WAAW,EAC5B,gBAAgB,CAAC,WAAW,EAC5B,gBAAgB,CAAC,OAAO,CACzB,CAAC;AAEF,MAAM,CAAC,IAAI,CACT,qBAAqB,CAAC,IAAI,EAC1B,qBAAqB,CAAC,WAAW,EACjC,qBAAqB,CAAC,WAAW,EACjC,qBAAqB,CAAC,OAAO,CAC9B,CAAC;AAEF,MAAM,CAAC,IAAI,CACT,eAAe,CAAC,IAAI,EACpB,eAAe,CAAC,WAAW,EAC3B,eAAe,CAAC,WAAW,EAC3B,eAAe,CAAC,OAAO,CACxB,CAAC;AAEF,MAAM,CAAC,IAAI,CACT,iBAAiB,CAAC,IAAI,EACtB,iBAAiB,CAAC,WAAW,EAC7B,iBAAiB,CAAC,WAAW,EAC7B,iBAAiB,CAAC,OAAO,CAC1B,CAAC;AAEF,MAAM,CAAC,KAAK,UAAU,GAAG;IACvB,MAAM,SAAS,GAAG,IAAI,oBAAoB,EAAE,CAAC;IAC7C,MAAM,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IAChC,OAAO,CAAC,KAAK,CAAC,0CAA0C,CAAC,CAAC;AAC5D,CAAC"}
+{"version":3,"file":"server.js","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,yCAAyC,CAAC;AACpE,OAAO,EAAE,oBAAoB,EAAE,MAAM,2CAA2C,CAAC;AACjF,OAAO,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAC;AAC9D,OAAO,EAAE,sBAAsB,EAAE,MAAM,gCAAgC,CAAC;AACxE,OAAO,EAAE,sBAAsB,EAAE,MAAM,iCAAiC,CAAC;AACzE,OAAO,EAAE,sBAAsB,EAAE,MAAM,iCAAiC,CAAC;AACzE,OAAO,EAAE,gBAAgB,EAAE,MAAM,0BAA0B,CAAC;AAC5D,OAAO,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AACtD,OAAO,EAAE,gBAAgB,EAAE,MAAM,0BAA0B,CAAC;AAC5D,OAAO,EAAE,qBAAqB,EAAE,MAAM,gCAAgC,CAAC;AACvE,OAAO,EAAE,eAAe,EAAE,MAAM,yBAAyB,CAAC;AAC1D,OAAO,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAC;AAC9D,OAAO,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAC;AAC9D,OAAO,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AAExD,MAAM,MAAM,GAAG,IAAI,SAAS,CAAC;IAC3B,IAAI,EAAE,cAAc;IACpB,OAAO,EAAE,OAAO;CACjB,CAAC,CAAC;AAEH,iBAAiB;AACjB,MAAM,CAAC,IAAI,CACT,iBAAiB,CAAC,IAAI,EACtB,iBAAiB,CAAC,WAAW,EAC7B,iBAAiB,CAAC,WAAW,EAC7B,iBAAiB,CAAC,OAAO,CAC1B,CAAC;AAEF,MAAM,CAAC,IAAI,CACT,sBAAsB,CAAC,IAAI,EAC3B,sBAAsB,CAAC,WAAW,EAClC,sBAAsB,CAAC,WAAW,EAClC,sBAAsB,CAAC,OAAO,CAC/B,CAAC;AAEF,MAAM,CAAC,IAAI,CACT,sBAAsB,CAAC,IAAI,EAC3B,sBAAsB,CAAC,WAAW,EAClC,sBAAsB,CAAC,WAAW,EAClC,sBAAsB,CAAC,OAAO,CAC/B,CAAC;AAEF,MAAM,CAAC,IAAI,CACT,sBAAsB,CAAC,IAAI,EAC3B,sBAAsB,CAAC,WAAW,EAClC,sBAAsB,CAAC,WAAW,EAClC,sBAAsB,CAAC,OAAO,CAC/B,CAAC;AAEF,MAAM,CAAC,IAAI,CACT,gBAAgB,CAAC,IAAI,EACrB,gBAAgB,CAAC,WAAW,EAC5B,gBAAgB,CAAC,WAAW,EAC5B,gBAAgB,CAAC,OAAO,CACzB,CAAC;AAEF,MAAM,CAAC,IAAI,CACT,aAAa,CAAC,IAAI,EAClB,aAAa,CAAC,WAAW,EACzB,aAAa,CAAC,WAAW,EACzB,aAAa,CAAC,OAAO,CACtB,CAAC;AAEF,MAAM,CAAC,IAAI,CACT,gBAAgB,CAAC,IAAI,EACrB,gBAAgB,CAAC,WAAW,EAC5B,gBAAgB,CAAC,WAAW,EAC5B,gBAAgB,CAAC,OAAO,CACzB,CAAC;AAEF,MAAM,CAAC,IAAI,CACT,qBAAqB,CAAC,IAAI,EAC1B,qBAAqB,CAAC,WAAW,EACjC,qBAAqB,CAAC,WAAW,EACjC,qBAAqB,CAAC,OAAO,CAC9B,CAAC;AAEF,MAAM,CAAC,IAAI,CACT,eAAe,CAAC,IAAI,EACpB,eAAe,CAAC,WAAW,EAC3B,eAAe,CAAC,WAAW,EAC3B,eAAe,CAAC,OAAO,CACxB,CAAC;AAEF,MAAM,CAAC,IAAI,CACT,iBAAiB,CAAC,IAAI,EACtB,iBAAiB,CAAC,WAAW,EAC7B,iBAAiB,CAAC,WAAW,EAC7B,iBAAiB,CAAC,OAAO,CAC1B,CAAC;AAEF,MAAM,CAAC,IAAI,CACT,iBAAiB,CAAC,IAAI,EACtB,iBAAiB,CAAC,WAAW,EAC7B,iBAAiB,CAAC,WAAW,EAC7B,iBAAiB,CAAC,OAAO,CAC1B,CAAC;AAEF,MAAM,CAAC,IAAI,CACT,cAAc,CAAC,IAAI,EACnB,cAAc,CAAC,WAAW,EAC1B,cAAc,CAAC,WAAW,EAC1B,cAAc,CAAC,OAAO,CACvB,CAAC;AAEF,MAAM,CAAC,KAAK,UAAU,GAAG;IACvB,MAAM,SAAS,GAAG,IAAI,oBAAoB,EAAE,CAAC;IAC7C,MAAM,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IAChC,OAAO,CAAC,KAAK,CAAC,0CAA0C,CAAC,CAAC;AAC5D,CAAC"}

package/dist/tools/connect_stripe.d.ts

@@ -0,0 +1,23 @@
+import { z } from "zod";
+export declare const connectStripeTool: {
+    name: string;
+    description: string;
+    inputSchema: {
+        service_name: z.ZodString;
+    };
+    handler: (args: {
+        service_name: string;
+    }) => Promise<{
+        content: {
+            type: "text";
+            text: string;
+        }[];
+        isError?: undefined;
+    } | {
+        content: {
+            type: "text";
+            text: string;
+        }[];
+        isError: boolean;
+    }>;
+};

package/dist/tools/connect_stripe.js

@@ -0,0 +1,74 @@
+import { z } from "zod";
+import { getConnectOAuthUrl } from "../api-client.js";
+export const connectStripeTool = {
+    name: "connect_stripe",
+    description: "Generate a Stripe Connect OAuth URL for an app developer to link their existing Stripe account to tru. " +
+        "Once connected, charges approved by tru users are routed directly to the developer's Stripe account via destination charges. " +
+        "The developer keeps full access to their Stripe dashboard, refunds, disputes, Radar, and all Stripe features. " +
+        "Nothing about their existing Stripe setup changes — tru simply becomes another source of payments flowing into their account.",
+    inputSchema: {
+        service_name: z
+            .string()
+            .describe("The service_name of the app to connect to Stripe"),
+    },
+    handler: async (args) => {
+        try {
+            const result = await getConnectOAuthUrl(args.service_name);
+            if (result.already_connected) {
+                const lines = [
+                    `## ${result.display_name} — Stripe Already Connected`,
+                    "",
+                    `This app's Stripe account is already linked to tru.`,
+                    "",
+                    `- **Status:** ${result.status}`,
+                    `- **Charges enabled:** ${result.charges_enabled ? "Yes" : "No"}`,
+                    `- **Payouts enabled:** ${result.payouts_enabled ? "Yes" : "No"}`,
+                    "",
+                    "Charges approved by tru users will be routed to this Stripe account automatically.",
+                ];
+                return {
+                    content: [{ type: "text", text: lines.join("\n") }],
+                };
+            }
+            const lines = [
+                `## Connect Stripe to ${result.display_name}`,
+                "",
+                "Open this URL in your browser to link your Stripe account:",
+                "",
+                result.url,
+                "",
+                "### What happens when you click this link:",
+                "",
+                "1. You'll be taken to Stripe and asked to authorize the connection",
+                "2. **Log in with your existing Stripe account** — no new account needed",
+                "3. Stripe redirects you back to tru, and the connection is saved",
+                "",
+                "### What this means for your business:",
+                "",
+                "- **Payments flow to your existing Stripe account** — same dashboard, same bank, same payouts",
+                "- **You keep full Stripe access** — refunds, disputes, Radar, reporting, webhooks, everything",
+                "- **Nothing changes about your current setup** — tru is just another source of payments",
+                "- **You can still charge customers directly** outside of tru at the same time",
+                "- tru uses Stripe's destination charge model, so your Stripe account retains full ownership",
+                "",
+                "Once connected, any charges approved by tru users will be routed directly to your Stripe account.",
+            ];
+            return {
+                content: [{ type: "text", text: lines.join("\n") }],
+            };
+        }
+        catch (err) {
+            const message = err instanceof Error ? err.message : String(err);
+            return {
+                content: [
+                    {
+                        type: "text",
+                        text: `Error generating Stripe Connect URL: ${message}`,
+                    },
+                ],
+                isError: true,
+            };
+        }
+    },
+};
+//# sourceMappingURL=connect_stripe.js.map

package/dist/tools/connect_stripe.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"connect_stripe.js","sourceRoot":"","sources":["../../src/tools/connect_stripe.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,EAAE,kBAAkB,EAAE,MAAM,kBAAkB,CAAC;AAEtD,MAAM,CAAC,MAAM,iBAAiB,GAAG;IAC/B,IAAI,EAAE,gBAAgB;IACtB,WAAW,EACT,yGAAyG;QACzG,+HAA+H;QAC/H,gHAAgH;QAChH,+HAA+H;IACjI,WAAW,EAAE;QACX,YAAY,EAAE,CAAC;aACZ,MAAM,EAAE;aACR,QAAQ,CAAC,kDAAkD,CAAC;KAChE;IACD,OAAO,EAAE,KAAK,EAAE,IAA8B,EAAE,EAAE;QAChD,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,kBAAkB,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;YAE3D,IAAI,MAAM,CAAC,iBAAiB,EAAE,CAAC;gBAC7B,MAAM,KAAK,GAAG;oBACZ,MAAM,MAAM,CAAC,YAAY,6BAA6B;oBACtD,EAAE;oBACF,qDAAqD;oBACrD,EAAE;oBACF,iBAAiB,MAAM,CAAC,MAAM,EAAE;oBAChC,0BAA0B,MAAM,CAAC,eAAe,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,EAAE;oBACjE,0BAA0B,MAAM,CAAC,eAAe,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,EAAE;oBACjE,EAAE;oBACF,oFAAoF;iBACrF,CAAC;gBAEF,OAAO;oBACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;iBAC7D,CAAC;YACJ,CAAC;YAED,MAAM,KAAK,GAAG;gBACZ,wBAAwB,MAAM,CAAC,YAAY,EAAE;gBAC7C,EAAE;gBACF,4DAA4D;gBAC5D,EAAE;gBACF,MAAM,CAAC,GAAI;gBACX,EAAE;gBACF,4CAA4C;gBAC5C,EAAE;gBACF,oEAAoE;gBACpE,yEAAyE;gBACzE,kEAAkE;gBAClE,EAAE;gBACF,wCAAwC;gBACxC,EAAE;gBACF,+FAA+F;gBAC/F,+FAA+F;gBAC/F,yFAAyF;gBACzF,+EAA+E;gBAC/E,6FAA6F;gBAC7F,EAAE;gBACF,mGAAmG;aACpG,CAAC;YAEF,OAAO;gBACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;aAC7D,CAAC;QACJ,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YACjE,OAAO;gBACL,OAAO,EAAE;oBACP;wBACE,IAAI,EAAE,MAAe;wBACrB,IAAI,EAAE,wCAAwC,OAAO,EAAE;qBACxD;iBACF;gBACD,OAAO,EAAE,IAAI;aACd,CAAC;QACJ,CAAC;IACH,CAAC;CACF,CAAC"}

package/dist/tools/get_started.d.ts

@@ -0,0 +1,11 @@
+export declare const getStartedTool: {
+    name: string;
+    description: string;
+    inputSchema: {};
+    handler: (_args: Record<string, never>) => Promise<{
+        content: {
+            type: "text";
+            text: string;
+        }[];
+    }>;
+};

package/dist/tools/get_started.js

@@ -0,0 +1,153 @@
+export const getStartedTool = {
+    name: "get_started",
+    description: "Returns a complete guide for developers integrating tru into their app. " +
+        "Covers what tru is (auth + billing API with risk signals), why it matters, " +
+        "and walks through setup step-by-step using the MCP tools: register_app, connect_stripe, " +
+        "and then using create_charge, request_credentials, and check_identity. " +
+        "Call this first when a developer wants to integrate tru.",
+    inputSchema: {},
+    handler: async (_args) => {
+        const guide = `# Getting Started with tru
+
+## What is tru?
+
+tru is an auth and billing API in one. Your users verify their identity once — government ID, bank link, payment method via Stripe — and you get:
+
+- **Instant identity verification** — know if a user is real before they touch your product
+- **Credential sharing** — request verified name, email, phone, address from the user's vault (they approve each request)
+- **Built-in billing** — charge users directly or via subscription, with user-controlled spending rules
+- **Virtual cards** — issue single-use cards for agent purchases on third-party sites
+- **Risk signals you can't get anywhere else** — every tru user has a risk profile built from Stripe's Radar, card funding type, country, fingerprint analysis, and charge history
+
+## Why developers use tru
+
+### Risk-informed decisions from day one
+Every tru user carries a risk score. Use it to set free trial length, spending limits, feature access, or fraud thresholds. A user with a verified government ID, US-issued debit card, and clean charge history is a very different prospect than an unverified prepaid card from a high-risk country. tru gives you that signal before the user even signs up.
+
+### One integration, not five
+Without tru, you're stitching together Stripe for payments, an identity provider for auth, a KYC vendor for verification, and building your own spending controls. tru is all of these in one API. One MCP server, one API key.
+
+### Payments flow to your existing Stripe account
+When you connect Stripe, tru routes payments directly to your existing Stripe account via destination charges. Nothing changes about your Stripe setup — same dashboard, same bank, same payouts, same Radar, same everything. tru is just another source of payments flowing in.
+
+### Your users stay in control
+Users set their own spending rules ("auto-approve charges under $10 from this app"). This builds trust — users are more willing to save a payment method when they control how it's used. Your conversion rate goes up because the friction goes down.
+
+---
+
+## Setup (5 minutes)
+
+You'll use three MCP tools, in order. Each one takes about a minute.
+
+### Step 1: Register your app
+
+\`\`\`
+register_app(
+  service_name: "my-app",
+  display_name: "My App",
+  owner_email: "you@example.com",
+  description: "What your app does",
+  website: "https://myapp.com"
+)
+\`\`\`
+
+This creates your app on tru and returns an **API key** (starts with \`tru_ak_\`). Save it — you'll need it for API calls. The API key is also your app's authentication for the REST API.
+
+The \`service_name\` is your app's unique identifier on tru (lowercase, letters/numbers/hyphens).
+
+### Step 2: Connect your Stripe account
+
+\`\`\`
+connect_stripe(service_name: "my-app")
+\`\`\`
+
+This generates a URL. Open it in your browser, log into your existing Stripe account, and authorize the connection. That's it.
+
+**What this does:**
+- Links your Stripe account to receive tru payments
+- Uses Stripe's standard Connect OAuth — secure, reversible, well-understood
+- Your Stripe dashboard, payouts, refunds, disputes, Radar — all unchanged
+- You can still charge customers directly outside of tru
+- tru takes a small platform fee on each transaction; the rest goes straight to you
+
+**If you don't have a Stripe account yet**, the OAuth flow will let you create one. But most developers already have one, and the whole point is that nothing about it changes.
+
+### Step 3: You're live
+
+That's it. Your app can now:
+
+- **Verify users** — \`check_identity(email)\` returns whether they're verified, plus risk signals
+- **Request credentials** — \`request_credentials(email, service, fields)\` asks the user to share verified data
+- **Charge users** — \`create_charge(email, amount_cents, description)\` creates a charge that the user approves
+- **Issue virtual cards** — \`request_virtual_card(email, amount_cents)\` for agent purchases on other sites
+- **Check risk** — every identity check includes risk level, score, card funding type, country, and fingerprint reuse
+
+---
+
+## Using risk signals
+
+Every \`check_identity\` response includes:
+
+\`\`\`json
+{
+  "verified": true,
+  "email": "user@example.com",
+  "name": "Jane Doe",
+  "identity_verified": true,
+  "bank_linked": true,
+  "risk": {
+    "level": "low",
+    "score": 12,
+    "card_funding": "debit",
+    "card_country": "US",
+    "fingerprint_reuse": false
+  }
+}
+\`\`\`
+
+**How to use this:**
+
+| Signal | What it tells you | Example action |
+|--------|-------------------|----------------|
+| \`risk.level\` | Overall risk (low/medium/high/very_high) | Gate feature access |
+| \`risk.score\` | Numeric Radar score (0-100, lower = safer) | Set free trial length |
+| \`risk.card_funding\` | credit / debit / prepaid | Prepaid = higher fraud risk |
+| \`risk.card_country\` | ISO country of the card | Flag mismatches with IP |
+| \`risk.fingerprint_reuse\` | Same card used by multiple accounts | Block duplicate signups |
+| \`identity_verified\` | Government ID verified via Stripe Identity | Require for high-value actions |
+| \`bank_linked\` | User has linked a bank account | Higher trust signal |
+
+These signals come from Stripe's Radar and Identity — the same fraud detection that processes billions of dollars in payments. You get them for free with every tru identity check.
+
+---
+
+## What's next
+
+- **Set up webhooks** — get notified when charges are approved/rejected, credentials shared, etc.
+- **Write an Agent Skill** — a SKILL.md that teaches AI agents how to use your app (tru hosts it for you)
+- **Configure App Rules** — users can set per-app spending rules; you can set default limits on your side
+- **Add "Login with tru"** — OAuth 2.0 flow for browser-based auth (see integration docs)
+
+## Quick reference
+
+| Tool | Purpose |
+|------|---------|
+| \`get_started\` | This guide |
+| \`register_app\` | Create your app, get API key |
+| \`connect_stripe\` | Link your Stripe account |
+| \`check_identity\` | Verify a user + get risk signals |
+| \`request_credentials\` | Ask user to share verified data |
+| \`check_request_status\` | Poll credential request status |
+| \`create_charge\` | Charge a user (one-time or subscription) |
+| \`check_charge_status\` | Poll charge status |
+| \`request_virtual_card\` | Issue single-use card for agent purchases |
+| \`discover_apps\` | Browse tru app directory |
+| \`read_skill\` | Read an app's agent guide |
+| \`initiate_oauth\` | Start OAuth login flow |
+`;
+        return {
+            content: [{ type: "text", text: guide }],
+        };
+    },
+};
+//# sourceMappingURL=get_started.js.map

package/dist/tools/get_started.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"get_started.js","sourceRoot":"","sources":["../../src/tools/get_started.ts"],"names":[],"mappings":"AAEA,MAAM,CAAC,MAAM,cAAc,GAAG;IAC5B,IAAI,EAAE,aAAa;IACnB,WAAW,EACT,0EAA0E;QAC1E,6EAA6E;QAC7E,0FAA0F;QAC1F,yEAAyE;QACzE,0DAA0D;IAC5D,WAAW,EAAE,EAAE;IACf,OAAO,EAAE,KAAK,EAAE,KAA4B,EAAE,EAAE;QAC9C,MAAM,KAAK,GAAG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAyIjB,CAAC;QAEE,OAAO;YACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC;SAClD,CAAC;IACJ,CAAC;CACF,CAAC"}

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "tru-mcp",
-  "version": "0.1.1",
-  "description": "MCP server for tru — portable identity and billing for AI agents",
+  "version": "0.2.0",
+  "description": "MCP server for tru — auth, billing, and risk signals in one API",
   "type": "module",
   "bin": {
     "tru-mcp": "dist/index.js",