Skip to main content
The Anyreach MCP server exposes the full platform API as a small set of meta-tools that any Model Context Protocol client can discover and invoke. Point your client at one URL, authenticate with a Bearer token, and the server proxies your calls to the underlying services.

Endpoint

The server is reachable at a single URL over the streamable-HTTP transport:
https://api.anyreach.ai/mcp/
Every request must carry an Authorization header:
Authorization: Bearer <token>
The server runs in stateless mode and returns tool results as plain JSON, so there is no persistent session to maintain — each request stands on its own.

Authentication

The MCP edge only accepts two token formats. The token must start with one of these prefixes or the request is rejected at the edge before any tool runs:
Token typePrefixWhere to create itOrg scope
Organization API keyak_/api-keysCarries its org implicitly
Personal access token (PAT)pat_/account/tokensYou pass the org per call
Any other value returns 401 with this body:
{ "error": "Unrecognized token format. Expected a personal access token (pat_...) or organization API key (ak_...)." }
A missing or non-Bearer Authorization header returns 401 with { "error": "Missing Bearer token" }.
The edge check only validates the token prefix. The token is still fully verified by the downstream service when a tool actually runs, so an invalid ak_ or pat_ value still fails there.

Org scoping

Most operations are org-scoped, and how the organization is resolved depends on which token type you use.
Token typeHow the org is determined
Organization API key (ak_)Bound to one organization. You do not pass an org.
Personal access token (pat_)Not bound to an org. Pass organization_id on each call_tool.
When you call call_tool with an organization_id, the server forwards it downstream as the X-Anyreach-Org header alongside your Bearer token:
call_tool
  name           = "..."
  arguments      = { ... }
  organization_id = "<org_id>"


Authorization: Bearer <token>
X-Anyreach-Org: <org_id>


  downstream service
If a tool call returns a 401 that mentions a missing organization claim, you used a PAT without an organization_id (or your client omitted it). Determine which organization to act on and retry the same call_tool with organization_id set.
If you work in a single organization, an ak_ API key is the simplest choice — there is no per-call org argument to track. Use a pat_ when one set of credentials needs to act across several organizations.

Client configuration

Most MCP clients accept a server entry that points at a URL and supplies headers. The shape below works for clients that speak streamable-HTTP:
{
  "mcpServers": {
    "anyreach": {
      "url": "https://api.anyreach.ai/mcp/",
      "headers": {
        "Authorization": "Bearer ak_your_api_key"
      }
    }
  }
}
The org is implied by the key, so no organization_id is needed on tool calls.
Treat both ak_ and pat_ tokens as secrets. Anyone holding the token can act on your organization through the API.

Next steps

Tools and discovery

Browse, search, and invoke operations with the four meta-tools.

API keys and tokens

Create and manage organization API keys and personal access tokens.