MCP server

mcp.igregulator.io exposes iGregulator as a Model Context Protocol server. Compatible clients (Claude Desktop, Cursor, Windsurf, Cline) can discover and call iGregulator tools without your users writing any HTTP code.

The same API key that works against https://api.igregulator.io works here. Tool calls are forwarded to the API server and counted against your normal per-key quota — there’s no separate MCP plan.

Why MCP vs. direct API

	Direct API	MCP
Where it runs	Your application code	The agent runtime (Claude Desktop, Cursor, etc.)
Auth	Your code stores + sends Bearer header	Configured once, agent reuses across sessions
Tool discovery	Read OpenAPI, write wrappers	Agent auto-introspects
Best for	Server-to-server, batch jobs	End-user agent flows, KYB / compliance assistants

Use direct API when you build the integration. Use MCP when an agent on the user’s machine needs to talk to iGregulator.

Available tools

Mapped to the public API surface. Tool output is lean — a compact verdict, not the full REST payload — so it stays cheap in your context; fetch get_operator when you need the full dossier.

Tool	Backs onto	Use case
check_domain	GET /v1/check	”Is bet365.com licensed?” (supports as_of)
check_domain_batch	POST /v1/check/batch	A KYB sweep — up to 100 domains in one call
search_operators	GET /v1/operators/search	Brand → registered legal entity
get_operator	GET /v1/operators/:slug	Full record incl. licenses + domains (supports as_of)
get_operator_regulatory_actions	GET /v1/operators/:slug/regulatory-actions	Enforcement history (fines, suspensions)
check_coverage	GET /v1/health/coverage	Data freshness per jurisdiction
list_jurisdictions	GET /v1/jurisdictions	Coverage overview
get_jurisdiction	GET /v1/jurisdictions/:code	One regulator’s metadata
get_license	GET /v1/licenses/:license_id	Specific license detail
get_license_history	GET /v1/licenses/:license_id/history	Status-change audit trail

On a no-match, check_domain / check_domain_batch return match_absence_reason + checked_jurisdictions — so an agent says “not found in the jurisdictions we cover”, never an unqualified “unlicensed”.

Webhook + watchlist management (creating endpoints, rotating secrets, etc.) is intentionally not exposed via MCP — those belong in the dashboard at app.igregulator.io. MCP is read-only by design.

Installation

Create a free account and get an API key at app.igregulator.io/api-keys. Founding members get the full Starter plan free — all tools, no card.

Claude Code

Native HTTP MCP support. One command:

claude mcp add --transport http igregulator https://mcp.igregulator.io/mcp \
  --header "Authorization: Bearer igk_..."

Replace igk_... with your real key. Verify with claude mcp list — igregulator should appear with status connected. Restart any active Claude Code session and the tools become available immediately.

Claude Desktop (recommended path: mcp-remote shim)

Claude Desktop’s stdio-based MCP support is universal; HTTP support is rolling out. The most reliable config today uses mcp-remote to bridge stdio → streamable HTTP. Open ~/Library/Application Support/Claude/claude_desktop_config.json (macOS) or %APPDATA%\Claude\claude_desktop_config.json (Windows) and add:

{
  "mcpServers": {
    "igregulator": {
      "command": "npx",
      "args": [
        "-y",
        "mcp-remote",
        "https://mcp.igregulator.io/mcp",
        "--header",
        "Authorization: Bearer igk_..."
      ]
    }
  }
}

Replace igk_... with your real key. Restart Claude Desktop. Verify with: “What iGregulator tools do you have?”

Claude Desktop (native HTTP — newer builds only)

If your Claude Desktop build supports remote MCP servers natively, you can drop the mcp-remote shim:

{
  "mcpServers": {
    "igregulator": {
      "url": "https://mcp.igregulator.io/mcp",
      "transport": "streamable-http",
      "headers": {
        "Authorization": "Bearer igk_..."
      }
    }
  }
}

If this gives you an “unknown transport” error, your build is too old — fall back to the mcp-remote shim above.

Cursor

Cursor → Settings → Features → Model Context Protocol → Add new MCP server. Use the same mcp-remote shim:

npx -y mcp-remote https://mcp.igregulator.io/mcp --header "Authorization: Bearer igk_..."

Windsurf

Windsurf → Settings → Cascade → Manage MCP Servers. Same mcp-remote shim pattern as Cursor; Windsurf documents per-version specifics in their MCP guide.

Cline / other clients

Anything that speaks MCP can connect. Refer to your client’s docs for HTTP/SSE transport configuration; the connect URL is https://mcp.igregulator.io/mcp and auth is a bearer header named Authorization.

Example prompts

Check whether bet365.com is licensed.

→ Agent calls check_domain with domain="bet365.com", returns UKGC license details.

Find every operator named "Flutter" and show me their licenses.

→ search_operators(q="flutter") followed by get_operator(slug=...) for each result.

What's the regulatory action history for license <UUID>?

→ get_license_history(license_id=...) returns the full status-change timeline.

Compare UKGC and MGA — what license types do they each issue?

→ get_jurisdiction(code="UKGC") + get_jurisdiction(code="MGA").

Here are 40 merchant domains — which are licensed?

→ one check_domain_batch(domains=[...]) call, not 40 separate checks.

Was virginbet.com licensed on 2026-03-01?

→ check_domain(domain="virginbet.com", as_of="2026-03-01") — reads as_of.knowledge (won’t assert a status from before tracking began).

Any enforcement actions against Flutter?

→ get_operator_regulatory_actions(slug="flutter-uk-limited").

Authentication

API keys are bearer tokens. The same key works against the direct API and the MCP server. Rotate or revoke at app.igregulator.io/api-keys; changes take effect within seconds across both surfaces.

The MCP gateway does not store your key. It validates the bearer header on each request and forwards it to the API container, which runs the same requireApiKey middleware that direct-HTTP callers go through.

Rate limits

Tool calls count against your existing per-key quota. The same X-RateLimit-Remaining headers the direct API returns are surfaced through the MCP error path when a quota trips — agents see a structured 429 with the same payload your curl clients would.

Founding (Starter) keys reach every tool. Only legacy trial-tier keys are scoped to check_domain (1,000 calls/day) — those return 402 payment_required with details.reason=endpoint_requires_paid_plan on the other tools.

Discovery

This server publishes a manifest at three URLs (community convention; not a canonical MCP spec field — canonical discovery is the user typing the URL into their client):

• https://mcp.igregulator.io/.well-known/mcp.json
• https://api.igregulator.io/.well-known/mcp.json
• https://igregulator.io/.well-known/mcp.json

All three return the same JSON: server URL, transport, auth flow, key-request URL, docs URL.

Troubleshooting

“Tool not found” — usually the agent never connected. Check that your client logs show iGregulator listed under MCP servers. If it’s missing, the bearer header is malformed or the URL is unreachable.

“Connection failed” or DNS errors — curl -I https://mcp.igregulator.io/health should return 200 OK. If not, the issue is upstream of MCP.

“401 / api_key_missing / api_key_invalid” — your key isn’t being passed. With mcp-remote, double-check the --header arg includes Bearer (with the space). Quoting matters in some shells; if your config has issues, restart the client.

“402 / endpoint_requires_paid_plan” — a legacy trial-tier key hit a paid endpoint. Free founding (Starter) accounts don’t see this; create one at app.igregulator.io/signup, or ask the agent to use check_domain only.

“429 / rate limited” — same quota as direct API. Headers X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset are passed through.

Source code

Open source — see apps/mcp/ in the repo. Drop an issue if a tool description or argument schema needs work; agent-voice quality is something we iterate on.