Yapper Developers

MCP Guide

The Yapper hosted MCP connector — a thin client over the public API.

Status: live. The API endpoints behind every tool are live.

The Yapper hosted MCP connector is a thin client over the public API. It contains no provider logic, Firebase reads, credit accounting, model routing, or private serializers.

Install

Hosted connector (recommended):

https://yapper.so/mcp/connector

Paste that URL into an MCP client that supports hosted HTTP connectors, then sign in with your Yapper account when prompted.

Client integration rules

  • Use the exact HTTPS connector URL above. Do not rewrite it to http://.
  • A 401 response from /mcp/connector before sign-in is expected. It includes WWW-Authenticate metadata that points the MCP client to the OAuth protected resource metadata.
  • Do not configure /api/mcp/oauth/* as the MCP server URL. Those routes are only the OAuth registration, authorization, approval, and token endpoints.
  • Do not treat an unauthenticated JSON-RPC call as a connector failure. Complete the hosted MCP OAuth flow first, then call initialize and tools/list.

Tools

ToolPurposeStatus
yapper_start_processStart a generation process (spends credits)Live
yapper_get_processPoll one processLive
yapper_list_processesList recent processesLive
yapper_list_assetsList generated or imported assetsLive
yapper_get_assetFetch one assetLive
yapper_import_assetImport an external image or video URLLive
yapper_list_modelsList available models and capabilitiesLive
yapper_get_creditsCheck team credit balanceLive
yapper_get_usageCheck team and acting-member usageLive

Resources

yapper://processes/{processId}
yapper://assets/{assetId}

Use resources/templates/list to discover these templates and resources/read to fetch one process or asset as JSON.

Agent behavior

  • Call yapper_get_credits before expensive work when the user asks about feasibility.
  • Prefer explicit user confirmation before spending credits on ambiguous prompts.
  • Use idempotency keys for retried yapper_start_process calls.
  • Poll process status instead of assuming immediate completion.
  • Return asset ids and URLs from the public response shape only.

Security boundary

The hosted MCP connector uses short-lived ymcp_ access tokens from the Yapper OAuth flow. Local stdio MCP clients receive credentials from local config or environment. MCP clients should never request browser session cookies or Firebase credentials.

On this page