Bynn MCP

Connect any MCP-compatible AI client to Bynn: identity verification (KYC), document fraud detection, age verification, content moderation, face search, AutoDoc workflows, fraud reasoning agents, and account management. 143 tools over the Bynn API, one connection. Works in Claude (claude.ai, Desktop, Claude Code), ChatGPT, Cursor, VS Code, Windsurf, and Zed.

https://mcp.bynn.com

The endpoint is the root path. Do not append /mcp; https://mcp.bynn.com/mcp will
not work. The only other route is GET /health.


Quick start (30 seconds)

Claude Code:

claude mcp add --transport http bynn https://mcp.bynn.com

Claude or ChatGPT (hosted): add https://mcp.bynn.com as a custom connector and sign in
with your Bynn account when the browser opens. No key handling needed.

API-style clients: get a token at dashboard.bynn.com/authenticate
and send it as Authorization: Bearer <token> on the connection.

Then try your first prompt:

Check whether this image is AI-generated.

Attach an image, and the result renders as an interactive card with the verdict, AI
probability, and most likely generator.


Example prompts

Fraud and documents

Submit this bank statement for fraud analysis and summarize the risk when it finishes.
Is this invoice manipulated? Show me the forensic findings.
Run my passport-fraud orchestrator against the latest analyzed document.

Verification

Create a KYC verification session for this applicant and give me the hosted link.
Estimate the age of the person in this photo and tell me if they look under 25.
Create an age verification session with liveness for user 8841.

Moderation and media

Check whether this image is AI-generated.
Which moderation models can I run on video?
Search this face against my employees collection.

Account and operations

List my API keys and when they were last used.
Rotate my live private key but keep the grace period.
Show this month's usage and my latest invoices.

Document-fraud and AI-image results render as interactive cards in both ChatGPT and Claude
(see Interactive widgets).


Installation

Claude Code

claude mcp add --transport http bynn https://mcp.bynn.com

Claude Desktop and claude.ai

Settings → Connectors → Add custom connector → URL https://mcp.bynn.com.
OAuth sign-in starts automatically on first use.

ChatGPT

Settings → Apps & Connectors → enable developer mode → Create → MCP server URL
https://mcp.bynn.com. Bynn is built as a ChatGPT app: fraud reports and AI-image checks
render as interactive cards, and attached images are forwarded to the tools natively.

Cursor

Add to Cursor

One click above, or add manually to ~/.cursor/mcp.json (or .cursor/mcp.json per project):

{
  "mcpServers": {
    "bynn": {
      "url": "https://mcp.bynn.com"
    }
  }
}

VS Code (GitHub Copilot)

.vscode/mcp.json:

{
  "servers": {
    "bynn": {
      "type": "http",
      "url": "https://mcp.bynn.com"
    }
  }
}

Windsurf

Windsurf connects through the mcp-remote bridge:

{
  "mcpServers": {
    "bynn": {
      "command": "npx",
      "args": ["-y", "mcp-remote", "https://mcp.bynn.com"]
    }
  }
}

Zed

settings.jsoncontext_servers:

{
  "context_servers": {
    "bynn": {
      "command": {
        "path": "npx",
        "args": ["-y", "mcp-remote", "https://mcp.bynn.com"]
      }
    }
  }
}

Authentication

OAuth 2.1 (connectors)

Hosted connectors (Claude, ChatGPT) authenticate with OAuth 2.1 + PKCE. The authorization
server is dashboard.bynn.com; your MCP client opens a browser sign-in, you approve the
requested permissions, and the client connects as your Bynn dashboard user. Clients that
support Dynamic Client Registration (Claude, Cursor) register automatically.

Bearer tokens (API-style clients)

For server-side, scripted, or self-hosted use, send an authorization header on the MCP
connection:

Authorization: Bearer <token>

Get a token at dashboard.bynn.com/authenticate.
Three token types work:

TokenPrefixWhat it can do
Dashboard token (JWT)noneEverything. When a tool needs an API key, the server exchanges the JWT for your organization's keys automatically.
Private API keyprivate_...Product and verification tools (documents, moderation, age results). Not sufficient for dashboard tools like API keys or billing.
Public API keypublic_...Client-safe session creation (create_session, create_age_verification_session).

Per tool group:

Tool groupMinimum credential
API keys, billing, users, AutoDoc, reasoning, websitesDashboard token (JWT)
Documents, moderation, face, NFCPrivate key or JWT
create_session, create_age_verification_sessionPublic key or JWT
verify_age_from_selfie, get_age_verification_resultPrivate key or JWT
Session steps (consent, preflight, liveness, uploads)None: the session token in the URL is the credential

Use private keys only in trusted server-side environments. Never expose them in frontend
code, public repositories, or shared chats.

Example client configuration with a token

{
  "mcpServers": {
    "bynn": {
      "url": "https://mcp.bynn.com",
      "headers": {
        "Authorization": "Bearer ${BYNN_API_KEY}"
      }
    }
  }
}
export BYNN_API_KEY="private_your_bynn_key_here"

Tools reference (143 tools)

Access badges: Read = safe, non-mutating. Write = creates or changes data.
Destructive = deletes, cancels, or revokes (delete_*, cancel_*, rotate_api_key);
keep confirmation enabled for these in your client. Every tool also carries machine-readable
readOnlyHint / destructiveHint annotations, so MCP clients can gate them automatically.

Documents (4)

ToolAccessDescription
delete_documentDestructiveDelete a document submission.
get_documentReadRetrieve a document submission and its forensic analysis result.
list_documentsReadList and search your document submissions.
submit_documentWriteSubmit a document for full fraud / authenticity analysis.

Document analysis is asynchronous: submit_document, then poll get_document until
status is analyzed.

Age Verification (5)

ToolAccessDescription
complete_age_verification_livenessWriteFinalize a liveness capture.
create_age_verification_sessionWriteCreate a new liveness age-verification session.
get_age_verification_resultReadRead the result of a liveness age-verification session.
start_age_verification_livenessWriteStart the liveness capture for a session.
verify_age_from_selfieWriteEstimate age from a single selfie, without liveness.

verify_age_from_selfie takes an age_verification_model threshold (21, 18, and lower,
default 18) plus a legal_age_21 jurisdiction flag. The liveness flow is:
create session → start liveness → complete liveness → get result.

Content Moderation (12)

ToolAccessDescription
check_ageWriteEstimate the age of faces in an image (age verification / minor detection).
create_moderation_inferenceWriteRun a moderation / AI-detection inference.
detect_ai_generated_imageWriteCheck whether an image is AI-generated or a real photo.
get_moderation_dashboard_statsReadGet moderation dashboard statistics for your organization.
get_moderation_inferenceReadRetrieve a past moderation inference by its id.
get_moderation_modelReadGet one moderation model with full documentation.
list_all_moderation_modelsReadList ALL public moderation models across every type.
list_audio_moderation_modelsReadList AUDIO moderation models grouped by category.
list_image_moderation_modelsReadList IMAGE moderation models grouped by category.
list_text_moderation_modelsReadList TEXT moderation models grouped by category.
list_video_moderation_modelsReadList VIDEO moderation models grouped by category.
public_moderation_inferenceWriteRun a FREE public AI-detection inference, no credential required.

detect_ai_generated_image returns result.is_ai_generated (the verdict),
ai_probability, uncertain, top_generator, generators, c2pa_signer, and
detection_mode. check_age returns per-face age, from_age/to_age, is_minor,
challenge_25, sex, confidence, uncertainty, and bbox.

Face Search (6)

ToolAccessDescription
create_face_collectionWriteCreate a new face collection.
delete_faceDestructiveDelete a single enrolled face from a collection.
delete_face_collectionDestructiveDelete a face collection and ALL its enrolled faces.
enroll_faceWriteEnroll a single face into a collection.
list_face_collectionsReadList your organization's face collections.
search_facesReadSearch a collection for faces similar to a probe image.

AutoDoc (37)

ToolAccessDescription
add_dossier_noteWriteAdd an admin note to a dossier.
approve_approvalWriteApprove a pending HITL approval.
attach_dossier_tagWriteAttach an organization tag to a dossier.
create_document_collectionWriteCreate a document collection.
create_invitationWriteSend an AutoDoc invitation by email or SMS.
create_organization_tagWriteCreate an organization tag.
create_workflowWriteCreate a workflow.
delete_document_collectionDestructiveDelete a document collection (soft delete).
delete_invitationDestructiveCancel (hard-delete) a pending AutoDoc invitation.
delete_organization_tagDestructiveDelete an organization tag.
delete_workflowDestructiveDelete a workflow (soft delete).
detach_dossier_tagWriteDetach an organization tag from a dossier.
download_dossier_zipReadPackage a dossier's documents + variables into a ZIP.
duplicate_workflowWriteDuplicate a workflow.
get_autodoc_dashboard_statsReadGet aggregated AutoDoc dashboard statistics.
get_document_collectionReadGet one document collection and its requirements.
get_dossierReadGet one dossier with progress and workflow variables.
get_dossier_form_fieldsReadList form-field names available across your active workflows.
get_invitationReadGet a single AutoDoc invitation.
get_pending_approval_countReadGet the count of pending HITL approvals.
get_workflowReadGet a single workflow.
list_approvalsReadList human-in-the-loop workflow approvals.
list_document_collectionsReadList document collections for your organization.
list_document_typesReadList the document types available for collection requirements.
list_dossier_documentsReadList the documents uploaded to a dossier.
list_dossier_notesReadList a dossier's notes / audit timeline.
list_dossiersReadList and filter AutoDoc dossiers.
list_invitation_localesReadList supported invitation locales.
list_invitationsReadList AutoDoc invitations.
list_organization_tagsReadList your organization's dossier tags.
list_workflowsReadList workflows for your organization.
reject_approvalWriteReject a pending HITL approval.
resend_invitationWriteResend an AutoDoc invitation.
update_document_collectionWriteUpdate a document collection and (optionally) its requirements.
update_dossierWriteRename a dossier.
update_organization_tagWriteUpdate an organization tag's color and/or name.
update_workflowWriteUpdate a workflow.

Reasoning & Fraud Agents (25)

ToolAccessDescription
create_fraud_agentWriteCreate a fraud-analysis agent / operator.
create_orchestratorWriteCreate an orchestrator (coordinator) agent.
create_reasoning_jobWriteQueue an ASYNCHRONOUS fraud-reasoning job for a document.
delete_fraud_agentDestructiveDelete a fraud-analysis agent / operator.
delete_orchestratorDestructiveDelete an orchestrator agent.
generate_fraud_agent_promptWriteDraft a fraud-analysis agent system prompt with AI.
generate_orchestrator_promptWriteDraft an orchestrator system prompt with AI.
get_agentReadGet a single agent (orchestrator or operator) by token.
get_agent_statsReadGet aggregate agent statistics for your organization.
get_reasoning_jobReadGet a reasoning job's status and full results.
list_agent_categoriesReadList the available agent category options.
list_agent_ratingsReadList ratings and rating summary for a public agent.
list_document_content_typesReadList document content types and which are already claimed.
list_fraud_agentsReadList YOUR organization's fraud-analysis agents / operators.
list_orchestratorsReadList YOUR organization's orchestrator agents.
list_public_fraud_agentsReadBrowse public fraud-analysis agent templates from the global community.
list_public_orchestratorsReadBrowse public orchestrator templates from the global community.
list_reasoning_jobsReadList reasoning jobs with filters and org-wide stats.
publish_agentWritePublish one of your agents to the public community marketplace.
rate_agentWriteRate a public agent 1-5 stars.
reorder_orchestrator_agentsWriteReorder the fraud-analysis agents assigned to an orchestrator.
test_orchestratorWriteRun an orchestrator SYNCHRONOUSLY against an existing document.
unpublish_agentWriteRemove one of your agents from the public marketplace.
update_fraud_agentWriteUpdate a fraud-analysis agent / operator.
update_orchestratorWriteUpdate an orchestrator agent.

Billing (14)

ToolAccessDescription
cancel_billing_planDestructiveSchedule cancellation of the current subscription.
change_billing_planWriteChange the organization's subscription plan.
confirm_payment_methodWriteSave the confirmed card as the default payment method.
create_setup_intentWriteCreate a Stripe SetupIntent to collect a payment method.
download_invoiceReadDownload an invoice as a PDF.
get_billing_infoReadGet the full billing snapshot for the organization.
get_current_usageReadGet the current billing period's unbilled usage.
get_stripe_configReadGet Stripe client-side configuration.
list_billing_plansReadList all available subscription plans with pricing and features.
list_inference_historyReadList the organization's AI inference / verification request history.
list_invoicesReadList the organization's invoices, most recent first.
topup_balanceWriteAdd prepaid funds to the account balance via the saved card.
update_company_detailsWriteUpdate the organization's company / invoicing details.
validate_vat_numberReadValidate an EU VAT number via an external lookup.

topup_balance is in US dollars, minimum $10, maximum $10,000 per top-up.

Users & Account (7)

ToolAccessDescription
activate_trialWriteSave a payment method and activate the 7-day free trial with $10 credit.
add_passkeyWriteBegin adding a passkey to the authenticated user's account: get WebAuthn creation options.
delete_passkeyDestructiveDelete one of the authenticated user's passkeys.
get_current_userReadGet the authenticated user, their organization, and quick account stats.
list_passkeysReadList the authenticated user's registered passkeys.
report_public_dataWriteReport incorrect data in the authenticated user's public profile.
submit_onboarding_surveyWriteSave the current user's organization onboarding survey.

Websites (8)

ToolAccessDescription
create_websiteWriteCreate a new age-verification website configuration.
delete_websiteDestructivePermanently delete an age-verification website configuration.
get_websiteReadGet one age-verification website by ID.
list_countriesReadList all countries with codes and attributes.
list_verificationsReadBrowse the age-verification history for the organization.
list_websitesReadList every age-verification website for the authenticated organization.
pause_websiteWritePause or resume age verification for a website.
update_websiteWriteUpdate an existing age-verification website configuration.

Agemin Checks (3)

ToolAccessDescription
get_age_verification_statusReadRe-check a prior age-verification result server-side.
verify_age_with_emailWriteEstimate a person's minimum age from their email address.
verify_age_with_selfieWriteEstimate a person's age from a single selfie image.

Verification Sessions (16)

ToolAccessDescription
cancel_sessionDestructiveCancel / abort a session.
check_email_verificationReadComplete email verification with the code.
check_phone_verificationReadComplete phone verification with the SMS code.
complete_livenessWriteComplete a face-liveness capture.
create_sessionWriteCreate a new identity-verification session.
get_sessionReadShow information about an open session.
get_session_preflightReadGet the next verification step for a session.
give_session_consentWriteRecord the applicant's consent decision.
send_session_smsWriteSMS the applicant a link to continue on their phone.
start_email_verificationWriteStart email verification by emailing a code.
start_livenessWriteStart a face-liveness capture.
start_phone_verificationWriteStart phone verification by texting a code.
submit_address_verificationWriteUpload a proof-of-address document.
submit_funds_verificationWriteUpload a proof-of-funds document.
update_sessionWriteUpdate an open session's applicant details.
upload_session_mediaWriteUpload captured media to a session.

API Keys (3)

ToolAccessDescription
get_api_keyReadRetrieve the FULL, unmasked value of an existing API key.
list_api_keysReadList all API keys for the authenticated organization.
rotate_api_keyDestructiveRotate (regenerate) an API key for the authenticated organization.

list_api_keys returns masked values; only get_api_key reveals the full secret, so keep
confirmation on for it in shared contexts. rotate_api_key keeps the old key valid for a
12-hour grace period by default; pass immediate: true to revoke it instantly.

NFC (1)

ToolAccessDescription
submit_nfc_dataWriteSubmit NFC-scanned identity-document data to a verification session.

Server & Self-Discovery (2)

ToolAccessDescription
describe_apiReadReturn the Bynn REST API's OpenAPI 3.0 specification (from /openapi.json).
describe_cliReadReturn install, auth, and usage instructions for the Bynn CLI (bynn).

Interactive widgets

Two tool families return interactive cards instead of raw JSON in hosts that support MCP
apps (ChatGPT and Claude):

  • Document fraud (submit_document, get_document): a live report card with the risk
    gauge, forensic signals, extracted fields, and risk tags. Pending analyses poll themselves
    to completion.
  • AI-image check (detect_ai_generated_image): verdict card with AI probability and a
    generator breakdown. If no image was provided, the card renders a drag-and-drop uploader,
    and the dropped file goes straight to the detector without entering the chat context.

Other MCP clients simply receive the same data as structured JSON.


Example workflow

A complete KYC session, driven conversationally:

1. "Create a verification session for applicant #4471 with my standard KYC level."
   → create_session returns {session_id, dossier_id, url, qr_base64_png, websocket_url}
2. Send the returned `url` to the applicant (or show the QR code).
3. "What's the next step for this session?"
   → get_session_preflight (after give_session_consent) walks each remaining step
4. "Show the session status."
   → get_session, repeated until the flow completes

The async pattern is the same everywhere: creation tools return an id, get_* tools poll
it. For document fraud, submit_documentget_document until status: "analyzed";
for reasoning jobs, create_reasoning_jobget_reasoning_job.


Bynn CLI: work with local files

The hosted MCP server cannot read files on your machine. The Bynn CLI can. Agents that
run locally (Claude Code, Cursor, a terminal) can analyze local files directly:

bynn submit ./bank-statement.pdf -o json      # full document-fraud analysis, auto-polls
bynn ai-generated ./profile-photo.png -o json # AI-generated-image check

Install (macOS/Linux):

brew tap Bynn-Intelligence/bynn
brew install --cask bynn

Install (Windows):

scoop bucket add bynn https://github.com/Bynn-Intelligence/scoop-bynn
scoop install bynn

Direct downloads (plus .deb/.rpm and checksums) are on the
releases page.

Authenticate once (bynn auth login stores the key in your OS keychain), or
non-interactively with BYNN_API_KEY, --token, or bynn auth login --with-token.
Sandbox keys (private_sandbox_...) are recognized automatically.

Agent-friendly by design: -o json for structured output, --jq for filtering,
--dry-run to preview requests, --poll for async results, and a clean output contract
(stdout = data, stderr = progress). The command tree is generated from the live Bynn
OpenAPI spec, and bynn api <METHOD> <PATH> is a raw authenticated passthrough to any
endpoint. The CLI covers sessions, age verification, AutoDoc invitations, documents,
moderation, NFC, and face; for billing, API keys, dossiers, orchestrators, and websites,
use this MCP server.

For agents: call the describe_cli tool on this server for this entire guide in
machine-readable form.


Self-discovery for agents

The server documents itself. If you are an LLM connected to it:

  • describe_api returns the complete Bynn OpenAPI 3.0 specification: every endpoint,
    parameter, and schema, including ones not wrapped as MCP tools. No auth required.
  • describe_cli returns a structured guide to installing, authenticating, and running
    the bynn CLI locally, for work against local files. No auth required.
  • file://server/status (MCP resource) returns the live tool list and server status.

These are also announced in the server's initialize instructions, so you don't need this
README to find them.


Advanced

Annotations and response contract

Every tool carries MCP ToolAnnotations (readOnlyHint, destructiveHint,
idempotentHint, openWorldHint), applied consistently by verb: get_*/list_*/
search_*/describe_*/download_*/validate_* are read-only; delete_*/cancel_*/
rotate_api_key are destructive. Failures come back as structured
{error: true, error_type, message} payloads rather than protocol errors, so agents can
read and react to them.

Troubleshooting

SymptomFix
404 / connection fails immediatelyYou appended /mcp to the URL. The endpoint is the root: https://mcp.bynn.com
authentication_error / authentication_requiredGet a token at dashboard.bynn.com/authenticate and set it as the Authorization header. Don't retry blindly.
A tool returns 401 with a valid connectionWrong credential type for that tool group; see the auth table. API keys and billing need a dashboard token, not a raw private_ key.
Image tool says no image was providedThe card that appears accepts drag-and-drop; drop the image into it. Or pass a public image_url.
Document stuck in pendingAnalysis is asynchronous; poll get_document until status is analyzed. Don't poll more than every few seconds.
OAuth connector stops workingDisconnect and reconnect the connector to re-run the sign-in flow.

Support

Issues and questions: github.com/Bynn-Intelligence/bynn-mcp-server
· bynn.com · dashboard.bynn.com

MIT licensed.