Guides
Start typing to search…

Merchant Integration Guide - AI PAB Model Context Protocol (MCP)


Prerequisites

Complete these steps before starting the integration:

  1. Obtain your MiFinity API key — Your key must already exist in the MiFinity API system. Contact the API/development team if you need a new key. Have your alphanumeric key string ready.

  2. Submit your public IP address(es) — Provide your public egress IP(s) to the DevOps team. They will add them to the API Gateway allowlist. Integration will not work until your IPs are allowlisted.

  3. Install an MCP-compatible client — Use one of the following: Claude Code, Cursor, VS Code (with MCP extension), Codex, or another MCP-compatible client.

Gateway URLs

EnvironmentURLPurpose
Productionhttps://mcp.payanybank.mifinity.comLive interaction with the Production PAB endpoints. This can be used to obtain the required data in order to complete a PAB payment.
Demohttps://mcp-demo.payanybank.mifinity.comTesting with restricted test data
⚠️

Note that direct live payouts are currently disabled within this MCP.

Client Setup

Claude Code uses a .mcp.json file in your project directory.

Step 1: Create the configuration file

Create .mcp.json in your project root:

{
  "mcpServers": {
    "ai-pab-gateway": {
      "type": "http",
      "url": "https://mcp.payanybank.mifinity.com",
      "headers": {
        "Authorization": "Bearer ${MIFINITY_API_KEY}",
        "x-api-version": "1"
      }
    }
  }
}

Step 2: Set the environment variable

export MIFINITY_API_KEY="your_api_key_here"
$env:MIFINITY_API_KEY = "your_api_key_here"

To persist the variable across sessions, add the export to your shell profile:

export MIFINITY_API_KEY="your_api_key_here"

Step 3: Start Claude Code

claude-code

Claude Code automatically loads the MCP server configuration from .mcp.json.

Step 4: Verify the tools

Confirm that 4 MCP tools are available in Claude Code:

  • aipab___get_supported_currencies
  • aipab___get_bank_detail_fields
  • aipab___get_bank_name
  • aipab___initiate_bank_payout

Validation

Quick test

Ask your AI agent:

What currencies are supported for Ireland?

Expected response: A list of currency codes such as EUR, USD, GBP. This calls aipab___get_supported_currencies and confirms connectivity.

Full validation

Run these prompts in sequence to validate all four tools:

  1. Get supported currencies:

    What currencies can I use for payouts to France?

  2. Get required fields:

    What fields do I need for a EUR payout to Ireland?

  3. Get bank list (if applicable):

    What banks are available for HKD payouts to Hong Kong?

  4. Demo payout (AI demo environment only):

    Create a test payout for €10 to Ireland with IBAN IE29AIBK93115212345678
❗️

Only run test payouts in the AI demo environment with test data. Production payouts transfer real money.

Available Tools

The AI PAB Gateway exposes 4 MCP tools:

1. get_supported_currencies

Check which currencies are supported for a specific country.

What currencies are supported for payouts to Germany?

Returns: List of currency codes (e.g., EUR, USD, GBP).

2. get_bank_detail_fields

Get the required and optional fields for a specific country/currency combination.

What fields do I need for a GBP payout to the UK?

Returns: List of required and optional fields with their formats.

📋

Always call get_bank_detail_fields before initiating a payout to ensure you provide all required fields.

3. get_bank_name

Get the list of available banks or payment rails for a country/currency combination.

What banks are available for USD payouts to Hong Kong?

Returns: List of bank names or payment methods. Not all country/currency combinations have multiple banks — some return a single method or an empty list.

4. initiate_bank_payout

Submit a payout request.

Create a payout for €100 to Ireland:
- IBAN: IE29AIBK93115212345678
- Name: John Smith
- Source account: 1234567890
- Description: Invoice payment

Returns: Transaction ID and status.

⚠️
  • Call get_bank_detail_fields first to confirm required fields for the destination country/currency.
  • Your API key must have payout permissions.
  • Production payouts are disabled by default and require the MCP_PAB_PAYMENTS_ENABLED feature flag.
  • When enabled in production, payouts are real — verify all details carefully.
  • Use the AI demo environment for all testing.

Troubleshooting

Tools not appearing

Symptoms: MCP server connected but no tools shown.

Diagnosis and resolution:

  1. Check your configuration file for valid JSON syntax.
  2. Verify the MIFINITY_API_KEY environment variable is set: 
    echo $MIFINITY_API_KEY
  3. Confirm network connectivity to the gateway URL.
  4. Verify the URL is correct (production vs. demo).
  5. Contact the DevOps team to confirm your IPs are allowlisted.
  6. Restart your MCP client after making changes.
403 Forbidden error

Symptoms: All requests return 403.

Cause: Your source IP is not allowlisted.

Resolution:

  1. Confirm your public IP address: 
    curl https://api.ipify.org
  2. Provide this IP to the DevOps team for allowlisting.
  3. Wait for confirmation before retrying.
  4. If you use a VPN, provide the VPN egress IP instead.
400 Bad Request (missing Bearer token)

Symptoms: Requests return 400.

Cause: The Authorization: Bearer <api_key> header is missing or malformed.

Resolution:

  • Ensure the header is present and formatted as: 
    Authorization: Bearer <YOUR_MIFINITY_API_KEY>
  • Do not send legacy auth (x-mifinity-api-key) or inline Key arguments — these are rejected.
401 Unauthorized error (API key rejected)

Symptoms: Requests return 401.

Cause: MiFinity rejected the API key (the Bearer header was present but the key is invalid).

Resolution:

  1. Verify the MIFINITY_API_KEY environment variable is set correctly.
  2. Check the API key has no extra spaces or surrounding quotes.
  3. Confirm the key exists in the MiFinity API system.
  4. Contact the API/development team if the issue persists.
Connection timeout

Symptoms: Requests time out or fail to connect.

Cause: Network connectivity issue or DNS resolution failure.

Resolution:

  1. Verify the URL is correct.
  2. Check DNS resolution: 
    nslookup mcp.payanybank.mifinity.com
  3. Test connectivity: 
    curl -I https://mcp.payanybank.mifinity.com
  4. Check firewall and proxy settings.
  5. Contact the DevOps team if the issue persists.
Invalid request error (400 on tool calls)

Symptoms: Tool calls return 400 errors.

Cause: Missing required fields or invalid data format.

Resolution:

  1. Call get_bank_detail_fields first to check the required fields for your target country/currency.
  2. Ensure all required fields are provided.
  3. Verify field formats match the specification.
  4. Confirm the country/currency combination is supported.

Security Best Practices

API Key Management

  • Never hardcode API keys in code or configuration files.
  • Use environment variables for all keys.
  • Rotate keys periodically (quarterly recommended).
  • Use separate keys for demo and production.
  • Never commit keys to version control.

Network Security

  • Ensure all traffic uses HTTPS (the gateway enforces TLS 1.2+).
  • Validate SSL certificates — do not disable verification.
  • Use stable IPs for the allowlist (avoid dynamic IPs if possible).
  • If using a VPN, provide the VPN egress IP for allowlisting.

Request Tracing

  • Include an x-request-id header (UUID) for request tracing.
  • Log requests and responses for your audit trail.
  • Never log API keys or sensitive account details.

Support

For any queries about the usage of this MCP, please contact our integration support team.

Next Steps

After a successful integration:

  1. Test in the AI demo environment with demo data before moving to production.
  2. Implement error handling for network failures, rate limits, and validation errors.
  3. Monitor usage through your AI agent logs.
  4. Review additional documentation:
    • Error Reference — Troubleshooting guide
    • OpenAPI Specification — Full API details

Updated 1 day ago