Nyman Media
§ docs

MCP server

The Model Context Protocol (MCP) server exposes the audit engine as tools that AI clients (Claude Desktop, Cursor, ChatGPT desktop, Claude API connectors) can call directly. Same engine, same daily quota as the web app and CLI. See the MCP landingfor the developer-focused overview.

Endpoint

https://app.nyman.media/api/mcp

Speaks the Streamable HTTP transport (the current MCP spec, March 2025 onward). Stateless: one HTTP request per JSON-RPC call, no persistent socket required.

Who can use it

MCP access is included with every Premium subscription at no extra cost. Use the same nmav_live_* key you would use for the REST API or CLI . Create one under Account settings → API access.

Authentication

Every request must include your API key as a bearer token. The server returns 401 with a spec-compliant WWW-Authenticate header on missing or invalid keys.

Authorization: Bearer nmav_live_...

Connect from Claude Desktop

Add the server to your claude_desktop_config.json:

{
  "mcpServers": {
    "nyman-media": {
      "url": "https://app.nyman.media/api/mcp",
      "headers": {
        "Authorization": "Bearer nmav_live_..."
      }
    }
  }
}

Restart Claude Desktop. The two tools below will appear in the tool picker.

Connect from Cursor

In Settings → MCP, add a new server with type HTTP, URL https://app.nyman.media/api/mcp, and an Authorization header containing your bearer token.

Connect from the Claude Code CLI

claude mcp add nyman-media https://app.nyman.media/api/mcp \
  --header "Authorization: Bearer nmav_live_..."

Tools

audit_url

Run a deterministic audit on a page and return its overall score, hard-block status, and section-by-section findings (titles, severity, evidence, suggested fix). Counts against the caller's daily quota.

Input:

{
  "url": "https://example.com",   // required
  "country": "us"                 // optional, two-letter country code
}

Output: the same JSON payload returned by POST /api/v1/audits. See the API reference for the complete schema.

get_quota

Return the calling key's tier (premium / authenticated), entitlement, and remaining audits for the current day.

Input: none.

Output: identical to GET /api/v1/me.

Quotas

MCP tool calls share your Premium daily audit quota with the web app, the REST API, and the CLI. There is no separate metering. A successful audit_url call consumes one slot; engine failures refund automatically.

Error handling

  • 401: missing, malformed, unknown, or revoked API key.
  • Tool returns { isError: true, content: [{ text: "Premium subscription required." }] }. The key's owner is not on a Premium plan.
  • Tool returns "Too many requests. Please slow down.". Transient request rate limit.
  • Tool returns "Daily limit reached. Try again tomorrow.". Quota exhausted.
  • Tool returns "Audit failed.". The page could not be loaded for review (timeouts, blocking, network errors). Quota slot is refunded.

Privacy

The server returns the same audit JSON the REST API does. No raw page HTML, screenshots, or third-party identifiers are surfaced. Bearer tokens are never echoed in responses or logs.

Next steps

  • API reference: response schema details for audit_url.
  • API keys: create, rotate, and revoke the bearer token.
  • CLI: same engine, command-line interface for shells and CI.