Model Context Protocol

Granite Finance MCP Server Documentation

Granite exposes MCP discovery metadata so compatible AI clients can find the finance assistant surface. User financial data and tool calls remain protected by authentication, scoped OAuth consent, and subscription entitlements.

Create an account Review privacy policy

What It Is

The Granite MCP server is a secure bridge between Granite Finance and authorized AI assistants. It is designed for personal budgeting workflows such as understanding spendable cash, reviewing transactions, and asking questions about a user's own financial plan.

How Access Works

Users must authenticate with Granite before connecting an assistant client.
Compatible clients use OAuth with PKCE and request specific scopes for the requested workflow.
Most assistant features require an active subscription or enabled third-party integration entitlement.
Granite does not publish user-specific financial data in public discovery files, documentation, sitemaps, or robots metadata.

Capability Areas

Budget and cash-flow context

Authorized clients can request budget summaries, spendable balance context, forecasts, and monthly insight data for the connected user.

Transaction review

Scoped integrations can inspect or update transaction data only when the user has granted the required permission and the account has an eligible entitlement.

Assistant workflows

Granite can power finance assistant experiences that answer budgeting questions using the user's own Granite data rather than generic advice.

Public Discovery Endpoints

These endpoints are intended for agent and client discovery. They may return 404 when MCP exposure is disabled for an environment.

MCP configuration
Advertises Granite MCP server name, transport, endpoint, and OAuth discovery URLs when MCP exposure is enabled.
OAuth protected resource metadata
Identifies the Granite MCP protected resource and supported authorization server.
OAuth authorization server metadata
Publishes authorization, token, dynamic registration, PKCE, and scope metadata for compatible clients.

Privacy and Safety Boundaries

Public crawlers can learn what Granite MCP is and how clients discover it. They cannot retrieve a user's transactions, budget, assistant activity, bank account data, or subscription state without the required authenticated access path.

How Access Works

Users must authenticate with Granite before connecting an assistant client.

Compatible clients use OAuth with PKCE and request specific scopes for the requested workflow.

Most assistant features require an active subscription or enabled third-party integration entitlement.

Granite does not publish user-specific financial data in public discovery files, documentation, sitemaps, or robots metadata.

Capability Areas

Budget and cash-flow context

Authorized clients can request budget summaries, spendable balance context, forecasts, and monthly insight data for the connected user.

Transaction review

Scoped integrations can inspect or update transaction data only when the user has granted the required permission and the account has an eligible entitlement.

Assistant workflows

Granite can power finance assistant experiences that answer budgeting questions using the user's own Granite data rather than generic advice.

Public Discovery Endpoints

These endpoints are intended for agent and client discovery. They may return 404 when MCP exposure is disabled for an environment.

MCP configuration

Advertises Granite MCP server name, transport, endpoint, and OAuth discovery URLs when MCP exposure is enabled.

OAuth protected resource metadata

Identifies the Granite MCP protected resource and supported authorization server.

OAuth authorization server metadata

Publishes authorization, token, dynamic registration, PKCE, and scope metadata for compatible clients.