Agentic Bank Documentation
Everything you need to give your AI agents financial capabilities. Connect through MCP, set spending policies, and let your agents transact safely.
Choose your path
Individual users
Connect Agentic Bank to your AI client like Claude or ChatGPT. Authenticate via OAuth and start transacting in minutes.
Get startedEnterprise developers
Build AI agents that transact programmatically. Integrate via SDK, manage agents via API, and handle webhooks for real-time events.
Get startedHow it works
Agentic Bank provides isolated bank accounts and virtual cards for AI agents, controlled by enterprise spending policies. Agents connect via MCP (Model Context Protocol) and call tools to check balances, send payments, and manage transactions.
Create an agent in the portal
Each agent gets its own bank account, virtual card, and credentials. Configure spending limits, vendor rules, and approval thresholds.
Connect via MCP
Point your MCP client or SDK at mcp.agenticbank.io and authenticate. Works with Claude, ChatGPT, OpenAI Agents SDK, and any client that supports the remote MCP spec.
Agents transact safely
Your agents call tools like send_payment and get_balance. Every transaction is evaluated against policies and logged to the audit trail.
Quick start
Connect Agentic Bank to your AI client and make your first payment in under 5 minutes.
Prerequisites
- An Agentic Bank account (sign up here)
- An AI client that supports MCP (Claude, ChatGPT, etc.)
- At least one agent created in the portal with funds allocated
1. Add the MCP server to your client
For Claude Desktop, open your config file and add:
{
"mcpServers": {
"agenticbank": {
"command": "npx",
"args": ["-y", "mcp-remote", "https://mcp.agenticbank.io/mcp"]
}
}
}On first connection, a browser window will open for you to log in and select your agent. See setup by client for other clients.
2. Verify the connection
Ask your AI client to check your balance:
get_balance(){
"available": 5000.00,
"pending": 0.00,
"currency": "USD"
}3. Make a test payment
send_payment({
recipient_id: "rcp_test_sandbox",
amount: 1.00,
currency: "USD",
reason: "Test payment"
}){
"transaction_id": "txn_abc123",
"status": "executed",
"amount": 1.00
}Setup by client
The Agentic Bank MCP server is hosted remotely. No packages to install. Just point your client at the server URL and authenticate.
Server endpoints
# Streamable HTTP (recommended) https://mcp.agenticbank.io/mcp # Server-Sent Events https://mcp.agenticbank.io/sse
Claude (Team, Enterprise on claude.ai)
- Navigate to Settings in the sidebar
- Scroll to Integrations and click Add more
- Enter: name
Agentic Bank, URLhttps://mcp.agenticbank.io/mcp - Enable the tools in any new chats
Claude (Free, Pro on desktop)
{
"mcpServers": {
"agenticbank": {
"command": "npx",
"args": ["-y", "mcp-remote", "https://mcp.agenticbank.io/mcp"]
}
}
}Claude Code
claude mcp add --transport http agenticbank https://mcp.agenticbank.io/mcp
Cursor
// .cursor/mcp.json
{
"mcpServers": {
"agenticbank": {
"url": "https://mcp.agenticbank.io/mcp"
}
}
}Windsurf
// ~/.codeium/windsurf/mcp_config.json
{
"mcpServers": {
"agenticbank": {
"serverUrl": "https://mcp.agenticbank.io/sse"
}
}
}Other clients
Any MCP client that supports the remote spec can connect directly. For clients that only support local servers, use the mcp-remote bridge:
npx mcp-remote https://mcp.agenticbank.io/mcp
Authentication
Authentication happens automatically when you connect. The server uses OAuth 2.1 with dynamic client registration.
- Your MCP client initiates a connection to
mcp.agenticbank.io - A browser window opens for you to log in with your Agentic Bank account
- You select which agent to connect
- The session is established and tools are loaded based on the agent's permissions
Sessions are scoped to a single agent. To use multiple agents, create separate MCP server entries in your client config, each pointing to the same URL. You'll select a different agent during each OAuth flow.
Quick start
Integrate Agentic Bank into your own AI agents programmatically. This guide walks through connecting a Python agent that can issue customer refunds.
Prerequisites
- An Agentic Bank account with API access enabled
- An agent API token (generated in the portal under Agent Settings)
- Python 3.10+ or Node.js 18+
1. Install the SDK
# Python pip install agenticbank # Node.js npm install @agenticbank/sdk
2. Initialize the client
from agenticbank import AgenticBank
client = AgenticBank(
api_token="ab_live_your_token_here",
environment="sandbox" # or "production"
)
# Check balance
balance = client.get_balance()
print(f"Available: ${balance.available}")3. Send a payment
result = client.send_payment(
recipient_id="rcp_customer_4821",
amount=29.99,
reason="Refund for order #4821 - defective item",
idempotency_key="refund_4821_001"
)
if result.status == "executed":
print(f"Refund sent: {result.transaction_id}")
elif result.status == "pending_approval":
print(f"Needs approval: {result.transaction_id}")4. Wire it into your agent
from agenticbank import AgenticBank
from openai import OpenAI
bank = AgenticBank(api_token="ab_live_...")
openai = OpenAI()
def handle_refund(customer_id, amount, reason):
# Check if this payment would be allowed
check = bank.check_policy(amount=amount)
if not check.allowed:
return f"Cannot process: {check.reason}"
# Execute the refund
result = bank.send_payment(
recipient_id=customer_id,
amount=amount,
reason=reason,
idempotency_key=f"refund_{customer_id}"
)
return f"Refund {result.status}: {result.transaction_id}"API tokens
For programmatic access, each agent gets a unique API token. Tokens are generated in the portal and carry the same permission scoping as OAuth sessions.
Token format
Tokens are prefixed by environment and are 64 characters long:
# Production ab_live_k7x9m2p4q8r1s5t3u6v0w2y4z7a9b1c3d5e8f0g2h4j6 # Sandbox ab_test_n3p5r7t9v1x3z5b7d9f1h3j5l7n9p1r3t5v7x9z1b3d5
Using tokens
Pass the token when initializing the SDK, or include it as a Bearer token in direct HTTP requests:
curl https://mcp.agenticbank.io/mcp \ -H "Authorization: Bearer ab_live_your_token_here"
Lifecycle
- Generation: Created in the portal. Displayed once and never stored in plaintext.
- Rotation: Regenerate at any time. The old token is revoked immediately.
- Revocation: Deactivating an agent revokes its token and disconnects all sessions.
SDK integration
Official SDKs wrap the MCP server and provide typed, idiomatic interfaces for Python and TypeScript.
Python
from agenticbank import AgenticBank
client = AgenticBank(
api_token=os.environ["AGENTICBANK_API_TOKEN"],
environment="production"
)
# All tools are available as methods
balance = client.get_balance()
txns = client.get_transactions(limit=10, status="settled")
check = client.check_policy(amount=500)
payment = client.send_payment(
recipient_id="rcp_vendor_aws",
amount=8420.00,
reason="Monthly AWS invoice"
)TypeScript / Node.js
import { AgenticBank } from '@agenticbank/sdk';
const client = new AgenticBank({
apiToken: process.env.AGENTICBANK_API_TOKEN,
environment: 'production'
});
const balance = await client.getBalance();
const payment = await client.sendPayment({
recipientId: 'rcp_vendor_aws',
amount: 8420.00,
reason: 'Monthly AWS invoice',
idempotencyKey: 'aws_feb_2026'
});OpenAI Agents SDK
from agents import Agent
from agents.mcp import MCPServerHTTP
agenticbank = MCPServerHTTP(
url="https://mcp.agenticbank.io/mcp",
headers={"Authorization": f"Bearer {token}"}
)
agent = Agent(
name="CS Refund Agent",
mcp_servers=[agenticbank]
)Webhooks
Receive real-time notifications when transactions settle, approvals are needed, or policies are triggered. Configure webhook URLs in the portal under Settings.
Webhook events
| Event | Trigger |
|---|---|
| transaction.executed | Payment was successfully initiated |
| transaction.settled | Payment has settled with the bank |
| transaction.failed | Payment failed after initiation |
| transaction.rejected | Payment was denied by the policy engine |
| approval.requested | A transaction requires human approval |
| approval.decided | An approval was approved or rejected |
| agent.budget_warning | Agent approaching budget limit (80%, 90%, 100%) |
| agent.anomaly | Unusual spending pattern detected |
Webhook payload
{
"event": "transaction.settled",
"timestamp": "2026-02-18T14:30:00Z",
"data": {
"transaction_id": "txn_abc123",
"agent_id": "agt_cs_refund",
"amount": 29.99,
"status": "settled",
"recipient": "Customer #4821"
}
}Verifying signatures
Every webhook includes an X-AgenticBank-Signature header. Verify it using HMAC-SHA256 with your webhook secret:
import hmac, hashlib
def verify_webhook(payload, signature, secret):
expected = hmac.new(
secret.encode(), payload, hashlib.sha256
).hexdigest()
return hmac.compare_digest(expected, signature)Managing agents programmatically
Use the Management API to create, configure, and monitor agents without the portal. This is useful for auto-provisioning agents in CI/CD pipelines or building custom dashboards.
Create an agent
from agenticbank.admin import AdminClient
admin = AdminClient(api_key=os.environ["AGENTICBANK_ADMIN_KEY"])
agent = admin.agents.create(
name="CS Refund Agent",
department="Customer Service",
permissions=["read", "policy_check", "payments"],
policy_id="pol_cs_standard"
)
print(f"Agent ID: {agent.id}")
print(f"API Token: {agent.api_token}") # shown onceFund an agent
admin.agents.fund(
agent_id="agt_cs_refund",
amount=10000.00 # from master account
)Update policies
admin.policies.update("pol_cs_standard", rules={
"max_per_transaction": 500,
"max_daily": 5000,
"auto_approve_under": 100,
"vendor_blocklist": ["gambling.com"]
})List agent activity
txns = admin.agents.transactions(
agent_id="agt_cs_refund",
status="settled",
date_from="2026-02-01"
)
for txn in txns:
print(f"{txn.created_at} | ${txn.amount} | {txn.recipient}")Tools Reference
The full set of tools available through the Agentic Bank MCP server. After authentication, the server dynamically returns only the tools the connected agent is permitted to use based on its permission level. Every tool call is evaluated against the agent's spending policies and logged to the audit trail.
get_balance
readReturns the agent's current account balance, including available funds and pending transactions.
Parameters
No parameters required.
Response
{
"available": 5000.00,
"pending": 120.00,
"currency": "USD"
}| Field | Type | Description |
|---|---|---|
| available | number | Funds available for immediate use |
| pending | number | Funds held for pending transactions |
| currency | string | ISO 4217 currency code |
send_payment
paymentsInitiates a payment to a registered recipient. Evaluated against policies before execution. Payments above the auto-approve threshold are held for human approval.
Parameters
| Parameter | Type | Description |
|---|---|---|
| recipient_idrequired | string | ID of the registered recipient |
| amountrequired | number | Payment amount in the account currency |
| currencyoptional | string | ISO currency code (defaults to account currency) |
| reasonrequired | string | Business justification (logged to audit trail) |
| idempotency_keyoptional | string | Unique key to prevent duplicate payments on retry |
Response
{
"transaction_id": "txn_abc123",
"status": "executed",
"amount": 250.00
}get_transactions
readLists the agent's recent transactions with optional filtering by status, date range, and pagination.
Parameters
| Parameter | Type | Description |
|---|---|---|
| limitoptional | integer | Number of transactions to return (default: 20, max: 100) |
| offsetoptional | integer | Number to skip for pagination |
| statusoptional | string | Filter: executed, pending, settled, rejected |
| date_fromoptional | string | ISO 8601 start date (inclusive) |
| date_tooptional | string | ISO 8601 end date (inclusive) |
Response
{
"transactions": [
{
"id": "txn_abc123",
"type": "ach_transfer",
"amount": 250.00,
"recipient": "AWS",
"status": "settled",
"created_at": "2026-02-18T14:30:00Z"
}
],
"total_count": 47
}check_policy
policy_checkPre-checks whether a proposed transaction would be allowed under the agent's current policies. Does not execute any payment. Use before send_payment to avoid unnecessary rejections.
Parameters
| Parameter | Type | Description |
|---|---|---|
| amountrequired | number | Proposed transaction amount |
| recipient_idoptional | string | Recipient to check against vendor whitelist/blocklist |
| categoryoptional | string | Merchant category to check against blocked categories |
Response
{
"allowed": true,
"requires_approval": false,
"reason": "Transaction within auto-approve threshold"
}request_approval
paymentsEscalates a pending transaction to the human approval queue. The designated approver is notified via portal, email, and Slack.
Parameters
| Parameter | Type | Description |
|---|---|---|
| transaction_idrequired | string | ID of the pending transaction to escalate |
| reasonrequired | string | Business context for the approver |
Response
{
"approval_id": "apr_xyz789",
"status": "pending",
"approver": "jane@company.com"
}get_card_details
readReturns the agent's virtual card information and current spend totals.
Parameters
No parameters required.
Response
{
"card_id": "card_def456",
"last_four": "4289",
"status": "active",
"spend_today": 340.00,
"spend_month": 12850.00
}Permissions
After authentication, the MCP server calls list_tools and returns only the tools the connected agent is authorized to use. Permissions are configured per agent in the portal and follow an additive hierarchy.
| Permission | Tools granted | Typical use case |
|---|---|---|
| read | get_balance, get_transactions, get_card_details | Monitoring agents, dashboards, reporting |
| policy_check | All read tools + check_policy | Agents that validate before requesting human action |
| payments | All above + send_payment, request_approval | Refund agents, procurement agents, payment automation |
If an agent's permissions change while connected, the updated tool list is pushed to the client automatically via MCP notifications. The agent does not need to reconnect.
read. A refund agent needs payments.Rate limits
Rate limits protect the platform from runaway agents and ensure fair usage. Limits are enforced per agent and per organization using sliding window counters.
| Scope | Limit | Window |
|---|---|---|
| Per agent | 60 requests | 1 minute |
| Per agent | 1,000 requests | 1 hour |
| Per organization | 10,000 requests | 1 hour |
When exceeded, the server returns a rate_limit_exceeded error with a retry_after field indicating how many seconds to wait.
Errors
All errors follow a consistent format with a machine-readable code and human-readable message.
{
"error": {
"code": "policy_violation",
"message": "Transaction exceeds daily spending limit of $5,000",
"details": {
"limit": 5000.00,
"current_daily_spend": 4800.00,
"requested_amount": 500.00
}
}
}Error codes
| Code | Description |
|---|---|
| invalid_token | API token is missing, malformed, or revoked |
| agent_inactive | Agent has been paused or deactivated |
| policy_violation | Transaction denied by the policy engine |
| insufficient_funds | Agent's account balance is too low |
| recipient_not_found | Specified recipient ID does not exist |
| duplicate_request | Transaction with this idempotency key already exists |
| rate_limit_exceeded | Too many requests; retry after the specified delay |
| permission_denied | Agent does not have the required permission for this tool |
| approval_timeout | Approval request expired without a decision |
| internal_error | Unexpected server error; contact support |