ScamVerify
Guides

MCP Integration

Connect AI assistants like Claude Desktop, Cursor, and ChatGPT to ScamVerify™ using the Model Context Protocol (MCP).

ScamVerify™ provides a native Model Context Protocol (MCP) server that lets AI assistants check phone numbers, URLs, text messages, and emails for scam indicators directly within your workflow.

What is MCP?

The Model Context Protocol is an open standard that connects AI assistants to external tools and data sources. Instead of copying data between your AI assistant and the ScamVerify™ website, MCP lets the assistant call ScamVerify™ tools directly.

Available Tools

The MCP server exposes 8 tools that mirror the REST API:

ToolDescription
check_phoneLook up a phone number for scam indicators
check_urlCheck a website or URL for threats
check_textAnalyze a text/SMS message for scam patterns
check_emailAnalyze an email for phishing indicators
batch_phoneCheck up to 100 phone numbers in one call
batch_urlCheck up to 100 URLs in one call
get_usageView your current quota and usage
get_statusCheck ScamVerify™ API operational status

Each tool call counts against your monthly quota, just like a REST API call. Use get_usage to monitor your remaining allowance.

Authentication

The MCP server supports two authentication methods:

  1. API Keys (sv_live_ / sv_test_) - Use your existing B2B API key. Simplest option.
  2. OAuth 2.1 - For MCP clients that support the OAuth flow (automatic in Claude Desktop, Cursor, etc.). See OAuth Flow for details.

Connecting Claude Desktop

Open your Claude Desktop config

Open the MCP configuration file:

  • macOS: ~/Library/Application Support/Claude/claude_desktop_config.json
  • Windows: %APPDATA%\Claude\claude_desktop_config.json

Add the ScamVerify™ server

Add the following to the mcpServers section. Replace YOUR_API_KEY with your ScamVerify™ API key from Settings > API:

{
  "mcpServers": {
    "scamverify": {
      "url": "https://scamverify.ai/api/mcp",
      "headers": {
        "Authorization": "Bearer YOUR_API_KEY"
      }
    }
  }
}

Restart Claude Desktop

Close and reopen Claude Desktop. You should see ScamVerify™ tools available in the tools menu.

Try a lookup

Ask Claude something like:

"Check if this phone number is a scam: +12025551234"

Claude will call the check_phone tool and return the risk assessment.

Connecting Cursor

Open Cursor Settings

Go to Cursor Settings > MCP or open .cursor/mcp.json in your project root.

Add the ScamVerify™ server

{
  "mcpServers": {
    "scamverify": {
      "url": "https://scamverify.ai/api/mcp",
      "headers": {
        "Authorization": "Bearer YOUR_API_KEY"
      }
    }
  }
}

Use the tools

Ask Cursor to check a URL or phone number and it will use the ScamVerify™ MCP tools.

Connecting with OAuth (No API Key)

MCP clients that support OAuth 2.1 can authenticate without a pre-configured API key. The client handles the OAuth flow automatically:

  1. The client discovers endpoints via /.well-known/oauth-authorization-server
  2. You sign in with your ScamVerify™ account (Google or email)
  3. You approve the requested permissions
  4. The client receives tokens and makes authenticated tool calls

To use OAuth, configure the server URL without headers:

{
  "mcpServers": {
    "scamverify": {
      "url": "https://scamverify.ai/api/mcp"
    }
  }
}

The MCP client will prompt you to authenticate when you first use a tool.

OAuth authentication creates a free-tier account automatically if you do not have a B2B API subscription. You can upgrade anytime at scamverify.ai/pricing.

Using with ChatGPT

ChatGPT supports MCP servers through custom GPT Actions. To connect:

  1. Register an OAuth client at https://scamverify.ai/api/oauth/register
  2. Configure the Action with the authorization and token endpoints from /.well-known/oauth-authorization-server
  3. Set the API endpoint to https://scamverify.ai/api/mcp

See OAuth Flow for the complete endpoint reference.

Server Endpoint

URLhttps://scamverify.ai/api/mcp
TransportStreamable HTTP (stateless)
MethodsPOST (MCP requests), OPTIONS (CORS preflight), DELETE (session cleanup)
CORSEnabled for all origins

Rate Limits and Quotas

MCP tool calls share the same rate limits and quotas as the REST API. See Rate Limits and Quotas for details.

Troubleshooting

401 Unauthorized

The server returns a 401 with a WWW-Authenticate header pointing to the OAuth discovery endpoint. Verify your API key is correct and not revoked, or complete the OAuth flow.

Tools not appearing

Restart your MCP client after configuration changes. Check that the server URL is exactly https://scamverify.ai/api/mcp.

Quota exhausted

Use get_usage to check your remaining quota. Upgrade your plan at scamverify.ai/pricing or purchase top-ups in Settings.

Webhooks

Real-time notifications for threat intelligence updates from ScamVerify™ (coming soon).

OAuth Flow

Authenticate with the ScamVerify™ MCP server and API using OAuth 2.1 with PKCE.

On this page

What is MCP?Available ToolsAuthenticationConnecting Claude DesktopOpen your Claude Desktop configAdd the ScamVerify™ serverRestart Claude DesktopTry a lookupConnecting CursorOpen Cursor SettingsAdd the ScamVerify™ serverUse the toolsConnecting with OAuth (No API Key)Using with ChatGPTServer EndpointRate Limits and QuotasTroubleshooting401 UnauthorizedTools not appearingQuota exhausted