Skip to main content
Enoki runs a remote MCP server so your own coding agent — Claude Code, Cursor, or any MCP-capable client — can drive the whole loop: register a target, run an assessment, read validated findings, and confirm a fix. This page connects your client and registers your first target.
Endpoint: https://mcp.enokilabs.ai/mcp (streamable HTTP).

Prerequisites

  • An Enoki workspace (you sign in at app.enokilabs.ai).
  • A workspace API key with the read and write scopes — and test:run if you want your agent to trigger assessments. See API keys & scopes for how to mint one (workspace admins only). Keys look like egk_… and are shown once.
The full setup flow needs both read and writewrite does not imply read. Mint the key with both (plus test:run to trigger runs). Keys end up in agent config files, so grant the least you need, never the all-scopes default.

Connect your client

Authenticate with your API key as a Bearer token. Pick your client:
One command — --scope user makes the server available in every project, not just the current one:
Verify with claude mcp list (or /mcp inside a session). The tools appear as mcp__enoki__get_setup_guide, mcp__enoki__create_target, and so on.

Register your first target

A “target” is one of your agent endpoints, registered so Enoki can test it. Your agent builds the connection config from your target’s own API docs — the server ships a get_setup_guide tool with the full, always-current field reference and worked examples, so start there.
1

Read the setup guide

Call get_setup_guide. It returns the config field reference (generated from the live schema, so it never drifts), the semantics the schema can’t express (response dot-paths, request-body templating, streaming modes, session capture), and worked examples for HTTP, SSE-streaming, and WebSocket endpoints.
2

Check for duplicates

Call list_targets before creating. Creates are not deduplicated: a matching name and endpoint_host in the same environment is the same target — reuse its model_id. If only one matches, ask before creating a second.
3

Create the target

Call create_target with the config you built. It is atomic prove-then-persist: Enoki fires one live probe and only saves the target if the probe succeeds. A failed probe saves nothing and returns a categorized error so you can fix and retry:
  • unreachable — DNS, connection, or timeout: check the endpoint URL.
  • auth_failed — the target refused authentication: check the auth type and credential.
  • parse_error — a reply arrived but the response field matched nothing: fix the dot-path.
Iterate by calling create_target again. There’s no update or delete over MCP — change stored targets in the dashboard. The response never echoes your config or credential.
4

Run an assessment

On success you get a model_id. Hand it to trigger_assessment to start a run, then poll get_assessment_status. Read results with list_findings and get_finding. See the MCP tool reference for the full surface.

What’s next

MCP tool reference

Every tool, its inputs and outputs, and the scope each requires.

Troubleshooting

Probe error categories, auth failures (401/403), and rate limits.