Protocol & JSON-RPC
ONCE MCP uses JSON-RPC 2.0 over HTTP. All requests go to POST /api/mcp.
Authentication
Most operations require an access token. Provide it via:
Authorization: Bearer <token>header, oraccess_tokenargument in tool calls
Get a token with auth_login or POST /api/mcp/auth/login.
Initialize
Optional handshake to get server info and protocol version:
{
"jsonrpc": "2.0",
"id": 1,
"method": "initialize"
}List Tools
{
"jsonrpc": "2.0",
"id": 2,
"method": "tools/list"
}Call a Tool
{
"jsonrpc": "2.0",
"id": 3,
"method": "tools/call",
"params": {
"name": "get_release_schema",
"arguments": {
"access_token": "<token>"
}
}
}Response format:
{
"jsonrpc": "2.0",
"id": 3,
"result": {
"content": [
{
"type": "text",
"text": "{\"release\":{\"required\":[\"title\"],\"notes\":[\"...\"]}}"
}
]
}
}List Resources
{
"jsonrpc": "2.0",
"id": 4,
"method": "resources/list",
"params": {
"access_token": "<token>"
}
}Read a Resource
{
"jsonrpc": "2.0",
"id": 5,
"method": "resources/read",
"params": {
"access_token": "<token>",
"uri": "mcp://schemas/release-required"
}
}Notifications
Omit id to send a notification. The server responds with HTTP 204 No Content.
Error Format
{
"jsonrpc": "2.0",
"id": 10,
"error": {
"code": -32602,
"message": "Missing uri",
"data": null
}
}Capabilities
| Feature | Status |
|---|---|
| Tools | List, call |
| Resources | List, read |
| Prompts | Not implemented |
| Subscriptions | Not implemented |