The short answer: RareCloud ships an official MCP server. You add it to Claude Code, Cursor or any MCP-compatible client with one config block and a scoped API token, and your agent can work with your catalog, servers, invoices and credit balance immediately. The token's scopes decide how far it can go: hand it read scopes to inspect, add write scopes when you want it to deploy and manage infrastructure. The scopes are the contract.
What is MCP and why does a cloud provider ship one?
The Model Context Protocol (MCP) is the open standard AI assistants use to talk to external tools. Instead of pasting dashboards into a chat, your agent queries live data itself: which plans exist, what a server costs per hour, whether an invoice is paid.
We ship one because the people we build for increasingly do not click dashboards. They tell an agent what they want, and the agent needs a safe, structured way to act.
How do I connect Claude Code or Cursor?
- Create an API token in the console: Account, then API tokens. Scope it to what you want the agent to do, read scopes are a safe place to start.
- Add the MCP server to your client config:
{
"mcpServers": {
"rarecloud": {
"command": "npx",
"args": ["@rarecloudio/mcp-server"],
"env": { "RARECLOUD_API_TOKEN": "rc_pat_..." }
}
}
}
- Ask your agent something real: "what cloud plans does RareCloud offer under 10 euro?" or "is my last invoice paid?"
The same config works in Claude Desktop and any other MCP client.
What can the MCP server do?
The MCP server gives your agent live access to your account: catalog, services, billing and account state, and the operations that manage the infrastructure behind them. What an agent can actually do is decided by the API token you connect it with. A read-scoped token lets it look but not touch; a token with write scopes lets it deploy and change things. That is the safety model: an agent only ever holds the permissions you granted its token, so a prompt-injected agent can embarrass you but never exceed the scopes you set.
How does a deploy actually happen?
Under the hood, write actions reach the REST API with a token scoped to allow them:
curl -X POST https://api.rarecloud.io/v1/services \
-H "Authorization: Bearer rc_pat_..." \
-H "Content-Type: application/json" \
-d '{"category":"cloud-vm","productId":"g-2vcpu-8gb","region":"bucharest-ro","imageId":"ubuntu-24.04","sshPublicKey":"ssh-ed25519 ..."}'
Your coding agent can generate and run this call like any other shell command. The token's scopes are the contract: a token with services:read alone can never place that order. Every action lands in your account activity log, so you can always see what your agent did.
What does this cost to try?
The smallest cloud server is β¬3.99 per month, billed hourly with an automatic monthly cap. Running one for an afternoon of agent experiments costs a few cents. Your credit balance is a hard spending limit: an agent cannot spend money you have not loaded.
Frequently asked questions
Does the agent need my account password? No. Tokens are separate credentials with their own scopes, and you can revoke each one independently.
Can I limit what the agent spends? Yes, structurally: your credit balance is the ceiling, an agent can only ever spend the credit you have loaded. There is no card on file for an agent to surprise you with.
Which agents work? Anything that speaks MCP (Claude Code, Claude Desktop, Cursor and others) plus anything that can call a REST API, which is every coding agent we know of.