Carbon
Open Carbon

MCP

Model Context Protocol

Carbon runs an MCP server, so AI clients — Claude Code, Claude Desktop, Cursor, ChatGPT — can read and write your manufacturing data in plain language.

The server lives at https://app.carbon.ms/api/mcp. Connect it one of two ways, depending on your client.

Connect

Connector clients — Claude.ai, Claude Desktop, ChatGPT — add the URL and authorize in your browser. No key needed.

Command & key clients — Claude Code, Cursor, VS Code, Codex — paste a snippet carrying a scoped API key.

Terminal · Claude Code
claude mcp add --transport http carbon \
  https://app.carbon.ms/api/mcp \
  --header "Authorization: Bearer <api-key>"
.cursor/mcp.json
{
  "mcpServers": {
    "carbon": {
      "url": "https://app.carbon.ms/api/mcp",
      "headers": { "Authorization": "Bearer <api-key>" }
    }
  }
}

What you can ask

Once connected, ask in natural language:

  • Show all open sales orders due to ship this week.
  • Which purchase orders are past their promised receipt date?
  • What's the on-hand quantity and reorder point for a part across locations?
  • Draft a quote for a customer for 200 aluminum housings.
  • List every job behind schedule and who's assigned.

Next: Authentication for the auth flows, and Tools for how the assistant finds what it needs.

FAQ

Read and write across every module the identity can reach — query orders and inventory, create jobs, draft quotes, update statuses. It acts as that user, so it can only touch what you've granted.

Not for connector clients — Claude.ai, Claude Desktop, and ChatGPT add the URL and authorize in your browser. Keys are for command and config clients (Claude Code, Cursor, VS Code, Codex) and any headless or CI use.

Yes — there's no way around them. A connector inherits the role and company of whoever authorized it; a key carries its own scopes. The assistant can never do what that identity can't.

Yes. Scope a key to only the modules and actions it needs — View with no Create, Update, or Delete makes it read-only. Use a separate key per client so you can re-scope or revoke one without touching the rest.

Carbon doesn't send it anywhere new — your MCP client does, to whatever model provider it runs on, under that provider's terms. Scope keys tightly and prefer a read-only key when you only need to read.

On Carbon Cloud, API and MCP access is a Business-plan feature — Starter keys are rejected with 403. Self-hosted instances aren't gated.

Each key has its own limit and window, set in Settings → API Keys. Go over it and calls return 429 with X-RateLimit-* headers telling the client when to retry.

Key clients: the key is missing, malformed, expired, or deleted — recreate it in Settings → API Keys and update the Authorization header. Connector clients: re-authorize the connection from your client.

The identity is authenticated but lacks the module permission for that action — or, on Cloud, the company is on the Starter plan. Grant the scope, or switch to a key that has it.

Each key in Settings → API Keys shows its scopes, rate limit, expiry, and who created it. Delete a key to revoke it instantly; nothing else breaks if you key each client separately.