Usage

Security: To verify the container’s authenticity and inspect its SBOM, see the Attestation & Verification Guide.

What is MCP?

The Model Context Protocol (MCP) is an open protocol that standardizes how AI assistants communicate with data sources and tools. The Subnoto MCP Server implements this protocol to allow AI assistants like Claude Desktop and Cursor to interact with Subnoto’s signature services.

Supported AI Tools

Claude Desktop

Add to your Claude Desktop configuration (~/Library/Application Support/Claude/claude_desktop_config.json on macOS, %APPDATA%\Claude\claude_desktop_config.json on Windows):

{
    "mcpServers": {
        "subnoto": {
            "command": "docker",
            "args": [
                "run",
                "-i",
                "--rm",
                "-e",
                "MCP_TRANSPORT",
                "-e",
                "API_ACCESS_KEY",
                "-e",
                "API_SECRET_KEY",
                "subnoto/mcp-server:latest"
            ],
            "env": {
                "MCP_TRANSPORT": "stdio",
                "API_ACCESS_KEY": "your_access_key_here",
                "API_SECRET_KEY": "your_secret_key_here"
            }
        }
    }
}

Cursor IDE

Add to your Cursor MCP configuration (~/.cursor/mcp.json):

{
    "mcpServers": {
        "subnoto": {
            "command": "docker",
            "args": [
                "run",
                "-i",
                "--rm",
                "-e",
                "MCP_TRANSPORT",
                "-e",
                "API_ACCESS_KEY",
                "-e",
                "API_SECRET_KEY",
                "subnoto/mcp-server:latest"
            ],
            "env": {
                "MCP_TRANSPORT": "stdio",
                "API_ACCESS_KEY": "your_access_key_here",
                "API_SECRET_KEY": "your_secret_key_here"
            }
        }
    }
}

Using the Container

Stdio Transport (for AI Assistants)

The stdio transport is designed for integration with AI assistants like Claude Desktop and Cursor:

docker run -i --rm \
  -e MCP_TRANSPORT=stdio \
  -e API_ACCESS_KEY=your_access_key_here \
  -e API_SECRET_KEY=your_secret_key_here \
  subnoto/mcp-server:latest

Note: This mode is interactive and expects MCP protocol messages on stdin. It’s meant to be used by AI tools, not directly by users.

HTTP Transport (for Web Applications)

For web-based integrations, use the HTTP transport:

docker run -p 8080:8080 --rm \
  -e API_ACCESS_KEY=your_access_key_here \
  -e API_SECRET_KEY=your_secret_key_here \
  subnoto/mcp-server:latest

The MCP server will be available at http://localhost:8080/mcp.

Mac users (Apple Silicon): If you encounter connection issues, explicitly bind to localhost and specify the platform:

docker run --platform linux/amd64 -p 127.0.0.1:8080:8080 --rm \
  -e API_ACCESS_KEY=your_access_key_here \
  -e API_SECRET_KEY=your_secret_key_here \
  subnoto/mcp-server:latest

API Authentication

To use the MCP server, you need an access key and secret key. These credentials are provided when you create an API key in your Subnoto workspace.

Obtaining Credentials

1. Log into your Subnoto workspace at app.subnoto.com
2. Navigate to Settings → API Keys
3. Create a new API key
4. Save the ACCESS_KEY and SECRET_KEY securely

Available Tools

The MCP server automatically exposes all Subnoto public API endpoints as MCP tools. Common tools include:

Workspace Management

• workspace_list - List all workspaces
• utils_whoami - Get authenticated user information

Contact Management

• contact_list - List contacts in a workspace
• contact_get - Get a specific contact
• contact_create - Create new contacts
• contact_update - Update contact information
• contact_delete - Delete contacts

Template Management

• template_list - List available templates

Envelope Management

• envelope_create - Create a new envelope
• envelope_create-from-template - Create an envelope from a template
• envelope_get - Get envelope details
• envelope_add-recipients - Add recipients to an envelope
• envelope_delete-recipients - Remove recipients from an envelope
• envelope_send - Send an envelope to recipients
• envelope_get-document - Download a document from an envelope
• envelope_get-proof - Download the proof document for a completed envelope
• envelope_complete-document-upload - Complete the document upload process

Environment Variables

The MCP server supports the following environment variables:

Variable	Description	Default	Required
MCP_TRANSPORT	Transport mode: stdio or http	http	No
API_ACCESS_KEY	Subnoto API access key	-	Yes
API_SECRET_KEY	Subnoto API secret key	-	Yes
API_BASE_URL	Subnoto API base URL	https://enclave.subnoto.com	No
DISABLE_ATTESTATION	Disable attestation verification	false	No
ATTESTATION_PUBLIC_KEYS	Base64-encoded attestation public keys	-	No
OPENAPI_PATH	Path to OpenAPI schema	/app/public-openapi.json	No

Example Usage with AI Assistants

Once configured, you can interact with the MCP server through your AI assistant. For example, in Claude Desktop or Cursor:

User: “List all my signature templates”

AI Assistant: Uses the template_list tool to fetch templates

User: “Create an envelope from the NDA template for [email protected]”

AI Assistant: Uses envelope_create-from-template and envelope_add-recipients tools

User: “Send the envelope”

AI Assistant: Uses the envelope_send tool

Troubleshooting

Connection Issues

If the MCP server fails to connect:

1. Verify your API credentials are correct
2. Check that Docker is running
3. For HTTP transport, ensure port 8080 is not already in use
4. For Mac users with Apple Silicon, use the --platform linux/amd64 flag

Tool Discovery

To see all available tools in your AI assistant:

• Claude Desktop: Check the tools section in the interface
• Cursor: Tools are automatically available when using the @ mention feature

Logs

To see server logs, run the container without the --rm flag and use docker logs:

docker run -d --name mcp-server \
  -e MCP_TRANSPORT=stdio \
  -e API_ACCESS_KEY=your_access_key_here \
  -e API_SECRET_KEY=your_secret_key_here \
  subnoto/mcp-server:latest

docker logs -f mcp-server

Next Steps

• Explore the Helm Chart for Kubernetes deployment
• Learn about Attestation & Verification for security validation
• Visit the API documentation for detailed endpoint information