Developer Overview
An introduction to the Arkanis public token surface. The REST API is GA for Pro guilds. The MCP server is in Pro Labs early access and works with any MCP-compatible client (Claude Desktop, Claude Code, Cursor, Zed, Continue, Cline, Windsurf, Sourcegraph Cody, Goose, and others).
What is this?
Arkanis exposes one token model with two consumers. The REST API atapi.arkanis.ggis for scripts, CI jobs, and server-to-server integrations. The MCP server is a local process that wires the same capabilities into any MCP-compatible client (Claude Desktop, Claude Code, Cursor, Zed, Continue, Cline, Windsurf, Cody, Goose).
Why you might want it
Read this page first to pick the right surface for what you're building. Tokens are scoped to a single guild, inherit the issuer's capabilities at issue time, and respect every dashboard-side guard including the destructive re-auth window. Free guilds can read the docs; issuing and pairing tokens are Pro features.
What Is the Public Token Surface?
The public token surface is how external code talks to Arkanis. It covers two consumers built on the same token model and the same capability checks. The REST API targets scripts, integrations, and CI jobs. The MCP server targets natural-language clients — Claude Desktop and Claude Code are the two we actively test against, but the server speaks the open Model Context Protocol over stdio, so any MCP-compatible client (Cursor, Zed, Continue, Cline, Windsurf, Sourcegraph Cody, Goose, and others) can connect.
Both surfaces enforce the same rules. Tokens are scoped to a single guild, inherit the issuer's capabilities at issue time, and respect every server-side guard the dashboard respects. Destructive actions require a separately approved re-auth window before they will run.
Availability
The REST API is generally available for all Pro guilds. The MCP server is in Pro Labs early access, opt-in per guild from the admin settings panel.
FEATURE_NOT_ENABLED for unentitled guilds, and the MCP pair flow refuses to complete.REST vs MCP
Both surfaces wrap the same underlying capabilities. Pick the one that matches the consumer.
| Aspect | REST API | MCP Server |
|---|---|---|
| Audience | Scripts, integrations, CI jobs | Any MCP client (Claude Desktop, Claude Code, Cursor, Zed, Continue, Cline, Windsurf, Cody, Goose, ...) |
| Transport | HTTPS at api.arkanis.gg | Local arkanis-mcp process over stdio |
| Surface size | 28 endpoints (15 read, 6 reversible write, 8 destructive) | 29 tools mapped onto the same endpoints plus pairing helpers |
| Auth | Authorization: Bearer arkpat_... | Token stored by arkanis-mcp pair, sent on every tool call |
| Best for | Deterministic automation, server-to-server flows | Ad-hoc questions, exploratory queries, conversational ops |
Where to Next
Pick the entry point that matches what you're building.
- Authentication covers token scopes, capability inheritance, expiry, rotation, and revocation.
- REST Quickstart is a five-minute curl walkthrough from token creation through a destructive call.
- MCP Quickstart installs the MCP server, runs the pair flow, and wires your MCP client of choice. Claude Desktop and Claude Code are the worked examples; the same server works with Cursor, Zed, Continue, Cline, Windsurf, Cody, Goose, and any other MCP-compatible client.
- Rate Limits and Errors documents the error envelope and every error code clients should handle.
- Destructive Actions lists every destructive operation, its trigger condition, and the sentinel template.
- API Reference links out to the Redocly-hosted OpenAPI 3.1 viewer for the full REST surface.