https://api.auo.com.au/mcp. Any MCP-compatible client (an AI agent, Claude,
a custom orchestration layer) can call AUO tools directly, using the same bearer token
as the REST API.
Key characteristics
- Same auth as REST. Pass your
auo_sk_test_orauo_sk_live_token in theAuthorizationheader when connecting. The test/live sandbox distinction works identically. - Stateless. Each request is independent. No session state is held between calls.
- Read-only by design. The MCP surface exposes exactly 6 tools, all read-oriented. No delete, roll, or update tools are available via MCP. Account scoping comes from the token, never a tool argument.
- Same core as REST. Each tool calls the same internal function as the corresponding REST endpoint. MCP and REST cannot produce different results for the same query.
The 6 tools
| Tool | What it does | REST equivalent |
|---|---|---|
resolve_entity | Resolve an ABN, ACN, or name to a canonical entity with enrichment and provenance | POST /v1/resolve |
screen_entity | Screen a name or identifier against sanctions and banned-persons registers | POST /v1/screen |
validate_abn | Check an ABN’s format and compute its check digit | GET /v1/validate/{abn} |
validate_acn | Check an ACN’s format and compute its check digit | GET /v1/validate/{acn} |
watch_entity | Create a watch subscription for an entity and return the signing secret | POST /v1/watch |
list_watches | List active watch subscriptions for the account | GET /v1/watch |
screen_entity keeps the possible-match-never-cleared posture: results are review,
no_match, or unavailable. Never pass or fail. “No match found” is not a
clearance. See Screening posture for the rationale.Connecting a client
Point your MCP client at the AUO endpoint with your bearer token. The exact configuration format depends on your client. The generic pattern:MCP client config (generic)
auo_sk_live_your_key_here with your actual key. Use auo_sk_test_... during
development to avoid consuming your live quota.
Connecting Claude
If you are using Claude as your agent and your client supports MCP server configuration, add the entry above to your MCP servers list. Claude will then have access to all 6 AUO tools and can resolve entities, run screening checks, and manage watches on your behalf.Tool authentication and scoping
Account scoping is handled entirely by the bearer token. There is no account ID parameter in any tool argument. When you calllist_watches, the response contains
only the subscriptions that belong to the account the token was issued for.
This means:
- A test token (
auo_sk_test_) sees synthetic fixtures only, across all 6 tools. - A live token (
auo_sk_live_) sees real data and counts against your plan allowance. - There is no way to access another account’s data via a tool argument.
Example: resolving an entity via MCP
Atools/call for resolve_entity with an ABN produces the same response shape as
POST /v1/resolve:
Tool call
source and as_of). See API reference: resolve
for the full response schema.
Next steps
Authentication
Bearer tokens, test vs live, and the key lifecycle.
API reference: resolve
Full request and response schema for entity resolution.
API reference: screen
Full request and response schema for watchlist screening.
Watch and webhooks
Create a watch subscription and receive signed webhook events.