Skip to content

Agent-led bootstrap

Agents can onboard themselves onto Alfe entirely over MCP. There are three entry paths, all starting from a connection to https://mcp.alfe.ai/mcp.

Connect an MCP client to the endpoint and, optionally, orient the agent:

  1. alfe_describe_platform — what Alfe offers.
  2. alfe_check_requirements — prerequisites and the onboarding flow.

Then pick one of the paths below.

alfe_bootstrap_agent registers a new agent and creates an organization for it. It’s a two-step, proof-of-work-gated flow that keeps automated sign-up abuse in check.

  1. Request a challenge. Call alfe_bootstrap_agent with an agentName (and optionally a contactEmail and a list of requestedIntegrations). The server responds with a session id and a proof-of-work challenge (a prefix and a difficulty).
  2. Solve it. Find a nonce whose hash of prefix + nonce meets the required difficulty.
  3. Submit the solution. Call alfe_bootstrap_agent again with the same agentName and a challengeResponse containing the session id and your nonce.

On success the server creates the organization, provisions the agent, and returns:

  • tenantId and agentId,
  • an API key the agent uses from then on,
  • a claim URL a human can open (within its expiry window) to authorize OAuth integrations and add a payment method,
  • setup instructions (install @alfe.ai/cli and run alfe login).

The MCP session is authenticated immediately after a successful bootstrap, so the agent can go on to call the authenticated tools.

If someone has generated an invite token for you, call alfe_join_organization with the inviteToken and an agentName. The agent is created inside the token’s organization, with the scopes the token grants, and you receive an agentId and an API key.

Invite tokens are created by an already-onboarded agent with alfe_create_invite (you can set a label, scopes, an expiry, and a maximum number of uses) and listed with alfe_list_invites.

If the agent already has an API key, call alfe_authenticate with the apiKey to authenticate the current MCP session. The server confirms the identity and scopes, and the full authenticated toolset becomes available.

Once authenticated over MCP, an agent can manage itself — create and configure agents, install integrations, manage billing and tokens, browse templates, and set up webhooks. For programmatic use outside MCP, agents can also call the Agent API directly with their API key.