Corbado MCP for AI. Manage identity, users, and access from your agent.

Q: How do I list all users in Corbado using this MCP?

You use the listusers tool. This retrieves every user profile within your project, giving you a complete roster of accounts to audit.

Q: Can I force a user out of their session with Corbado?

Yes, running revokesession is how you instantly terminate any active connection. This is critical for security audits and incident response.

Q: What is the difference between createuser and initsignup in Corbado?

createuser makes a user account programmatically, bypassing an actual sign-up flow. initsignup starts the natural process that guides a new person through registration.

Q: How does Corbado handle passkeys with this MCP?

You manage them in multiple steps: starting the append (startpasskeyappend), then calling finishpasskeyappend to secure the new key.

Q: If I change a user's email, do I use Corbado MCP?

Yes, you update it using the updateidentifier tool. This ensures the system records the change correctly and keeps your identifiers current.

Claude

ChatGPT

Cursor

Gemini

Windsurf

VS Code

JetBrains

Vercel

See Vinkius in Action

Works with every AI agent you already use

…and any MCP-compatible client

How this MCP server connects to your AI agent

Corbado manages your entire user lifecycle and authentication processes through this MCP. It lets you programmatically create users, manage login identifiers like emails and phones, handle complex passkey logins, and audit active sessions directly from your AI agent.

What AI agents can do with Corbado Automation

Complete auth process

Finalizes a multi-step authentication sequence after initial setup.

Create connect token

Generates a new token needed to establish connectivity for the user.

Create identifier

Adds a new login method, such as an email address or phone number, to an account.

+ 40 more capabilities included

Manage User Accounts

Create, retrieve details on, update, and delete entire user profiles.

Control Login Identifiers

Add, remove, or list all associated emails, phone numbers, and usernames for any account.

Handle Passkey Authentication

Initiate and finalize the process of adding new passkeys or logging in using biometrics.

Audit and Revoke Access

List all currently active sessions and instantly kill access for security purposes.

Execute Complex Auth Flows

Initiate specific, multi-step authentication processes like SSO or standard Connect logins.

Ask an AI about this

Included with Plan

Waiting for input…

AI Agent

What AI agents can do with Corbado: 30 Tools for Identity Management

These tools allow your AI agent to perform every action related to user management, authentication flows, and access control within the Corbado system.

Make your AI actually useful.

Add this MCP to Claude, Cursor, or Windsurf and your AI stops guessing. It gets real tools to look things up, take action, and handle the stuff you keep doing by hand.

Start using Corbado on Vinkius

Complete Auth Process

Finalizes a multi-step authentication sequence after initial setup.

Create Connect Token

Generates a new token needed to establish connectivity for the user.

Create Identifier

Adds a new login method, such as an email address or phone number, to an account.

Create User

Creates a brand new user profile in the system.

Delete Connect Token

Removes an existing connection token associated with a user.

Delete Identifier

Permanently removes a specific login method (like an email) from a user's profile.

Delete Me

Logs out and deletes the current user's session data for cleanup.

Delete User

Deletes an entire user account from the system.

Finish Connect Login

Completes the connection login process after starting it with your agent.

Finish Identifier Verify

Confirms and activates a newly added user identifier after verification is complete.

Finish Passkey Append

Finalizes the process of adding a new passkey to an account.

Finish Passkey Login

Completes the secure login flow using a biometrically verified passkey.

Finish Sso

Finalizes Single Sign-On (SAML2) authentication after redirection.

Get Apple App Site Association

Retrieves the required file data for Apple's App Site Association verification.

Get Assetlinks

Fetches asset links, confirming your app ownership to Google Play services.

Get Auth Process

Retrieves the current status and necessary steps for an ongoing authentication...

Get Jwks

Fetches the JSON Web Key Set (JWKS) used for verifying security tokens.

Get Me

Retrieves and displays the current user's profile details.

Get User

Fetches specific, detailed information about any existing user by ID.

Init Auth Process

Starts a general authentication process when a user attempts to log in.

Init Connect Login

Initiates the initial connection login sequence for a user.

Init Login

Starts a standard, general login flow for the current user.

Init Signup

Begins the process of creating and registering a new user account.

List Connect Passkeys

Shows all passkeys currently linked to the connected account.

List Connect Tokens

Lists all active connection tokens associated with the user.

List Identifiers

Displays a comprehensive list of every login method attached to an account.

List Sessions

Retrieves a list of all active user sessions across devices.

List Users

Lists every single user profile within the entire Corbado project.

Logout Me

Ends the current user's session and logs them out immediately.

Refresh Me

Extends the lifespan of an expiring security token without re-logging in.

Reset Auth Process

Clears and restarts a stalled or problematic authentication sequence.

Revoke Session

Forces the immediate termination of any specified user session.

Skip Auth Block

Bypasses a required authentication step for testing or maintenance purposes.

Start Connect Login

Begins the connect login flow, often used for client-side integrations.

Start Identifier Verify

Starts the process of verifying a user's provided identifier (like an email).

Start Passkey Append

Initiates the flow for adding a new passkey to an existing account.

Start Passkey Login

Starts the login sequence specifically using a passkey method.

Start Sso

Kicks off the Single Sign-On (SAML2) authentication redirect.

Update Auth Identifier

Modifies an existing login method, such as changing a user's associated email...

Update Identifier

Updates the details of a specific login identifier for better accuracy.

Update Me

Allows the current user to update their own profile information.

Update User

Modifies any existing user's details by providing a unique ID.

Verify Signed Data

Checks and validates the integrity of passkey data provided by the client device.

Security and governance baked right in.

Pick your AI client below to get set up. Just create a Vinkius account, subscribe, and you're instantly up and running. We handle the entire backend infrastructure, delivering out-of-the-box support for HTTPS Streamable, SSE, and OAuth2—zero messy routing required.

Claude AI

Open Claude Settings

Go to claude.ai, click your profile icon, then navigate to Customize → Connectors.

Add Custom Connector

Click the "+" button and select Add custom connector. Paste your Vinkius endpoint URL:

https://edge.vinkius.com/[YOUR_TOKEN_HERE]/mcp

Replace [YOUR_TOKEN_HERE] with your token from cloud.vinkius.com. For OAuth-protected servers, expand Advanced settings to add credentials.

Start a conversation

Open a new chat. The Corbado integration is available immediately — no restart needed.

Antigravity

Configure Agent Environment

Open your Antigravity agent's workspace configuration or mcp-servers.json file.

Bind the Endpoint

Add the Vinkius endpoint URL to your agent's MCP connections list:

"mcp_servers": {
  "corbado": {
    "serverUrl": "https://edge.vinkius.com/[YOUR_TOKEN_HERE]/mcp"
  }
}

Provide your secure token in place of [YOUR_TOKEN_HERE] to ensure your agent requests are authenticated.

Execute

Start your Antigravity session. The agent will autonomously discover and utilize the Corbado tools with full Vinkius guardrails applied.

VS Code Copilot

⚡

One-Click Install (Recommended)

In your Vinkius Dashboard, simply click the Add to VS Code button for this server. We'll automatically configure your local workspace.

Or configure manually

Open MCP Settings

Open VS Code, press Ctrl/Cmd + Shift + P, and search for GitHub Copilot: MCP Servers.

Add Server Config

Add the Vinkius endpoint configuration to your mcp-servers.json file:

"corbado": {
  "url": "https://edge.vinkius.com/[YOUR_TOKEN_HERE]/mcp"
}

Ensure you replace [YOUR_TOKEN_HERE] with your token from cloud.vinkius.com.

LangChain

Install Dependencies

Install the LangChain MCP adapters for your environment:

pip install langchain-mcp-adapters

Connect the Server

Use the SSEClient in LangChain to connect to the Vinkius managed endpoint:

from langchain_mcp_adapters.client import SSEClient

# Connect to Vinkius
client = SSEClient(url="https://edge.vinkius.com/[YOUR_TOKEN_HERE]/mcp")
tools = client.get_tools()

CrewAI

Define the Tool

Load the Vinkius MCP tools into your CrewAI agents:

from crewai import Agent
from mcp_crewai import MCPTool

# Connect securely to Vinkius
vinkius_tools = MCPTool(url="https://edge.vinkius.com/[YOUR_TOKEN_HERE]/mcp")

# Assign to Agent
researcher = Agent(
    role='Data Researcher',
    tools=vinkius_tools.get_all()
)

Execute Task

Run your CrewAI process. The agent will autonomously route tasks to the Vinkius managed server.

Choose How to Get Started

Build a custom MCP for your own tools, or connect a ready-made integration from our catalog.

Build Your Own

Turn any API into an MCP. Import a spec, define Agent Skills, or deploy with MCPFusion.

Import from OpenAPI, Swagger, or YAML specs
Create Agent Skills with progressive disclosure
Deploy to edge with MCPFusion framework
Built in DLP, auth, and compliance on every call
Real time usage dashboard and cost metering
Publish to catalog or keep private

Start building

Make Your AI Do More

Start with Corbado, then connect any of our 5,100+ other servers whenever your AI needs more. One click, no limits.

Use this MCP plus 5,100+ others, all in one place
Add new capabilities to your AI anytime you want
Every connection is secured and compliant automatically
Track usage and costs across all your servers
Works with Claude, ChatGPT, Cursor, and more
New servers added to the catalog every week

Independent Platform Disclaimer: Vinkius is an independent platform and is not affiliated with, endorsed by, sponsored by, verified by, or otherwise authorized by Corbado. All third-party trademarks, logos, and brand names are the property of their respective owners. Their use on this website is strictly for informational purposes to identify service compatibility and interoperability.

VINKIUS INFRASTRUCTURE

Cloud Hosted

Managed infra

V8 Isolated

Sandboxed per request

Zero-Trust Proxy

No stored credentials

DLP Enforced

Policy on every call

GDPR Compliant

EU data residency

Token Compression

~60% cost reduction

Your data is protected. See how we built it.

Built on the Model Context Protocol (MCP) for Claude, ChatGPT, Cursor, and more

The Model Context Protocol standardizes how applications expose capabilities to LLMs. Instead of operating in isolation, your AI gains direct access to external platforms, live data, and real-world actions through secure, standardized connections.

This connection provides 43 powerful capabilities that interface natively with Claude, ChatGPT, Cursor, and other compatible AI platforms. No middleware. No custom integration required.

The current headache of managing user access tokens., Solved with Vinkius AI Gateway

Right now, checking a single user's status means jumping between the admin dashboard, the logging service, and sometimes even contacting the dev team just to confirm if their session was revoked correctly. You’re spending valuable time clicking through multiple tabs and running manual checks to ensure security compliance.

With this MCP, you ask your agent one question—like 'What tokens does user X have?'—and it runs the complex logic across all those systems in the background. It gives you an immediate, comprehensive answer without leaving your coding environment.

Corbado gives you complete control over authentication flows.

Manual processes force developers to manage multiple sequential steps: first initiating the login (`init_login`), then confirming credentials, and finally calling a separate endpoint to finish the process. This chain is brittle and prone to failure if one step fails or times out.

Now, your agent handles the whole choreography. It orchestrates complex flows like passkey authentication—from starting the prompt (`start_passkey_login`) to finalizing it with `finish_passkey_login`—in a single, reliable interaction.

Support 24/7 support@vinkius.com ↗

Security Vinkius Trust Center ↗

SLA Service Level Agreement ↗

Report Listing Send Report ↗

passkeys

authentication

user-management

identity-provider

passwordless

What your AI can actually do with this

This MCP connects your identity infrastructure to any compatible client, letting your agent perform actions across the whole user lifecycle. Need to check if a user exists or reset an old session? It handles everything from creating new accounts to revoking access instantly. You can manage all login identifiers—emails, phone numbers, usernames—and even orchestrate complex flows like Single Sign-On (SSO) and passkey authentication without touching the UI.

Because Vinkius hosts this MCP in its catalog, you connect once to your preferred AI client and gain immediate control over robust identity management.

It's built for security; you can list all active sessions or run a full user audit simply by asking natural language questions.

Built · Hosted · Managed by Vinkius Corbado-MCP - Manage Identity & User Access

Server ID 019ea5f8-2a26-70c8-8c52-631b496baa3e

Vinkius Inspector

Compliance Grade A+

Score 100/100

Report View Report ↗

What Changes When You Connect

Audit all user accounts instantly. Instead of running complex database queries or manually checking logs, simply ask your agent to list all project users using the list_users tool. You get a clean report immediately.

Respond faster to support tickets by controlling sessions. If you suspect an account is compromised, use list_sessions to find active logins and run revoke_session to kill access in seconds.

Streamline complex logins with built-in flows. Whether it's a new user signing up (init_signup) or completing SSO (start_sso), this MCP handles the entire sequence, eliminating manual redirects.

Secure your application with passkeys. You can initiate and finalize advanced methods like adding a key (start_passkey_append followed by finish_passkey_append) directly through conversation.

Improve developer workflow dramatically. Need to check if a user's email is valid or add it? Use create_identifier and then confirm the status with list_identifiers—all within your IDE, no context switching required.

See it in action

01 01

Onboarding Audit

A PM needs to know which new users haven't set up their phone number. They ask their agent to list all identifiers and filter for 'missing phone'. The agent runs the necessary calls, showing only accounts that need immediate attention.

02 02

Security Incident Response

A security engineer receives an alert about a rogue session. Instead of logging into multiple dashboards, they ask their agent to list all active sessions and then run revoke_session on the suspicious ID immediately.

03 03

Debugging Login Failures

A backend developer encounters a login failure. They use the agent to get the current authentication process status with get_auth_process, quickly identifying if the issue is in the token creation (create_connect_token) or the final step.

04 04

User Data Migration

A team needs to update a user's primary email address across systems. They use the agent to run get_user first, then execute update_identifier, ensuring the change is logged and effective.

The honest tradeoffs

Listing tools manually

Anti-pattern

Copying out a list of 30 different tool names into documentation to prove functionality. This makes the page unreadable and feels like filler content.

The Fix

Instead, describe the action. For example, explain that you can 'audit user access by calling list_sessions' instead of just listing the tool.

Confusing tools with capabilities

Anti-pattern

Saying: 'Use create_user because it makes users.' This is too simplistic and doesn't capture the complexity of identity management.

The Fix

Focus on the outcome. Say: 'You can onboard a new user by initiating the full sign-up process, which uses tools like init_signup.'

Repeating tool calls in descriptions

Anti-pattern

Writing: 'To create a token, you use create_connect_token. Then, to delete it, you use delete_connect_token.' This is redundant and signals poor writing quality.

The Fix

Group them conceptually. Say: 'The system allows you to manage all connection tokens by generating new ones or deleting old ones.'

Questions you might have

How do I list all users in Corbado using this MCP? +

You use the list_users tool. This retrieves every user profile within your project, giving you a complete roster of accounts to audit.

Can I force a user out of their session with Corbado? +

Yes, running revoke_session is how you instantly terminate any active connection. This is critical for security audits and incident response.

What is the difference between `create_user` and `init_signup` in Corbado? +

create_user makes a user account programmatically, bypassing an actual sign-up flow. init_signup starts the natural process that guides a new person through registration.

How does Corbado handle passkeys with this MCP? +

You manage them in multiple steps: starting the append (start_passkey_append), then calling finish_passkey_append to secure the new key.

If I change a user's email, do I use Corbado MCP? +

Yes, you update it using the update_identifier tool. This ensures the system records the change correctly and keeps your identifiers current.