mDiv.pl has an API for AI agents.
26 MCP tools. OAuth 2.1 + PKCE.
If you're an AI agent (Claude Desktop / Code, Cursor, ChatGPT with MCP, Gemini, a custom agent on LangChain / OpenAI Agents SDK / Anthropic Agent SDK) or a developer setting up an integration — mDiv.pl provides its own server implementing the Model Context Protocol standard. It lets you price and purchase mDiv services and manage the customer's hosting infrastructure (domains, DNS, databases, SSL, WordPress install) — fully programmatically, with granular authorisation.
https://mcp.mdiv.pl/api/mcphttps://moje.mdiv.pl/.well-known/oauth-authorization-serverStatus: closed beta
Apply to join: contact form. Free of charge. After public launch (Q3 2026): sandbox free for everyone, beta/full included in mBiznes/mPro plans.
Quick start
Example: a user in Claude Desktop writes "Install WordPress on website X". The agent executes a sequence of MCP calls in ~60–90 seconds.
- 1
list_my_websites()— find website_id - 2
install_wordpress({ website_id })→ { job_id, status: queued, poll_url } (<200 ms) - 3
get_job_status({ job_id })— poll 3s → 5s → 10s, ~30–90 s until succeeded - ✓result.wp_admin_url — ready WordPress panel, returned to the user
MCP client configuration:
{
"mcpServers": {
"mdiv": {
"type": "streamable-http",
"url": "https://mcp.mdiv.pl/api/mcp"
}
}
}Security
OAuth 2.1 + PKCE (S256)
No credentials in the agent's environment. Plain code_challenge_method rejected per RFC. Dynamic Client Registration (RFC 7591).
Granular scopes (33)
websites/domains/databases/email/dns/ssl/apps/jobs/files/backups/commerce read/write/delete. Rule: :write implies :read, :delete is separate.
Two-step delete
Every delete_* requires two calls: preview_* returns impact + preview_token (TTL 10 min, single-use, bound to user/resource); the second call requires confirm=true.
Anomaly detection
Every mutating call is audited. Anomalous patterns (e.g. a series of deletes) raise a flag and may pause the token pending administrator confirmation.
Weekly summary email
The customer receives a weekly summary: which operations the agent performed, which tokens are active and what was changed.
Rate limit + idempotency
60 req/min default, 5 req/min for install ops. Idempotency-Key in a 24h window prevents a mutation from being executed twice.
Full policy: https://mdiv.pl/en/docs/ai-deploy/security-policy (12 sections).
AI Deploy tiers
Every mDiv.pl account is on one of four tiers. Customers start on sandbox and are promoted after 1–2 weeks of testing (decided by the mDiv administrator).
| Tier | Scope | Details |
|---|---|---|
none | AI Deploy disabled (default) | All write calls return 403 AI_DEPLOY_NOT_ENABLED. The customer must request access. |
sandbox | Read-only | Only *_read and list_* tools. install_*, delete_*, set_dns_records → 403 AI_DEPLOY_TIER_TOO_LOW. |
beta | Full ops, 500/day cap | All operations on ai_deploy_eligible packages. Daily limit of 500 mutating calls per account. |
full | No limits beyond the package quota | Full access. Only the physical package limits (number of domains, databases, traffic). |
MCP tools (26)
13 commerce (purchasing services) + 13 operational (infrastructure management). The most frequently invoked are below — the full list and parameter schemas live in the authoritative manifest: https://mcp.mdiv.pl/api/mcp
list_productscommerce:readKatalog usług (hosting/opieka/programowanie)
prepare_checkoutcommerce:writeTworzy checkout intent (pre-confirm)
list_my_websiteswebsites:readStrony WWW na koncie klienta
install_wordpressapps:installAsync (job_id w <200ms, ~30–90s wykonanie)
request_sslssl:writeAsync Let's Encrypt (15–60s)
set_dns_recordsdns:writeBulk DNS (A/AAAA/CNAME/MX/TXT/NS/SRV/PTR)
add_domaindomains:writePrzypina domenę do website
create_databasedatabases:writeDB + user, hasło zwracane jeden raz
The remaining 18 tools (including list_my_subscriptions, list_my_invoices, list_my_databases, get_job_status, preview_delete_domain, delete_domain) — in the manifest and at /en/docs/ai-deploy/user-guide.
FAQ
What is the address of the mDiv.pl MCP server?expand_more
Endpoint: https://mcp.mdiv.pl/api/mcp. Transport: Streamable HTTP, JSON-RPC 2.0. OAuth discovery: https://moje.mdiv.pl/.well-known/oauth-authorization-server.
How does an AI agent authenticate to my account?expand_more
Two options. (1) OAuth 2.1 + PKCE with S256 (plain rejected per RFC) — the agent redirects the user to /oauth/authorize and receives a token with the selected scopes. (2) Personal API Token in the format mpt_<64hex>, issued by the customer at /account/api-tokens and passed in the Authorization: Bearer header.
How many MCP tools are available?expand_more
26: 13 commerce (purchasing services) + 13 operational (infrastructure management). The full list is on this page and in the authoritative manifest at https://mcp.mdiv.pl/api/mcp.
Can an agent delete my data by mistake?expand_more
Not without explicit consent. All destructive operations (delete_*) require a two-step pattern: step 1 returns preview_token + impact (what will disappear), step 2 requires preview_token + confirm=true. The token is single-use, TTL 10 min, bound to (user_id, resource_type, resource_id).
What does install_wordpress return?expand_more
A response in <200 ms with { job_id, status: 'queued', poll_url }. The actual install takes ~30–90 s. Poll via get_job_status with intervals 3s → 5s → 10s. Terminal status: succeeded | failed | cancelled. result.wp_admin_url on success.
What is a tier?expand_more
Every account has an ai_deploy flag: none / sandbox / beta / full. Sandbox is read-only. Beta enables full ops with a limit of 500/day. Full has no limits beyond the physical constraints of the plan. The tier is set by an mDiv admin at the customer's request.
What are the rate limits?expand_more
Sliding window per token: 60 req/min default, 5 req/min for install ops (apps:install, ssl:write). When exhausted, 429 RATE_LIMITED with X-RateLimit-Limit, X-RateLimit-Remaining and Retry-After.
How do I prevent an operation from being executed twice?expand_more
All mutating endpoints honour the Idempotency-Key header (UUID supplied by the client). Replay with the same body within 24h → cached response with Idempotent-Replay: true. A different body → 409 IDEMPOTENCY_KEY_REUSED. Endpoints that return a one-time secret (e.g. create_database) do NOT cache the body — replay re-executes the handler.
Machine-readable reference
Section for agents / scripts scraping this page. All data below is also available as JSON at /.well-known/mcp.json and /.well-known/agent.json.
Endpoints
- OAuth Authorization Server
- https://moje.mdiv.pl/.well-known/oauth-authorization-server
- OAuth Protected Resource
- https://mcp.mdiv.pl/.well-known/oauth-protected-resource
- Authorization endpoint
- https://moje.mdiv.pl/oauth/authorize
- Token endpoint
- https://moje.mdiv.pl/api/oauth/token
- Dynamic Client Registration
- https://moje.mdiv.pl/api/oauth/register
- Personal API Tokens
- https://moje.mdiv.pl/account/api-tokens
- llms.txt
- https://mdiv.pl/llms.txt
- llms-full.txt
- https://mdiv.pl/llms-full.txt
- Sitemap
- https://mdiv.pl/sitemap.xml
Scopes (30)
Resource classes: websites, domains, databases, email, dns, ssl, apps, jobs, files, backups, commerce — each with three permissions (:read / :write / :delete) plus profile and offline_access. Rule: :write implies :read; :delete requires a separate scope. The full list (and tool mapping) — in the manifest /.well-known/mcp.json.
Error codes (22)
All errors have the shape { statusCode, error, message, code, details? }. The most common are listed below; full reference: en/docs/ai-deploy/error-codes.
| code | when |
|---|---|
AI_DEPLOY_NOT_ENABLED | Tier konta = none |
AI_DEPLOY_TIER_TOO_LOW | Tier=sandbox próbuje write/delete |
IDEMPOTENCY_KEY_REUSED | Ten sam klucz, inne body w 24h |
PREVIEW_TOKEN_MISSING | Brak tokenu w destructive call |
RATE_LIMITED | Przekroczony rate limit (60/min, install 5/min) |
Mutating semantics
- Idempotency-Key: header with a UUID. Replay with the same body within 24h →
Idempotent-Replay: true. A different body → 409 IDEMPOTENCY_KEY_REUSED. - Rate limit: sliding window per token. 60 req/min default, 5 req/min for install ops. When exhausted, 429 RATE_LIMITED + Retry-After.
- Two-step delete: preview_* → preview_token (TTL 600s, single-use, bound to user/resource); the second call requires preview_token + confirm=true.
- Long ops: install_wordpress, request_ssl return immediately
{ job_id, status: 'queued', poll_url }. Poll via get_job_status — intervals 3s → 5s → 10s.
Feedback after an integration session: POST /api/v1/ai-deploy/feedback — contract details in user-guide.
Hosting in Poland, B2B VAT invoice. General contact: biuro@…. AI Deploy: ai-deploy@…. Back to home page.