Quickstart API reference MCP API keys Authentication
Developer guides

Connect your AI agentBeta

Give Claude — or any MCP-capable AI agent — direct access to your Viewider account: products, inventory, listings, orders and shipments. Read-only by default; seven opt-in write tools need a product:write key. Three steps, no code.

1

Create an API key

Go to API keys and create a key with the Read-only preset (recommended — the 11 write tools will simply return 403 on it; add the product:write capability only when you want the agent to edit prices/stock). You get a client_id + client_secret — the secret is shown only once, so store it in your secret store before closing the dialog.

2

Connect your AI agent

viewider-mcp is a standard stdio MCP server (requires Node.js 18+). Pick your client:

Beta note: the npm package is being published during launch week. If npx viewider-mcp reports the package cannot be found yet, hold tight — or contact us for the from-source install.

Claude Desktop — add to claude_desktop_config.json

{
  "mcpServers": {
    "viewider": {
      "command": "npx",
      "args": ["-y", "viewider-mcp"],
      "env": {
        "VIEWIDER_CLIENT_ID": "mtok_xxxx",
        "VIEWIDER_CLIENT_SECRET": "your-client-secret"
      }
    }
  }
}

Claude Code — one command

claude mcp add viewider \
  -e VIEWIDER_CLIENT_ID=mtok_xxxx \
  -e VIEWIDER_CLIENT_SECRET=your-client-secret \
  -- npx -y viewider-mcp

Other MCP clients

Any stdio-capable MCP client (Cursor, Windsurf, Zed, your own SDK agent…) needs just three things: command npx, args ["-y", "viewider-mcp"], and the two environment variables VIEWIDER_CLIENT_ID + VIEWIDER_CLIENT_SECRET.

3

Try it

Restart your client — you should see 84 viewider_* tools (73 read-only + 11 write). Then just ask in plain language; the agent picks the right tool:

"List my recent orders"
"Search my inventory for SKU ABC-123"
"Show my listings on eBay"

How tokens work

  • The server exchanges your key for a short-lived Bearer machine-token that expires after 24 hours, and re-mints it automatically — proactively at ~80% of the lifetime, and on any 401. You never copy tokens around.
  • One key per client. Create a separate key for each agent or integration, so revoking one never breaks another.
  • Rotate the secret or revoke the key any time at API keys — on revoke, live tokens stop working immediately.

Read-only by default

73 of the 84 tools only read — products, inventory, listings, orders, shipments. The 11 write tools mutate live data (some also push to your connected marketplaces); each is owner-scoped to your own account, supports a dry-run preview and an idempotency key, and requires a key carrying the matching write capability (product:write / listing:write / order:write / shipment:write) — a Read-only preset key gets 403.

More write tools (create listings…) are coming, each individually capability-gated and opt-in.

Prefer raw REST?

The same key works against the API directly — mint a Bearer token yourself and browse the full API reference.

curl https://api.viewider.com/externalAPI/rotateMachineToken \
  -d client_id=mtok_xxxx \
  -d client_secret=your-client-secret
# → { "status":"success", "response":{ "access_token":"eyJ…", "token_type":"Bearer", "expires_in":86400 } }