CardPointe MCP Server

An MCP (Model Context Protocol) server for interacting with the CardPointe Gateway payment processing API.

Features

• Transaction Operations: Authorize, capture, void, and refund payments
• Inquiry: Look up transaction status and merchant configuration
• Profile Management: Create, retrieve, update, and delete stored payment profiles
• Reporting: Funding and settlement status reports
• BIN Lookup: Card type and issuer information
• Read-Only Mode: Safe production deployment with write operations disabled by default

Installation

npm install
npm run build

Authentication

The CardPointe Gateway API uses HTTP Basic Authentication. The server constructs an authorization header from your credentials:

Authorization: Basic base64(username:password)

All requests are made to:

https://<site>.cardconnect.com/cardconnect/rest/<endpoint>

Getting Credentials

For Testing (UAT):

• Contact integrationdelivery@fiserv.com
• Request: UAT Merchant ID, UAT API Credentials, and UAT API URL

For Production:

• Log into the CardPointe Portal
• Go to Administration → API Credentials
• Use the Gateway API Credential Generator
• You can create up to 5 credential sets per merchant location

Configuration

Set the following environment variables:

Variable	Description	Required
CARDPOINTE_MERCHANT_ID	Your CardPointe Merchant ID (MID)	Yes
CARDPOINTE_USERNAME	API username (8-20 characters)	Yes
CARDPOINTE_PASSWORD	20-character auto-generated password from CardPointe portal	Yes
CARDPOINTE_SITE	Site identifier (e.g., fts for production, fts-uat for testing)	Yes
READONLY	Set to false to enable write operations (default: true)	No

Read-Only Mode

By default, the server runs in read-only mode for safety. This blocks all write operations:

Mode	Blocked Operations	Allowed Operations
Read-only (default)	authorize_payment, manage_transaction, profile create/update/delete	inquire, manage_reporting, bin_lookup, profile get
Read-write	None	All

To enable write operations:

export READONLY=false

Usage

Running the Server

# Set environment variables
export CARDPOINTE_MERCHANT_ID="your-merchant-id"
export CARDPOINTE_USERNAME="your-username"
export CARDPOINTE_PASSWORD="your-password"
export CARDPOINTE_SITE="fts-uat"
export READONLY="false"  # Optional: enable write operations

# Run the server
npm start

Claude Desktop Configuration

Add to your claude_desktop_config.json:

{
  "mcpServers": {
    "cardpointe": {
      "command": "node",
      "args": ["/path/to/cardpointe-mcp-server/dist/index.js"],
      "env": {
        "CARDPOINTE_MERCHANT_ID": "your-merchant-id",
        "CARDPOINTE_USERNAME": "your-username",
        "CARDPOINTE_PASSWORD": "your-password",
        "CARDPOINTE_SITE": "fts-uat",
        "READONLY": "false"
      }
    }
  }
}

Available Tools

authorize_payment

Authorize a credit card payment. Returns a retref (retrieval reference) for use with manage_transaction.

Parameter	Description	Required
amount	Amount in cents (e.g., "1000" for $10.00)	Yes
account	Card number, token, or profileId/accountId	Yes
expiry	Expiration in MMYY format (not needed for tokens/profiles)	No
cvv2	CVV (3-4 digits)	No
capture	"Y" = capture now (default), "N" = authorize only	No
profile	"Y" = save card as profile for future payments	No
orderid	Your order ID for tracking	No
name, address, city, region, country, postal	Billing info for AVS	No
email, phone	Contact info	No
ecomind	"E" = e-commerce, "R" = recurring, "T" = telephone	No

manage_transaction

Perform post-authorization operations on transactions.

Parameter	Description	Required
action	"capture", "void", or "refund"	Yes
retref	Retrieval reference from authorize_payment	For capture/refund
orderid	Order ID (for void when retref unavailable)	For void (alternative)
amount	Amount in cents (omit for full capture/refund)	No

inquire

Query transaction or merchant information.

Parameter	Description	Required
action	"transaction" or "merchant"	Yes
retref	Retrieval reference (for transaction inquiry)	No
orderid	Order ID (alternative to retref)	No

manage_profile

Manage stored payment profiles for recurring/future payments.

Parameter	Description	Required
action	"create", "get", "update", or "delete"	Yes
profileid	Profile ID (required for get/update/delete)	Depends on action
accountid	Account ID within profile (required for update)	For update
account	Card number or token (required for create)	For create
expiry	Expiration MMYY format	No
name, address, city, region, country, postal	Billing info	No
email, phone	Contact info	No
defaultacct	"Y" = make default account	No

manage_reporting

Get financial reports.

Parameter	Description	Required
action	"funding" or "settlement"	Yes
date	Date in MMDD format (e.g., "0115" for January 15)	Yes

bin_lookup

Look up card info by BIN (first 6-8 digits).

Parameter	Description	Required
bin	First 6-8 digits of card number	Yes

Returns card type, issuer, country, and flags (corporate, prepaid, FSA, GSA).

Example Usage

Authorize a Payment

Use the authorize_payment tool with:
- amount: "1000" (for $10.00)
- account: "4111111111111111"
- expiry: "1225"
- capture: "Y"

Check Transaction Status

Use the inquire tool with:
- action: "transaction"
- retref: "123456789012"

Create a Payment Profile

Use the manage_profile tool with:
- action: "create"
- account: "4111111111111111"
- expiry: "1225"
- name: "John Doe"

Void a Transaction

Use the manage_transaction tool with:
- action: "void"
- retref: "123456789012"

Testing

Use the UAT environment for testing:

• Set CARDPOINTE_SITE to fts-uat
• Use test card numbers like 4111111111111111
• Contact CardPointe for UAT credentials

API Documentation

• CardPointe Gateway API
• Gateway API Credentials

License

MIT