@stripe/mcp

What it does

This server exposes Stripe's payment and billing APIs through the Model Context Protocol, enabling Claude and other MCP clients to handle transactions, subscriptions, customer accounts, and billing workflows. It runs locally via command line and uses Stripe Restricted API Keys to enforce granular permission control, so your agent can only access the operations you explicitly authorize.

Who it's for

Backend engineers and startup founders building AI agents that need to interface with Stripe: automating subscription management, processing refunds, querying payment history, or handling billing-related decisions within an LLM-driven system without custom API wrappers.

Common use cases

• Query or update customer subscription status and billing details from Claude
• Process refunds, adjustments, or charge disputes based on agent recommendations
• Create or retrieve invoices in response to AI decision-making
• Check transaction history, dispute status, and payment method details
• Manage connected accounts for multi-tenant SaaS platforms

Setup pitfalls

• API key exposure — One secret was detected during scanning. Pass your Stripe secret key via the --api-key flag or environment variable, never hardcode it. Add .env to .gitignore and rotate keys if they're ever committed.
• Restricted API Keys required — Tool availability depends on the permissions you assign to your key. Create a RAK at dashboard.stripe.com/apikeys with only the minimum permissions your agent needs; using a full secret key violates least-privilege security.
• Filesystem and network access — The server reads and writes files and makes network calls to Stripe's API. Run it in a sandboxed environment if untrusted code or prompts could reach it.
• No CI pipeline — This repo has no automated testing. Verify compatibility locally before deploying, especially if your MCP client or Stripe SDK has version constraints.