API Reference and MCP
Everything Bippsi exposes to machines, on one page. REST endpoints for integrations, Model Context Protocol for AI agents, and a signed OpenAPI spec so you never have to guess.
Model Context Protocol (MCP)
MCP is the standard way for AI agents to talk to a service without scraping HTML. Bippsi's MCP server exposes four tools: run a compliance scan, discover a site's pages, check certification status, and enumerate our own API endpoints. Connect over HTTPS + JSON-RPC 2.0.
- Protocol: 2024-11-05
- Transport: HTTP + JSON-RPC 2.0
- Auth: Optional Bearer API key
- Rate limit: 60 calls/hr per IP
- scan_site limit: 3/hr anonymous, unlimited with key
Available tools
scan_site
rate-limited
list_pages
cheap
get_certification_status
cheap
get_api_endpoints
cheap
Example: initialize, list tools, run a scan
Standard MCP handshake. Agents following the spec will handle this flow automatically; raw curl is shown for clarity.
# 1. Handshake curl -sX POST https://bippsi.com/api/v1/mcp \ -H "Content-Type: application/json" \ -d '{"jsonrpc":"2.0","id":1,"method":"initialize","params":{"protocolVersion":"2024-11-05","capabilities":{},"clientInfo":{"name":"my-agent","version":"1.0"}}}' # 2. Discover tools curl -sX POST https://bippsi.com/api/v1/mcp \ -H "Content-Type: application/json" \ -d '{"jsonrpc":"2.0","id":2,"method":"tools/list"}' # 3. Scan a site curl -sX POST https://bippsi.com/api/v1/mcp \ -H "Content-Type: application/json" \ -d '{"jsonrpc":"2.0","id":3,"method":"tools/call","params":{"name":"scan_site","arguments":{"url":"https://example.com"}}}'
https://bippsi.com/api/v1/mcp — no key needed for anonymous rate limits. For higher throughput, include your Bippsi API key as Authorization: Bearer <key>.
REST API
Full OpenAPI 3.1 reference below, rendered from /openapi.json. Most endpoints authenticate with a Bearer API key; see AGENTS.md for the full access policy.