Appearance

Connect your agent

smplkit is agent-native: a single Model Context Protocol (MCP) server exposes the whole platform — feature flags, configuration, logging, audit, and scheduled jobs — to any MCP-capable coding agent. Connect it once, and your agent provisions and operates every primitive in plain language. You stay the owner: every change runs under your account, with your API key, and shows up in your console alongside the changes you make by hand.

The server is hosted at https://mcp.smplkit.com/api/mcp. It is stateless — your API key is forwarded per request as a Bearer token and never stored.

1. Get an API key

The MCP server authenticates with a standard smplkit API key.

  1. Sign up at smplkit.com. Continue with Google or Microsoft — SSO sign-ups are email-verified instantly, so you can mint a key right away.
  2. In the console, open API Keys → Create, name the key, and copy the secret. It starts with sk_api_.

A key carries the role of the user who minted it — see API keys for what each role's key can do. Store it like a password.

2. Add the server to your agent

Point your MCP client at https://mcp.smplkit.com/api/mcp and send your key as the Authorization: Bearer <key> header. Per-client setup:

bash
claude mcp add --transport http smplkit https://mcp.smplkit.com/api/mcp \
  --header "Authorization: Bearer YOUR_SMPLKIT_API_KEY"

…or add it to .mcp.json:

json
{
  "mcpServers": {
    "smplkit": {
      "type": "http",
      "url": "https://mcp.smplkit.com/api/mcp",
      "headers": { "Authorization": "Bearer ${SMPLKIT_API_KEY}" }
    }
  }
}

3. Ask your agent

Once connected, express intent in plain language — the tools translate it into the right API calls:

"Create a boolean flag new-checkout, off by default, then turn it on in prod only for enterprise users."

"List my environments, then set database.host to db-staging.internal for staging."

"Raise the sqlalchemy.engine logger to DEBUG in production while I debug, then reset it."

"Schedule my cleanup endpoint to run nightly at 2am New York time, then run it once to prove it works."

The agent makes the change and proves it worked — it can fire a job on demand or dry-run a SIEM forwarder before saving — then answers follow-up questions straight from the live state.

What your agent can operate

One server exposes every smplkit primitive. The tools share intent-named verbs — list_*, get_*, create_*, set_*, delete_* — and hide the JSON:API envelopes, per-environment nesting, and full-replace PUTs behind partial-intent calls.

CapabilityWhat the agent can do
Feature flagsCreate flags and set per-environment values, kill switches, and targeting rules.
ConfigCreate keyed, typed config and set values per environment.
LoggingRaise or reset runtime log levels per environment.
AuditSearch the audit log and manage SIEM forwarders.
Scheduled jobsCreate, run, and monitor scheduled HTTP jobs with full response capture.
EnvironmentsList the account's environments — the valid targets for every per-environment change.

Flags, config, and logging are set per environment, so the agent calls list_environments to discover valid targets (production, staging, …) before it writes.

You stay the owner

The agent is increasingly the user; you remain the owner.

  • Every change runs under your account and is attributed to your API key — and appears in your console next to changes made by hand.
  • The key carries your role. Mint a key with the narrowest role that does the job (see API keys); a VIEWER key, for example, lets an agent read state but never change it.
  • Nothing is stored server-side. The MCP server is stateless: your key is forwarded per request and never cached or logged.

Reaching your services

smplkit calls job targets and SIEM forwarder destinations from the cloud, so those URLs must be reachable from the public internet — localhost and private addresses won't fire. To target a local server during development, point at its deployed URL or expose it with a tunnel (cloudflared tunnel --url http://localhost:PORT or ngrok http PORT) and protect it with a secret auth header.