Skip to main content

MCP server for Bill4Time API — legal billing and time tracking

Project description

bill4time-mcp

PyPI version Python 3.10+ License: MIT

MCP server for Bill4Time — API coverage for legal billing and time tracking. Use Bill4Time from Claude Desktop with natural language.

What you can do

  • Clients — list, filter by status, search active/disabled
  • Projects — list, filter by client, status, billing method
  • Time Entries — list by client, project, user, invoice, date range, billing status
  • Expenses — list by client, project, invoice, date range
  • Invoices — list by status (prebill/finalized), paid status, client, project, date range
  • Payments — list by client, project, date range
  • Payments Applied — track payment-to-invoice applications
  • Users — list and look up users
  • Contacts — list by status, date range, contact connections
  • Trust Accounting — list trust records by client, project, date range

All resources support OData-style filtering via filter_expr parameter for advanced queries.

Requirements

  • Python 3.10+
  • Claude Desktop (or any MCP-compatible client)
  • Bill4Time API key (create in Settings → API tab)

Note: The Bill4Time API is currently read-only. All tools retrieve data only.

Installation

pip install bill4time-mcp

Setup

bill4time-mcp-setup

This prompts for your API key and tests the connection.

Verify:

bill4time-mcp-verify

Credential storage

By default the API key is stored in your operating system's native secret store via the cross-platform keyring library:

OS Backend
macOS Keychain
Windows Credential Manager
Linux Secret Service (GNOME Keyring / KWallet)

The secret is saved under the service name bill4time-mcp. Nothing is written to disk in clear text.

File fallback. On a host with no keyring backend (e.g. a headless Linux box without Secret Service), or if you set BILL4TIME_MCP_USE_KEYRING=0, the key falls back to a ~/.bill4time-mcp/.env file with 0600 permissions.

Read order. The key resolves in the order OS keyring → process environment → .env file. So a rotated key in the keyring always wins, and a BILL4TIME_API_KEY exported in your shell overrides the file fallback without touching the keyring.

Pluggable backend. keyring lets you point at any secret store. For example, install keyrings.cryptfile for an encrypted file backend, or a cloud backend, then select it with the standard PYTHON_KEYRING_BACKEND environment variable or a keyringrc.cfg. See the keyring configuration docs.

Claude Desktop Configuration

{
  "mcpServers": {
    "bill4time": {
      "command": "bill4time-mcp"
    }
  }
}

Authentication Notes

Bill4Time uses an API key embedded directly in the URL path:

https://secure.bill4time.com/b4t-api/{api_key}/v1/{resource}

No OAuth or token refresh required. Create API keys from Settings → API in your Bill4Time account.

OData Filtering

All list_* tools accept a filter_expr parameter for advanced filtering:

"status eq 'Active'"
"clientId eq 751"
"invoiceDate ge '2024-01-01' AND invoiceDate le '2024-12-31'"
"billingStatus eq 'Ready For Billing'"

Supported operators: eq, ne, gt, ge, lt, le

Use top to limit results, orderby to sort, skip for pagination.

Example usage in Claude

"Show all unpaid invoices"

"List time entries for project 456 this month"

"Get all payments received from client 123 in 2024"

"Show trust account activity for client 789"

"List open projects ordered by project name"

Security note

API key in URL path. Bill4Time's API design embeds the API key directly as a path segment in every request URL (/b4t-api/{api_key}/v1/...). This is a Bill4Time API architecture constraint — the MCP loads your key from a local env file and never commits it to this repository. However, the key-in-URL design has the following implications you should be aware of:

  • Server/proxy access logs on any machine between your client and Bill4Time's servers will record the full request URL, including the API key, for the duration of their log retention policy.
  • Network monitoring tools that capture request URLs (e.g. HTTP proxies, security appliances, debugging tools) will expose the key in logged URLs.
  • If your key is compromised, all API access to your Bill4Time account — billing data, client records, invoices, payments — is accessible until the key is rotated.

Recommended practices:

  1. Rotate your API key periodically (quarterly at minimum) from Settings → API in your Bill4Time account.
  2. Keep access logs on this machine private — ensure ~/.bill4time-mcp/ is not world-readable, and that any HTTP proxy or network capture tool running on this machine is restricted to authorised users.
  3. Rotate immediately if you suspect the key has been exposed (e.g. via a shared log file, a network trace, or an accidental curl -v paste).
  4. Use least-privilege — if Bill4Time offers read-only API keys in the future, prefer those for this MCP (all current tools are read-only).

License

MIT

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

bill4time_mcp-0.2.0.tar.gz (89.3 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

bill4time_mcp-0.2.0-py3-none-any.whl (15.1 kB view details)

Uploaded Python 3

File details

Details for the file bill4time_mcp-0.2.0.tar.gz.

File metadata

  • Download URL: bill4time_mcp-0.2.0.tar.gz
  • Upload date:
  • Size: 89.3 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: uv/0.11.21 {"installer":{"name":"uv","version":"0.11.21","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"macOS","version":null,"id":null,"libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":null}

File hashes

Hashes for bill4time_mcp-0.2.0.tar.gz
Algorithm Hash digest
SHA256 676f021407c637e19f8e358d5f2a9c148a42fcb90dae9e11510ce11295dddc66
MD5 18c21660b8905cb9e3c13331699df30d
BLAKE2b-256 8202be4dc8415418665050f143d5dac638f0e8f395551d762d272e6453daf1f3

See more details on using hashes here.

File details

Details for the file bill4time_mcp-0.2.0-py3-none-any.whl.

File metadata

  • Download URL: bill4time_mcp-0.2.0-py3-none-any.whl
  • Upload date:
  • Size: 15.1 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: uv/0.11.21 {"installer":{"name":"uv","version":"0.11.21","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"macOS","version":null,"id":null,"libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":null}

File hashes

Hashes for bill4time_mcp-0.2.0-py3-none-any.whl
Algorithm Hash digest
SHA256 8f1dbf02d887adef85d25acdbe2ac0b0cdb5390e1d0d7777a2cca3757825be7c
MD5 23aedaad748be0562874ba14cd956bce
BLAKE2b-256 28dec095f804b08c3ae522aacca22c27ea5f3fc43d5e3859012187a4cd4c3e8f

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page