SynAuth MCP Server — Biometric approval for AI agent actions via Face ID
Project description
SynAuth MCP Server
Biometric approval for AI agent actions. Every sensitive action your AI agent takes — sending emails, making purchases, accessing data, signing contracts — goes through Face ID verification on your iPhone.
Quick Start
pip install synauth-mcp
Add to your Claude configuration (~/.claude/claude_desktop_config.json):
{
"mcpServers": {
"synauth": {
"command": "synauth-mcp",
"env": {
"SYNAUTH_API_KEY": "aa_your_key_here"
}
}
}
}
How It Works
- Your AI agent calls a tool (send email, make purchase, query database)
- SynAuth sends a push notification to your iPhone
- You verify with Face ID
- SynAuth executes the action with your stored credentials
- The agent gets the result — but never sees your API keys
Why SynAuth
The agent can't bypass what it can't access. Your API credentials live in SynAuth's vault, not in the agent's environment. The MCP server is the only tool surface — there is no other path to your sensitive services.
| Feature | SynAuth | Slack/Email Buttons |
|---|---|---|
| Verification | Face ID (biometric) | Click a button (anyone with access) |
| Credential safety | Agent never sees keys | Agent often has direct key access |
| Audit trail | Every action logged with biometric proof | Click timestamp at best |
| Compliance | Proves physical identity of approver | Proves someone had Slack access |
Available Tools
| Tool | Description |
|---|---|
request_approval |
Submit an action for biometric approval |
check_approval |
Check status of a pending request |
wait_for_approval |
Block until request is resolved |
get_spending_summary |
View spending against configured limits |
get_approval_history |
Review past approved/denied actions |
list_vault_services |
See which API credentials are stored |
execute_api_call |
Make an API call through the vault (biometric-gated) |
Environment Variables
| Variable | Required | Default | Description |
|---|---|---|---|
SYNAUTH_API_KEY |
Yes | — | Your SynAuth API key |
SYNAUTH_URL |
No | https://synauth.fly.dev |
SynAuth backend URL (override for self-hosted) |
Action Types
- communication — emails, messages, notifications
- purchase — buying, subscriptions, payments
- scheduling — bookings, reservations, calendar
- legal — contracts, terms, agreements
- data_access — database queries, file downloads
- social — social media posts, profile updates
- system — config changes, restarts, deployments
License
MIT
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file synauth_mcp-0.1.1.tar.gz.
File metadata
- Download URL: synauth_mcp-0.1.1.tar.gz
- Upload date:
- Size: 6.5 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.14.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
c5bedeb8e0ef64daefad3c7b55a2827a3b212919c9d30fc22548adbcfdbfecce
|
|
| MD5 |
e6aba51ae4d8850de6fd2d1c52f0141e
|
|
| BLAKE2b-256 |
095d57afec1a81b0696cd6fe5d847fe433c6ae25ac4fdf8b7867672ca8eefcb0
|
File details
Details for the file synauth_mcp-0.1.1-py3-none-any.whl.
File metadata
- Download URL: synauth_mcp-0.1.1-py3-none-any.whl
- Upload date:
- Size: 7.5 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.14.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
7fb238b2d44c56765d89d08fb444b414113bcca78f309aebd9e605c5466e08b0
|
|
| MD5 |
c90d4e74050e7efce4b2ffeaaa88c0cb
|
|
| BLAKE2b-256 |
55feec4efd4c777f70b791f02312cc61b2fefc77a6c6eb5a82ccf54055a1b9df
|
