Documentation Index
Fetch the complete documentation index at: https://glide-9da73dea.mintlify.app/llms.txt
Use this file to discover all available pages before exploring further.
Glide Headless exposes its tools through three MCP endpoints:
/mcp/read — non-mutating queries (tools/list, balances, etc.)/mcp/write — mutating actions (issue grants, run payroll, freeze cards)/mcp/treasury — high-privilege treasury actions (kill switch, signer rotation)
Each tool below shows its required scope, annotations, and exact input/output JSON Schemas. Schemas are auto-generated from the source-of-truth Zod definitions in apps/mcp/src/tools/.
Base URL
Three category-specific JSON-RPC endpoints:
https://mcp.glide.co/mcp/read — non-mutating tools (accounts.balance, accounts.list, agents.list, audit.stream, payments.simulate, skills.list, transactions.list, x402.receive)https://mcp.glide.co/mcp/write — mutating tools (beneficiary.add, cards.freeze, cards.issue, payments.initiate, payroll.run, transfer.schedule, x402.pay)https://mcp.glide.co/mcp/treasury — high-privilege tools (agent.budget.create, agent.budget.revoke, agent.grant.issue, agent.grant.refresh, killSwitch.all, vault.rotateSigner, yield.allocate)
Tools are namespaced; calling a write tool on /mcp/read returns a confused-deputy error.
Auth
Every call must carry a Glide-issued grant JWT in the Authorization header:
Authorization: Bearer <grant_token>
accounts:read, payments:initiate), tied to a specific principal + agent + entity, and have a short TTL. The MCP server performs a fresh database read on every call so a revoked grant fails closed immediately. To obtain a grant, complete the OAuth flow with your agent’s client_credentials.
Quick example
curl -X POST https://mcp.glide.co/mcp/read \
-H "Authorization: Bearer $GLIDE_GRANT_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"jsonrpc": "2.0",
"id": 1,
"method": "accounts.list",
"params": {}
}'
| Tool | Scope | Category | Step-up | Description |
|---|
accounts.balance | accounts:read | read | no | Per-chain, per-token balance of the agent vault. |
accounts.list | accounts:read | read | no | List the accounts this agent can operate on. |
agents.list | agents:read | read | no | List sibling agents under the same principal/entity. |
audit.stream | audit:stream | read | no | Mint a cursor for subscribing to this agent’s event stream over SSE. |
payments.simulate | payments:simulate | read | no | Run policy evaluation against a proposed payment without side effects. |
skills.list | accounts:read | read | no | Catalog of installable skills from glide.co/skills. |
transactions.list | accounts:read | read | no | Paginated list of this agent’s transactions. |
x402.receive | x402:receive | read | no | Return this agent’s x402 receive endpoints. |
beneficiary.add | beneficiary:write | write | no | Propose adding a counterparty to the agent’s envelope allowlist. |
cards.freeze | cards:manage | write | no | Freeze a previously issued card. |
cards.issue | cards:manage | write | no | Issue a scoped virtual card against the agent sub-vault. |
payments.initiate | payments:initiate | write | conditional | Initiate a payment inside the agent vault envelope. |
payroll.run | payments:initiate | write | no | Kick a payroll batch (requires V2 payroll infra). |
transfer.schedule | payments:initiate | write | conditional | Schedule a future-dated transfer; envelope evaluated at schedule + execute time. |
x402.pay | x402:pay | write | no | Pay an x402 micropayment endpoint with server-side RPC verification. |
agent.budget.create | agent:budget:create | treasury | no | Spawn a child agent with a scoped sub-vault and policy envelope. |
agent.budget.revoke | agent:budget:revoke | treasury | no | Revoke a child agent and optionally sweep its vault to the parent. |
agent.grant.issue | agent:budget:create | treasury | always | Issue a new bearer grant with a narrowed scope set. |
agent.grant.refresh | agent:budget:create | treasury | no | Re-issue a grant under the current policy version when policy is unchanged-or-narrowed. |
killSwitch.all | agent:budget:revoke | treasury | no | Atomic kill-switch: revoke every grant + freeze every sub-vault for this principal. |
vault.rotateSigner | treasury:rotate-signer | treasury | always | Rotate the signing key for this agent’s sub-vault. |
yield.allocate | treasury:yield-allocate | treasury | conditional | Move funds between yield vaults (Aave/Morpho/Kamino/idle). |
always = every call requires principal biometric approval regardless of amount. conditional = required when the transfer amount exceeds the envelope’s step_up_amount_cents threshold. no = never step-up gated.
See Policy envelope for the full policy contract, Step-up flow for the biometric approval sequence, and Receipts for the audit trail format.
| Tool | Description |
|---|
accounts.balance | Per-chain, per-token balance of the agent vault. Amounts returned in both cents (USD-normalized via current FX where app |
accounts.list | List the accounts this agent can operate on. Scoped strictly to the grant’s aud.vault_id — a sibling agent’s vault is ne |
agents.list | List sibling agents under the same principal/entity. Useful for cross-agent UIs; doesn’t expose another agent’s envelope |
audit.stream | Mint a cursor for subscribing to this agent’s event stream over SSE. The cursor is bound to the current grant — when the |
payments.simulate | Run the full policy envelope evaluation against a proposed payment. Returns the verdict + every reason without any side |
skills.list | Catalog of installable skills from glide.co/skills. Each skill advertises its runtime compatibility and whether its upst |
transactions.list | Paginated list of this agent’s transactions. Scoped to the agent; sibling agents’ history never appears. Use cursor for |
x402.receive | Return this agent’s x402 receive endpoints. Every Glide vault is x402-addressable out of the box — other agents can pay |
| Tool | Description |
|---|
beneficiary.add | Propose adding a counterparty to the agent’s envelope allowlist. Per the multisig allowlist gate, allowlist mutations ar |
cards.freeze | Freeze a previously issued card. The card will reject subsequent authorizations until unfrozen (unfreeze tool ships in v |
cards.issue | Issue a scoped virtual card against the agent sub-vault. The card carries its own MCC filters, funding cap, and expiry i |
payments.initiate | Initiate a payment inside the agent vault envelope. Amounts over the step-up threshold return a pending_step_up response |
payroll.run | Kick a payroll batch. Requires V2 payroll infra (Sprint 3-4); returns blocked_by_dep if unavailable, matching PLAN.md he |
transfer.schedule | Schedule a future-dated transfer. Envelope is evaluated at schedule time AND again at execute time; policy bumps between |
x402.pay | Pay an x402 micropayment endpoint. Server-side RPC verification of the on-chain tx is MANDATORY — the facilitator receip |
| Tool | Description |
|---|
agent.budget.create | Spawn a child agent with a scoped multisig sub-vault and a policy envelope. The operation is a saga — on any failure the |
agent.budget.revoke | Revoke a child agent and optionally auto-sweep its sub-vault back to the parent treasury. Revocation is terminal; spawn |
agent.grant.issue | Issue a new bearer grant for this agent with a narrowed scope set. Always requires principal step-up — the first call re |
agent.grant.refresh | Re-issue this agent’s grant under the current policy version when the new policy is unchanged-or-narrowed vs the issue-t |
killSwitch.all | Atomic kill-switch: revoke every active grant + freeze every sub-vault for this principal. The confirm_scope literal ‘AL |
vault.rotateSigner | Rotate the signing key for this agent’s sub-vault. Always requires principal step-up. Completes atomically with a policy |
yield.allocate | Move funds between yield vaults (Aave/Morpho/Kamino/idle) within the envelope. Blocked by V3 yield infra if that depende |
Auth model
Every call must carry a Glide-issued grant JWT in the Authorization: Bearer … header. Grants are scoped (e.g. agents:read, payments:write) and tied to a specific principal + agent + entity. The MCP server fresh-reads the tenant from the database on every call so a stolen grant against a stale tenant fails closed.
See /agents/policy-envelope for the policy contract Glide enforces on top of the grant.
