MCP Integration Recipes
Connect Claude Desktop, Cursor, and other Model Context Protocol clients to eVat’s tax-compliance API.
What you get
eVat exposes its compliance brain as an MCP server. Any MCP-compatible AI client can call the same tools that power our internal agents:
Tax intelligence
Look up VAT rates, registration thresholds, country-specific reporting rules, and tax calculations across the EU + UK + emerging non-EU coverage.
Filing visibility
Read upcoming filing deadlines, returns, and audit trails for any company you have permission to access.
Compliance copilot
Search the regulatory knowledge base, classify transactions, and generate workpapers — all under eVat’s governance + EU AI Act audit trail.
Claude Desktop
Add the following to your claude_desktop_config.json (find the path in Claude Desktop ’Settings → Developer’):
{
"mcpServers": {
"evat": {
"transport": {
"type": "http",
"url": "https://app.evat.com/api/mcp",
"headers": {
"Authorization": "Bearer YOUR_SANDBOX_TOKEN"
}
}
}
}
}Restart Claude Desktop. Then ask, e.g.: “What’s the standard VAT rate in Germany right now?”
Cursor
Cursor ships first-class MCP support. Drop a .cursor/mcp.json file at the root of your workspace:
{
"mcpServers": {
"evat": {
"url": "https://app.evat.com/api/mcp",
"headers": {
"Authorization": "Bearer YOUR_SANDBOX_TOKEN"
}
}
}
}Restart Cursor or reload MCP servers via the command palette.
Direct HTTP (any client)
The MCP execution endpoint is a plain HTTP POST. Use it from CI scripts, cron jobs, or your own SDK:
curl -sS https://app.evat.com/api/mcp/tools/get_filing_deadlines/execute \
-H "Authorization: Bearer YOUR_SANDBOX_TOKEN" \
-H "Content-Type: application/json" \
-d '{"company_id": 123, "days_ahead": 90}'Tool catalog
16 production tools today, including get_company_profile, get_vat_registrations, search_vat_rules, get_filing_deadlines, get_compliance_status, get_tax_rates, calculate_tax, search_transactions, generate_vat_workpaper, analyze_vat_variance, and more.
The complete schema (input + output JSON Schema for every tool) is available at /docs/api. Discovery endpoints: GET /api/mcp/tools and GET /api/mcp/tools.json.
Webhooks (push notifications)
Subscribe to filing-state-change events instead of polling. Webhooks fire for filing submissions, threshold warnings, deadline reminders, registration expirations, compliance alerts, and more — full catalog at /api/v1/compliance/webhooks/events (no scope required to discover).
Subscribing requires the webhooks:manage scope on your API key. While the self-serve scope-request UI is in flight, email api@evat.com from the address tied to your developer account and we’ll grant it within one business day.
curl -sS https://app.evat.com/api/v1/compliance/webhooks \
-H "X-API-Key: YOUR_KEY" \
-H "Content-Type: application/json" \
-d '{
"url": "https://your-app.example.com/hooks/evat",
"event_types": ["filing.submitted", "compliance.deadline_approaching"],
"company_id": 123
}'
The response includes a one-time secret used to verify every payload via HMAC-SHA256:
# Verify the X-EVat-Signature header
expected = hmac.new(secret.encode(), request.body, hashlib.sha256).hexdigest()
if not hmac.compare_digest(expected, signature):
abort(401)
Failed deliveries retry with exponential backoff (1m, 4m, 9m). After 10 consecutive failures the subscription auto-disables and you receive an alert. Full payload schema, retry semantics, and signature spec in the API reference.
Governance + audit
Every MCP call passes through eVat’s governance layer (autonomy ceiling, fail-closed permission checks, single-use approval tokens for mutations) and is recorded in the EU AI Act-compliant audit log with hash-chained 7-year retention. Per-call usage is metered for billing and observability.
Questions?
Email api@evat.com or open the API reference at https://app.evat.com/docs/api.