Skip to content

MCP Server

Give AI agents access to Bounce House via the Model Context Protocol.

AI agents are increasingly capable of performing multi-step workflows autonomously: signing up for services, testing integrations, monitoring infrastructure, responding to alerts. But they can only interact with systems that expose tools they can call. The Model Context Protocol (MCP) is the emerging standard for this, supported by Claude Code, Cursor, Claude Desktop, and a growing number of AI development tools.

The Bounce House MCP server gives AI agents direct access to the full platform. An agent can create an ephemeral email receiver, sign up for a service using that address, wait for the verification email, extract the link, follow it in a headless browser, fill out any forms, and clean up, all without human intervention. It can also monitor domain health, generate TOTP codes for two-factor challenges, acknowledge alerts, and query suppression lists. If your team is building AI-powered test automation or agentic workflows that interact with the real world, MCP is how the agent gets access to email, webhooks, and the rest of the external message layer.

Installation

pip install bouncehouse-mcp
# or run directly
uvx bouncehouse-mcp

Configuration

Add to your MCP client config (Claude Desktop, Cursor, Claude Code, etc.):

{
  "mcpServers": {
    "bouncehouse": {
      "command": "uvx",
      "args": ["bouncehouse-mcp"],
      "env": {
        "BOUNCEHOUSE_API_KEY": "<your-api-key>"
      }
    }
  }
}

Set BOUNCEHOUSE_API_URL to override the base URL (defaults to production).

Available tools

Receivers

ToolParametersWhat it does
create_receiverlabel, channel, ttl_secondsCreate an email, webhook, SMS, or OAuth receiver
wait_for_messagereceiver_id, timeout, sinceBlock until a message arrives (no polling)
get_messagesreceiver_id, limitList messages captured by a receiver
destroy_receiverreceiver_idDelete a receiver and stop capturing

TOTP

ToolParametersWhat it does
register_totplabel, secret, issuer, digits, periodRegister a TOTP secret for code generation
get_totp_codesecret_idGenerate the current valid 2FA code

Domains

ToolParametersWhat it does
get_domain_healthdomain_nameGet health score, DNS findings, and recommendations
get_recommendationsdomain_nameGet specific DNS fixes for a domain
apply_dns_recommendationdomain_name, recommendation_idApply a DNS fix through a connected provider

Alerts

ToolParametersWhat it does
get_alertsacknowledged, limitList active alerts (abuse spikes, delivery failures, etc.)
acknowledge_alertevent_id, noteMark an alert as handled with a note

Auth providers

ToolParametersWhat it does
list_auth_providersList configured auth provider integrations
create_auth_providerprovider, configConnect an auth provider webhook
get_auth_eventsconfig_id, limitList recent auth events (signups, verifications, resets)

Browser flows

ToolParametersWhat it does
follow_linkurl, instructionsNavigate to a URL and return page state (links, forms, buttons)
complete_oauthreceiver_id, instructionsGet verification link from a receiver's message and follow it
send_flow_actionflow_id, action, selector, valueClick, fill, submit, screenshot, or wait in an active browser session
close_flowflow_id, mark_completeClose a browser session, optionally marking the flow as complete

Platform introspection

Diagnostic tools an agent can call when something looks off, or when planning a workflow that depends on what the account or platform supports.

ToolParametersWhat it does
get_statusDiagnostic snapshot of platform health (db, redis, active incidents). Call when you suspect a platform issue, not as a pre-flight check.
get_usageAccount-level volume over the last 30 days plus subscription state. limits is null until enforcement ships — handle null as "retry on 429s," not "unlimited."
get_account_capabilitiesLive capability snapshot — channels enabled, DNS provider attribution, auth providers connected, custom-MX domains. Use to plan workflows around actually-configured features.
get_changeloglimitRecent platform changes parsed from CHANGELOG.md. Useful when a previously-working workflow starts failing — check what changed.

Example: AI agent signup flow

Agent: create_receiver(label="signup", channel="email", ttl_seconds=3600)
→ Receiver created. Address: a1b2.signup@shard-bo.ing-bo.ing

Agent: [signs up on target site using the receiver address]

Agent: wait_for_message(receiver_id="rx_123", timeout=30)
→ Message received. Subject: "Verify your email"
  Extracted: verification_links: ["https://example.com/verify?token=abc"]

Agent: complete_oauth(receiver_id="rx_123")
→ Following verification link: https://example.com/verify?token=abc
  Page title: "Confirm your account"
  Buttons: "Confirm" id=confirm-btn

Agent: send_flow_action(flow_id="flow_456", action="click", selector="#confirm-btn")
→ Page title: "Account verified!"

Agent: close_flow(flow_id="flow_456", mark_complete=true)
→ Flow completed. Evidence: screenshot, HAR recording

Agent: destroy_receiver(receiver_id="rx_123")
→ Receiver deleted

The complete_oauth tool is particularly useful: it automatically extracts the verification link from the latest message at a receiver and follows it in a browser, combining three API calls (get message, extract link, start flow) into one.

Was this page helpful?