seencite
๐Ÿ”Œ API & MCP

API & MCP

Your data, in your own agents and tooling. A Bearer-token API and a native MCP server with five org-scoped tools โ€” documented as they actually behave today, gaps included.

Authentication

One scheme, everywhere:

authorization: Bearer <your-token>

Tokens are stored hashed, never in the clear. Every call resolves to exactly one organization and can only ever see that org's data. Two properties worth knowing:

  • Scopes. A read-scoped token cannot mutate anything โ€” including the one MCP write. Issue read tokens for automation.
  • Membership-bound. A user-bound token stops working the moment that user's membership is removed โ€” everywhere, not just on project routes. Removing someone actually removes them.
There is no /v1 prefix. The API is unversioned today โ€” routes are /projects, /me/export, /mcp and so on, exactly as written on these pages. If we introduce versioning we'll say so here rather than quietly breaking your integration.

The MCP server

Point any MCP-compatible client at the endpoint and authenticate with the same bearer token:

POST /mcp
authorization: Bearer <your-token>
content-type: application/json

{ "jsonrpc": "2.0", "id": 1, "method": "tools/list" }

It speaks JSON-RPC 2.0 over HTTP. initialize must be the client's first call โ€” standard MCP handshake; clients that skip it will abort before reaching the tools. We echo the protocol version you request, defaulting to 2024-11-05. Notifications such as notifications/initialized get 202 with no body, as the spec requires. ping is supported.

The five tools

ToolWhat it does
list_projectsYour projects (sites) with each one's latest GEO score.
get_geo_scoreThe composite GEO score plus the five subscores for a project.
get_ai_visibilityPer-engine AI-visibility rates for a project. See the note below.
get_citation_gapsRanked off-site citation gaps โ€” third-party sources AI cites where you're absent.
rescanThe one write. Re-crawls the site and recomputes the GEO audit.
get_ai_visibility does not carry the interval yet. The tool returns the point rate per engine. The low/high fields it hands back are placeholders, not a measured band โ€” the stored interval bounds and sample size are not wired into the MCP payload today, even though the app and your export both have them. Do not chart those fields as a confidence interval. Given what this product argues everywhere else, an unlabelled bare rate on our own agent surface is a defect, and it's written here rather than left for you to discover. For real intervals use the app or the export, which ships the raw observations.

rescan โ€” the one write

It enqueues a real, paid crawl, so it's guarded on every side:

  • A read-scoped token or a viewer gets read-only token โ€” rescan requires editor access.
  • It can't touch a project outside the caller's allowlist.
  • One at a time โ€” an audit already running for that project is refused rather than duplicated.
  • It returns a crawlId and runs async (roughly 1โ€“2 minutes). Poll get_geo_score afterwards.
  • It does not re-run the AI-visibility probes. It re-measures your site, not what engines say about you.

Tenant scoping

Every tool call is scoped to the caller's org, and a member restricted to specific projects sees only those โ€” through MCP exactly as in the app. A token cannot enumerate another tenant's data by guessing a project id.