Skip to main content
OAuth is the smoothest way to connect an interactive MCP client. You add the Nikiwa connector, sign in once, and approve a consent screen. There is no key to copy or store, and access is tied to your Nikiwa account.

Connect a client

1

Add the connector

In your MCP client’s connector settings, add a remote MCP server with the Nikiwa endpoint:
https://pro-api.nikiwa.com/mcp
2

Start authorization

The client detects that Nikiwa requires authorization and opens Nikiwa’s consent page in your browser.
3

Sign in

If you are not already signed in to nikiwa.com, you are asked to log in first, then returned to the consent screen.
4

Approve access

The consent screen names the application requesting access and the account it will act as. Click Allow to grant it, or Deny to cancel.
5

Done

The client receives its access and can now call Nikiwa tools on your behalf.

How it works

Nikiwa acts as the OAuth authorization server. The flow is standard OAuth 2.0 authorization code with PKCE (S256), so it works with any compliant MCP client, and clients that support dynamic registration need no pre-registration. The relevant endpoints, advertised through standard discovery metadata, are:
EndpointPurpose
/.well-known/oauth-protected-resource/mcpPoints clients at the authorization server
/.well-known/oauth-authorization-serverAuthorization server metadata (RFC 8414)
/oauth/registerDynamic client registration
/oauth/authorizeAuthorization and consent
/oauth/tokenToken exchange
With OAuth you never paste a token into your client. The browser-based consent handles it. Login and approval happen on nikiwa.com, and the client only ever receives a short-lived access token.

Use your assistant

Once connected, ask naturally and let the assistant call Nikiwa. For example: “Use Nikiwa to check the risk score and top counterparties of 0xd8dA6BF26964aF9D7eEd9e03E53415D37aA96045 on Ethereum.”

Prefer a key?

For non-interactive clients such as scripts, servers, and self-hosted agents, where a browser consent flow is awkward, authenticate with a static API key instead.