> ## Documentation Index
> Fetch the complete documentation index at: https://docs.nikiwa.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Connect with OAuth

> Connect Claude, ChatGPT, or another MCP client to Nikiwa using OAuth.

OAuth is the smoothest way to connect an interactive MCP client. You add the Nikiwa connector, sign in once, and approve a consent screen. There is no key to copy or store, and access is tied to your Nikiwa account.

## Connect a client

<Steps>
  <Step title="Add the connector">
    In your MCP client's connector settings, add a remote MCP server with the Nikiwa endpoint:

    ```
    https://pro-api.nikiwa.com/mcp
    ```
  </Step>

  <Step title="Start authorization">
    The client detects that Nikiwa requires authorization and opens Nikiwa's consent page in your browser.
  </Step>

  <Step title="Sign in">
    If you are not already signed in to [nikiwa.com](https://nikiwa.com), you are asked to log in first, then returned to the consent screen.
  </Step>

  <Step title="Approve access">
    The consent screen names the application requesting access and the account it will act as. Click **Allow** to grant it, or **Deny** to cancel.
  </Step>

  <Step title="Done">
    The client receives its access and can now call Nikiwa tools on your behalf.
  </Step>
</Steps>

## How it works

Nikiwa acts as the OAuth authorization server. The flow is standard OAuth 2.0 authorization code with PKCE (`S256`), so it works with any compliant MCP client, and clients that support dynamic registration need no pre-registration.

The relevant endpoints, advertised through standard discovery metadata, are:

| Endpoint                                    | Purpose                                    |
| ------------------------------------------- | ------------------------------------------ |
| `/.well-known/oauth-protected-resource/mcp` | Points clients at the authorization server |
| `/.well-known/oauth-authorization-server`   | Authorization server metadata (RFC 8414)   |
| `/oauth/register`                           | Dynamic client registration                |
| `/oauth/authorize`                          | Authorization and consent                  |
| `/oauth/token`                              | Token exchange                             |

<Note>
  With OAuth you never paste a token into your client. The browser-based consent handles it. Login and approval happen on `nikiwa.com`, and the client only ever receives a short-lived access token.
</Note>

## Use your assistant

Once connected, ask naturally and let the assistant call Nikiwa. For example: "Use Nikiwa to check the risk score and top counterparties of `0xd8dA6BF26964aF9D7eEd9e03E53415D37aA96045` on Ethereum."

## Prefer a key?

For non-interactive clients such as scripts, servers, and self-hosted agents, where a browser consent flow is awkward, authenticate with a static [API key](/mcp/api-keys) instead.
