Connect ComplyCube to Claude: Manage Identity and Document Verification
Learn how to connect ComplyCube to Claude using a managed MCP server. Automate KYC, AML risk profiling, and document verification via natural language.
If you need to connect ComplyCube to Claude to automate KYC checks, evaluate AML risk profiles, or trigger document verifications, you need a Model Context Protocol (MCP) server. This server acts as the translation layer between Claude's tool calls and ComplyCube's REST API. You can either build and maintain this infrastructure yourself, or use a managed MCP server like Truto to dynamically generate a secure, authenticated MCP server URL. If your team uses ChatGPT, check out our guide on connecting ComplyCube to ChatGPT or explore our broader architectural overview on connecting ComplyCube to AI Agents, which follows our 2026 architecture guide for auto-generated MCP tools.
Giving a Large Language Model (LLM) read and write access to a sprawling compliance ecosystem like ComplyCube is a major engineering challenge. You have to handle API key management, map massive JSON schemas to MCP tool definitions, and deal with strict regulatory data workflows. Every time an endpoint updates or a compliance requirement shifts, you have to update your server code, redeploy, and test the integration.
This guide breaks down exactly how to use Truto to generate a secure, managed MCP server for ComplyCube, connect it natively to Claude Desktop, and execute complex identity verification workflows using natural language.
The Engineering Reality of the ComplyCube API
A custom MCP server is a self-hosted integration layer. While the open MCP standard provides a predictable way for models to discover tools, the reality of implementing it against a highly-regulated vendor API is painful. You are not just integrating "an API" - you are integrating an identity decisioning engine with unique constraints, similar to the complexity involved when you connect Alloy to Claude for onboarding compliance.
If you decide to build a custom MCP server for ComplyCube, you own the entire API lifecycle. Here are the specific challenges you will face:
Immutable Compliance Logs and Redaction Rules
In standard CRUD systems, if you make a mistake, you issue a DELETE request. In ComplyCube, once a Live Photo or Document Check is executed and evaluated, it is locked for compliance auditing. You cannot simply delete it. Instead, you must use specific redaction endpoints (comply_cube_documents_redact or comply_cube_checks_redact). If you expose standard DELETE tools to an LLM without mapping the redaction logic properly, the agent will repeatedly fail with 403 or 409 errors when trying to clean up historical data. Truto standardizes access to these specialized endpoints directly as tools.
Strict File Upload Constraints
Processing identity documents is not a simple JSON payload. Uploading a driver's license requires multipart handling, specific file size limits (strictly between 34KB and 4MB), exact MIME types (JPG, PNG, PDF), and assigning the image to the correct document side (front or back). LLMs are notoriously bad at formatting multi-step binary payloads from scratch. You must build an abstraction layer that handles the ingestion and formatting of these assets before they hit the upstream API.
Continuous Monitoring Workflows ComplyCube separates the concept of running a check from the concept of monitoring. A check is instantiated once, but standard or extensive screening checks can be updated to enable continuous monitoring. Building an MCP server means carefully scoping which tools the LLM uses to start a check versus update its ongoing status, requiring deep state tracking that standard REST abstractions often ignore.
Rate Limits and Execution Boundaries
ComplyCube enforces strict API rate limits to prevent abuse of its KYC infrastructure. Truto does not retry, throttle, or apply backoff on rate limit errors. When the upstream API returns an HTTP 429, Truto passes that error directly to the caller. Truto normalizes upstream rate limit info into standardized headers (ratelimit-limit, ratelimit-remaining, ratelimit-reset) per the IETF spec. The caller (your agent framework) is completely responsible for retry and backoff logic.
Instead of building this infrastructure from scratch, you can use Truto to dynamically expose ComplyCube's operations as ready-to-use MCP tools.
How to Generate a ComplyCube MCP Server
Truto creates MCP servers dynamically based on your connected integrations. There are two ways to generate an MCP server for your ComplyCube instance: via the Truto UI or via the API.
Method 1: Via the Truto UI
If you want to rapidly test your AI agent or provide access to an internal team member, the dashboard is the fastest path.
- Navigate to the Integrated Accounts page in your Truto dashboard.
- Select your connected ComplyCube account.
- Click the MCP Servers tab.
- Click Create MCP Server.
- Select your desired configuration (e.g., restrict to read-only methods or specific tags like "clients" or "checks").
- Copy the generated MCP server URL.
Method 2: Via the API
For production use cases - like programmatically provisioning isolated MCP servers for different automated agents - use the Truto API.
Make a POST request to /integrated-account/:id/mcp with your desired configuration.
curl -X POST https://api.truto.one/integrated-account/{integrated_account_id}/mcp \
-H "Authorization: Bearer YOUR_TRUTO_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"name": "ComplyCube Risk Analysis Agent",
"config": {
"methods": ["read", "create", "custom"],
"tags": ["risk_profile", "clients", "checks"]
}
}'The API validates that the integration has tools available, generates a secure, cryptographically hashed token, and returns a ready-to-use URL.
{
"id": "mcp-xyz-789",
"name": "ComplyCube Risk Analysis Agent",
"url": "https://api.truto.one/mcp/a1b2c3d4e5f6g7h8i9j0..."
}How to Connect the MCP Server to Claude
Once you have your Truto MCP URL, you need to register it with Claude Desktop so the model can discover and execute the ComplyCube tools. This process is identical for other security-sensitive tools, such as when you connect Secureframe to Claude for risk monitoring.
Method A: Via the Claude UI
If your organization has enabled Custom Connectors in the Claude interface:
- Open Claude Desktop and navigate to Settings -> Integrations (or Connectors).
- Click Add MCP Server.
- Give it a descriptive name (e.g., "ComplyCube Prod").
- Paste the URL you generated from Truto.
- Click Add.
Claude will immediately handshake with the Truto router and pull down the descriptions and schemas for all available tools.
Method B: Via Manual Config File
For local development or strict environment control, you can define the server in Claude's configuration file using the Server-Sent Events (SSE) bridge.
Locate your claude_desktop_config.json file (typically at ~/Library/Application Support/Claude/claude_desktop_config.json on macOS or %APPDATA%\Claude\claude_desktop_config.json on Windows) and add the following entry:
{
"mcpServers": {
"complycube-truto": {
"command": "npx",
"args": [
"-y",
"@modelcontextprotocol/server-sse",
"https://api.truto.one/mcp/a1b2c3d4e5f6g7h8i9j0..."
]
}
}
}Restart Claude Desktop. The model now has direct, authenticated access to your ComplyCube environment.
Hero Tools for ComplyCube Automation
Truto automatically translates ComplyCube's complex API endpoints into modular tools with clear schemas. Claude reads these descriptions to determine exactly when and how to invoke each action.
Here are the highest-leverage tools available for ComplyCube:
1. create_a_comply_cube_client
The foundational step for any KYC process. This tool allows the agent to register a new entity (person or company) into ComplyCube to begin the verification journey.
"A new customer signed up via the portal. Create a new person client in ComplyCube for jane.doe@example.com, and ask me what personal details are needed next."
2. create_a_comply_cube_check
Once a client is created and documents are attached, the agent uses this tool to initiate a specific screening protocol (e.g., standard screening, document check, or identity check).
"Initiate a standard_screening_check for client ID 12345. Let me know the initial status returned by the system."
3. comply_cube_clients_get_risk_profile
A critical tool for AML compliance. It returns the automated risk profile for a client, breaking down overall risk, political exposure risk, and watchlist risk.
"Fetch the risk profile for client ID 98765. If their political exposure risk is anything higher than 'low', flag this conversation for manual review."
4. comply_cube_workflow_sessions_complete
This custom tool triggers the completion of an entire workflow session. Instead of running individual checks, the agent orchestrates a pre-configured template of verifications at once.
"The user has finished uploading their live photo and passport. Trigger the completion of workflow session WS-555444 and give me the outcome."
5. comply_cube_reports_generate_client_report
Generates a comprehensive, base64-encoded PDF report detailing the client's KYC status, checks, and history. Essential for preparing audit evidence.
"Generate a full client report for Acme Corp (client ID 33221). Confirm when the generation is complete and provide the document metadata."
6. comply_cube_documents_redact
Because verified documents and images cannot simply be deleted from the system, this tool allows the agent to comply with GDPR/CCPA requests by properly redacting sensitive visual data from the audit logs.
"The customer for document ID 77665 has requested data deletion. Redact all image attachments associated with this document."
To see the complete tool inventory, detailed JSON schemas, and exact required parameters for ComplyCube, check out the ComplyCube integration page.
Workflows in Action
MCP tools become exceptionally powerful when Claude strings them together into autonomous sequences. Here is exactly how Claude executes multi-step compliance operations.
Workflow 1: Automated Client Onboarding & Risk Assessment
When a new high-value customer registers, the agent automatically creates their profile and checks their initial risk surface.
"Register a new corporate client named 'Globex Trading' with email compliance@globex.com. Then, query their risk profile. If they have any active watchlist hits, draft an internal alert memo."
Step-by-step execution:
- Claude calls
create_a_comply_cube_clientpassingtype: "company"and the provided email. - ComplyCube returns the newly created client ID.
- Claude calls
comply_cube_clients_get_risk_profileusing the new client ID. - Claude analyzes the returned JSON. If
watchlistRiskis elevated, it drafts the memo text directly in the chat interface.
sequenceDiagram
participant Agent as Claude
participant Truto as Truto MCP
participant API as ComplyCube API
Agent->>Truto: create_a_comply_cube_client
Truto->>API: POST /clients
API-->>Truto: { "id": "cli_123" }
Truto-->>Agent: JSON Tool Result
Agent->>Truto: comply_cube_clients_get_risk_profile
Truto->>API: GET /clients/cli_123/riskProfile
API-->>Truto: { "watchlistRisk": "high" }
Truto-->>Agent: JSON Tool ResultWorkflow 2: Triggering and Validating a Workflow Session
When a user finishes an embedded onboarding flow, the agent finalizes the session and prepares the audit report.
"Complete the workflow session WS-99887 for client ID 11223. Once the checks run, generate a final client report so we can store it in our secure vault."
Step-by-step execution:
- Claude calls
comply_cube_workflow_sessions_completepassing the workflow session ID. - ComplyCube triggers the verification checks in the background.
- Claude calls
comply_cube_reports_generate_client_reportpassing the client ID. - Claude returns a summary to the user, confirming the session is complete and the base64 report is ready for downstream storage.
flowchart TD
A["User Prompt"] --> B["comply_cube_workflow_sessions_complete"]
B --> C["Truto Proxy Layer"]
C --> D["ComplyCube API: Complete Session"]
D --> E["comply_cube_reports_generate_client_report"]
E --> F["Return PDF data to Agent"]Security and Access Control
Exposing your KYC and AML infrastructure to an LLM requires strict boundary setting. Truto provides four distinct mechanisms to secure your ComplyCube MCP servers:
- Method Filtering: Restrict an MCP server to only allow specific HTTP methods. You can enforce a
read-only server, ensuring the agent can look up risk profiles but cannot create clients or initiate checks. - Tag Filtering: Group tools by functional domain. You can configure a server to only expose tools tagged with
reportsorredaction, strictly limiting the agent's blast radius. - require_api_token_auth: By default, the MCP server URL is the only authentication required by the client. Enabling this flag forces the caller to also provide a valid Truto API token in the
Authorizationheader, adding a mandatory second layer of identity verification. - expires_at: For temporary access - such as an auditing agent running a quarterly review - you can issue time-bound tokens. Once the timestamp passes, the server self-destructs via durable object alarms.
Build the Future of AI Compliance
Connecting Claude to ComplyCube fundamentally changes how compliance teams operate. Instead of navigating complex UIs to evaluate risk profiles, trigger document checks, and extract PDF audit reports, your operators can manage the entire KYC lifecycle via natural language.
By leveraging Truto's dynamic MCP server generation, you eliminate the need to write massive JSON schemas, handle cursor pagination, or architect complex token lifecycles from scratch. Your engineering team can focus on orchestrating agentic logic, while Truto handles the integration boilerplate.
FAQ
- How do I connect ComplyCube to Claude Desktop?
- You can generate a secure MCP server URL via Truto, then add it to Claude Desktop either through the Claude Integrations UI (Settings -> Integrations) or by updating your claude_desktop_config.json file with the npx @modelcontextprotocol/server-sse command.
- Does Truto automatically retry failed ComplyCube API requests?
- No. Truto passes HTTP 429 rate limit errors directly to your AI agent. Truto normalizes upstream rate limit info into standard headers, but the caller is responsible for implementing retry and exponential backoff logic.
- Can I limit which ComplyCube actions Claude can perform?
- Yes. When generating your MCP server in Truto, you can use method filtering to restrict access to read-only operations or use tag filtering to limit the agent to specific domains, ensuring it cannot execute unauthorized write operations.
- How are ComplyCube API pagination and authentication handled?
- Truto normalizes ComplyCube's pagination into a standard cursor-based schema for the LLM. It also manages the underlying API tokens securely in the background, so your AI agent only needs to pass parameters to the tool.