Skip to content

Connect Depasify to ChatGPT: Manage Accounts, KYC, and Banking

Learn how to build a managed MCP server to connect Depasify to ChatGPT. Automate KYB workflows, fiat payments, and crypto trading with AI agents.

Roopendra Talekar Roopendra Talekar · · 9 min read
Connect Depasify to ChatGPT: Manage Accounts, KYC, and Banking

If you need to connect Depasify to ChatGPT to automate KYB onboarding, execute cryptocurrency trades, or manage fiat settlements, you need a Model Context Protocol (MCP) server. This server acts as the translation layer between ChatGPT's tool calls and Depasify's REST API. You can either build and maintain this infrastructure yourself, or use a managed integration platform like Truto to dynamically generate a secure, authenticated MCP server URL. If your team uses Claude, check out our guide on connecting Depasify to Claude or explore our broader architectural overview on connecting Depasify to AI Agents.

Giving a Large Language Model (LLM) read and write access to a core banking and crypto infrastructure platform is a high-stakes engineering challenge. You must handle complex state machines, strict dual-approval workflows, and multi-step document uploads. Every time Depasify updates an endpoint or adds a new blockchain network, you have to update your server code, redeploy, and test the integration.

This guide breaks down exactly how to use Truto to generate a secure, managed MCP server for Depasify, connect it natively to ChatGPT, and execute complex financial workflows using natural language.

The Engineering Reality of the Depasify API

A custom MCP server is a self-hosted integration layer. While the open MCP standard provides a predictable way for models to discover tools, the reality of implementing it against a live banking API is painful. You are not just building standard CRUD endpoints. Depasify is designed for institutional finance, which means its API enforces strict compliance rules, asynchronous approvals, and complex identity verification states.

If you decide to build a custom MCP server for Depasify, you own the entire API lifecycle. Here are the specific integration challenges that break standard assumptions when working with Depasify:

The Four-Eyes Dual Approval Policy In standard SaaS applications, a POST request to create a payment executes immediately. In Depasify, corporate vaults often enforce a "four eyes policy" for fiat and blockchain withdrawals. When your AI agent initiates a transaction, the API returns a record in a pending state. The transaction requires a second, distinct authenticated user to approve it via the depasify_fiat_payments_approve or depasify_blockchain_payments_approve endpoints. If your MCP server does not correctly expose these state transitions, the LLM will hallucinate that the payment succeeded immediately, leading to downstream reconciliation failures.

Multi-Step KYB (Know Your Business) State Machines Onboarding a new corporate client is not a single API call. Creating a KYB application generates a unique UUID and a secure password. To complete the process, the client (or the agent acting on their behalf) must authenticate with that specific password, upload files mapped to specific attribute keys (like proof of address or incorporation documents), and then trigger a final validation step. A custom MCP server must manage this complex session state and expose it as atomic tools the LLM can logically sequence.

Virtual IBANs vs. Blockchain Wallets Depasify bridges fiat and crypto, meaning it handles entirely different routing logic depending on the asset class. Fiat payments require you to create specific counterparty objects mapped to Virtual IBANs. Blockchain payments require whitelisted deposit or source wallets categorized by specific networks (e.g., Ethereum vs Polygon). If your MCP tools do not strictly enforce these schema requirements, ChatGPT will attempt to send Ethereum to a SEPA counterparty, resulting in hard validation rejections.

A Crucial Note on Rate Limits

Financial APIs enforce strict rate limits to prevent abuse. Truto does not retry, throttle, or apply exponential backoff on rate limit errors. When the upstream Depasify API returns an HTTP 429 (Too Many Requests), Truto passes that error directly to the caller. Truto normalizes the upstream rate limit information into standardized headers (ratelimit-limit, ratelimit-remaining, ratelimit-reset) per the IETF specification. Your AI agent or MCP client is completely responsible for implementing its own retry and backoff logic. Do not assume the infrastructure will magically absorb these errors.

Generating the Depasify MCP Server with Truto

Instead of building a JSON-RPC 2.0 server from scratch, writing massive TypeScript schemas, and managing session tokens, you can use Truto to dynamically generate an MCP server.

Truto creates tools dynamically based on the integrated account's configuration and available documentation. The server URL contains a cryptographic token that encodes the account context. You can generate this server via the Truto UI or programmatically via the API.

Method 1: Via the Truto UI

For IT admins or operations teams configuring a specific workspace, the UI is the fastest path:

  1. Navigate to the integrated account page for your Depasify connection in the Truto dashboard.
  2. Click the MCP Servers tab.
  3. Click Create MCP Server.
  4. Select your desired configuration (name, allowed methods, tags, and expiration date).
  5. Copy the generated MCP server URL (e.g., https://api.truto.one/mcp/a1b2c3d4...).

Method 2: Via the API

For engineering teams building AI agents programmatically, you can dynamically spin up an MCP server for any connected Depasify tenant using the Truto API.

Make an authenticated POST request to the /integrated-account/:id/mcp endpoint:

curl -X POST https://api.truto.one/integrated-account/<integrated_account_id>/mcp \
  -H "Authorization: Bearer <YOUR_TRUTO_API_TOKEN>" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "Depasify Treasury Agent",
    "config": {
      "methods": ["read", "write", "custom"],
      "tags": ["treasury", "kyb"]
    },
    "expires_at": "2026-12-31T23:59:59Z"
  }'

The Truto API will validate the configuration and return a ready-to-use URL:

{
  "id": "mcp_abc123",
  "name": "Depasify Treasury Agent",
  "config": {
    "methods": ["read", "write", "custom"],
    "tags": ["treasury", "kyb"]
  },
  "expires_at": "2026-12-31T23:59:59Z",
  "url": "https://api.truto.one/mcp/a1b2c3d4e5f6..."
}

Connecting the MCP Server to ChatGPT

Once you have your Truto MCP URL, connecting it to ChatGPT takes minutes. You can configure this directly in the ChatGPT UI for business users, or via a manual configuration file for local development and custom agent frameworks.

Method A: Via the ChatGPT UI

If you are using ChatGPT Enterprise, Pro, or Team accounts with Developer mode enabled:

  1. Open ChatGPT and navigate to Settings -> Apps -> Advanced settings.
  2. Enable Developer mode.
  3. Under MCP servers / Custom connectors, click to add a new server.
  4. Enter a descriptive name (e.g., "Depasify Integration").
  5. Paste the Truto MCP URL into the Server URL field.
  6. Click Save.

ChatGPT will immediately perform a handshake with the Truto MCP router, execute an initialize JSON-RPC call, and load the available Depasify tools.

Method B: Via Manual Config File (SSE Transport)

If you are testing your AI agent locally using an MCP inspector or integrating with a framework that requires explicit SSE configuration, you can use the official @modelcontextprotocol/server-sse wrapper.

Create a configuration JSON file to define the remote SSE connection:

{
  "mcpServers": {
    "depasify": {
      "command": "npx",
      "args": [
        "-y",
        "@modelcontextprotocol/server-sse",
        "--url",
        "https://api.truto.one/mcp/a1b2c3d4e5f6..."
      ]
    }
  }
}

When your agent boots up, it uses the npx @modelcontextprotocol/server-sse command to bridge the remote Truto HTTP/SSE endpoint into a standard STDIO interface that local agent frameworks understand.

Security and Access Control

Giving an LLM direct access to banking infrastructure requires rigid guardrails. Truto's MCP architecture provides native security controls configured at the token level:

  • Method Filtering: Restrict the server to specific operation types using the methods array. Passing ["read"] ensures the LLM can only retrieve balances and ledgers, effectively neutralizing any hallucination that attempts to move funds.
  • Tag Filtering: Limit the server to specific domains. Passing tags: ["kyc"] ensures the LLM only sees tools related to onboarding, completely hiding the trading and withdrawal APIs.
  • require_api_token_auth: By default, possessing the MCP URL grants access. Setting require_api_token_auth: true forces the client to also pass a valid Truto API token in the Authorization header, adding a critical second layer of authentication for sensitive environments.
  • expires_at: For temporary audit or support workflows, set a strict TTL. Once the timestamp passes, a background process permanently deletes the token from the key-value store, instantly terminating access.

Hero Tools for Depasify Operations

The Truto Depasify integration exposes a massive surface area of endpoints. Rather than listing every CRUD operation, here are the highest-leverage "hero tools" that unlock advanced agentic workflows.

list_all_depasify_accounts

Retrieves all Depasify accounts accessible to the authenticated user, including main and client-facing sub-accounts. This is the foundational tool an agent uses to map internal ID structures and check overall verification statuses.

"Audit all of our sub-accounts and give me a list of any account where the status_verification is not complete. Show me their balances in EUR."

create_a_depasify_kyb

Initiates a new KYB application for a corporate client. This tool triggers Depasify's internal state machine, returning a unique UUID and a generated password required for the subsequent document upload phases.

"Start a new KYB onboarding application for our new European partner. Save the generated UUID and password, then let me know when you are ready to upload their incorporation documents."

create_a_depasify_fiat_payment

Initiates a fiat payment (off-ramping, funding, or inter-account transfer). Because it requires explicit banking metadata (IBAN, recipient details), the LLM must construct a highly structured payload. If the account enforces a four-eyes policy, the returned status will be pending_approval.

"Create a fiat payment of 50,000 EUR to counterparty IBAN DE123456789. Use the description 'Q3 Software Licensing'. If it requires dual approval, tell me who initiated it so I can notify the ops team."

depasify_fiat_payments_approve

Executes the secondary approval required by corporate governance rules. Each user can only approve once; when sufficient approvals are collected, the payment automatically clears.

"Review fiat payment ID 98765. Confirm the amount matches the approved invoice for 50,000 EUR. If it matches, approve the payment to release the funds."

create_a_depasify_trade

Executes market orders to swap fiat and cryptocurrency assets. This tool defaults to the best available market price across Depasify's liquidity venues.

"Check the current available USD balance. If it is over 100,000, create a market trade to convert 50,000 USD into USDC to rebalance our stablecoin reserves."

create_a_depasify_blockchain_wallet

Creates new blockchain infrastructure for an account, either as a whitelisted payout destination or a self-custodial deposit wallet. The LLM must correctly assign the network type (e.g., polygon, ethereum).

"Provision a new Polygon network deposit wallet for account ID 1234. Return the generated address and memo so we can forward it to the client."

For the complete schema definitions and the full list of available tools - including SEPA fee configurations, ledger PDF generation, and sandbox simulation tools - view the Depasify integration page.

Workflows in Action

Individual tools are useful, but the true power of MCP lies in orchestrating multi-step workflows. Here is how ChatGPT utilizes the Depasify tools to execute complex financial operations autonomously.

Workflow 1: Corporate Onboarding and KYC Verification

Onboarding corporate entities involves generating applications, handling secure credentials, and tracking compliance states.

"We have a new vendor, Acme Corp. Generate a new KYB application for them. Check the validation status, and if it's open, draft an email containing the secure password they need to access the onboarding form."

Execution sequence:

  1. create_a_depasify_kyb: The agent initiates the process. Depasify returns a data object containing the new KYB UUID and a generated_password.
  2. depasify_kyb_validate: The agent validates the UUID to ensure the vault is ready to receive documents.
  3. Local processing: The agent writes a draft email instructing the vendor on how to log in using the generated credentials, completing the administrative setup without human intervention.

Workflow 2: Liquidity Rebalancing with Dual Approval

Treasury teams constantly balance fiat reserves against crypto liquidity. This workflow requires querying live balances, executing a trade, and initiating a corporate payout that respects compliance rules.

"Audit the EUR balance on our primary account. Convert 25,000 EUR to USDC. Then, initiate a blockchain payout of that USDC to our whitelisted Polygon treasury wallet. Confirm when the payout is pending dual approval."

Execution sequence:

sequenceDiagram
  participant User as User Prompt
  participant GPT as ChatGPT (MCP Client)
  participant Truto as Truto MCP Server
  participant Depasify as Depasify API
  
  User->>GPT: "Audit EUR balance and convert to USDC..."
  GPT->>Truto: call depasify_accounts_get_balance
  Truto->>Depasify: GET /accounts/{id}/balance
  Depasify-->>Truto: { "details": { "EUR": 150000 } }
  Truto-->>GPT: Returns EUR balance
  
  GPT->>Truto: call create_a_depasify_trade
  Truto->>Depasify: POST /trades (EUR/USDC)
  Depasify-->>Truto: Trade executed successfully
  Truto-->>GPT: Returns trade confirmation
  
  GPT->>Truto: call create_a_depasify_blockchain_payment
  Truto->>Depasify: POST /blockchain_payments (USDC)
  Depasify-->>Truto: { "status": "pending_approval" }
  Truto-->>GPT: Returns pending state
  GPT-->>User: "Trade complete. Payout pending dual approval."
  1. depasify_accounts_get_balance: The agent checks the vault to ensure sufficient EUR liquidity exists to cover the trade.
  2. create_a_depasify_trade: The agent submits a market order swapping EUR for USDC.
  3. create_a_depasify_blockchain_payment: The agent initiates the withdrawal to the whitelisted treasury wallet.
  4. Local processing: The agent reads the approval_progress field from the response and notifies the user that the transaction is paused, awaiting human sign-off via the four-eyes policy.

Moving Fast Without Breaking Finance

Connecting a highly complex banking API like Depasify to a non-deterministic LLM is risky if done improperly. A custom MCP server forces your engineering team to take on the burden of schema maintenance, token rotation, and routing logic.

By leveraging Truto's dynamic, documentation-driven MCP infrastructure, you abstract away the API boilerplate. You get instant access to Depasify's full suite of treasury, KYB, and trading endpoints with built-in security filters - allowing you to focus on building intelligent agent workflows instead of maintaining integration code.

FAQ

How does the Depasify MCP server handle rate limits?
Truto does not retry or absorb rate limit errors. It normalizes Depasify's HTTP 429 responses into IETF-standard headers (ratelimit-limit, ratelimit-remaining, ratelimit-reset) and passes the error directly to ChatGPT. Your agent is responsible for implementing retry logic.
Can I enforce the four-eyes policy through ChatGPT?
Yes. The MCP server exposes tools like depasify_fiat_payments_approve. One user can initiate the payment via prompt, and a second authorized user (or an automated compliance agent) can call the approval tool to process the transaction.
Is the MCP server secure enough for financial data?
Yes. Each server is scoped to a single authenticated Depasify account. You can enforce secondary API token authentication, set expiration dates for temporary access, and strictly filter which methods (e.g., read-only) the LLM can execute.

More from our Blog