Connect Modulr to Claude: Manage Virtual Cards and Banking Ops
Learn how to connect Modulr to Claude using a managed MCP server. Automate virtual card issuance, Confirmation of Payee checks, and payments via natural language.
If you need to connect Modulr to Claude to automate virtual card issuance, batch payments, Confirmation of Payee workflows, or banking reconciliation, you need a Model Context Protocol (MCP) server. This infrastructure layer acts as the translator between Claude's function calls and Modulr's financial REST APIs. You can either spend weeks building and auditing this integration internally, or you can use a managed platform like Truto to dynamically generate a secure, authenticated MCP server URL. If your operations team relies on ChatGPT instead of Claude, check out our guide on connecting Modulr to ChatGPT or read our broader architectural overview on connecting Modulr to AI Agents.
Giving a Large Language Model (LLM) read and write access to a core banking and payments platform like Modulr carries massive operational and security implications. Financial APIs are not simple CRUD endpoints. You have to handle idempotency for payment initiation, manage asynchronous batch processing, and tightly control access to specific card actions. Every time Modulr updates a payload requirement for a Confirmation of Payee check, you have to patch your integration, redeploy the server, and audit the logs.
This guide breaks down exactly how to use Truto to generate a secure, managed MCP server for Modulr, connect it natively to Claude, and execute complex FinOps workflows using natural language.
The Engineering Reality of the Modulr API
A custom MCP server is a self-hosted backend that translates natural language intent into valid JSON-RPC 2.0 API requests. While the MCP standard handles tool discovery for the LLM, the reality of implementing it against a banking API like Modulr is highly complex.
If you decide to build a custom MCP server for Modulr, you own the entire integration lifecycle. Here are the specific challenges you will face:
Asynchronous Payment Processing
Unlike a standard SaaS CRM where creating a record returns the completed object, Modulr processes batch payments and some card creations asynchronously. The API returns a 202 Accepted status with an ID, requiring the client to poll or await webhooks for final status. If you expose raw endpoints to Claude, the model might assume a 202 means the payment succeeded instantly and hallucinate downstream confirmations. A managed integration normalizes these schemas so the LLM understands the asynchronous nature of the operation.
Confirmation of Payee (CoP) Nonces
Modulr enforces strict rules around Payer Name Verification (PNV) and Confirmation of Payee. These endpoints do not support idempotent requests - if you reuse a previously seen nonce or identifier, Modulr will instantly return a 403 Forbidden error. LLMs frequently retry exact payloads if they get confused. Exposing this directly to Claude requires careful schema definitions directing the model to generate unique identifiers per call.
Secure Details and Time-To-Live Tokens Retrieving sensitive data like PANs and CVVs requires creating a secure token that is only valid for 60 seconds. Attempting to manage this state directly within an LLM conversation context is nearly impossible without a robust translation layer that can sequence the token creation and immediate data retrieval.
Financial Rate Limits and Backoff
Modulr enforces strict API rate limits to protect underlying banking infrastructure. If an agent tries to iterate through thousands of historical transactions too rapidly, Modulr returns an HTTP 429. Truto does not retry, throttle, or absorb these rate limit errors. Instead, when Modulr returns a 429, Truto passes that error directly to the caller, normalizing the upstream rate limit info into standardized IETF headers (ratelimit-limit, ratelimit-remaining, ratelimit-reset). The caller - whether it is Claude Desktop or a custom LangGraph agent - is responsible for reading these headers and executing appropriate backoff logic.
How to Generate a Modulr MCP Server with Truto
Truto dynamically generates MCP tools based on the actual resources and documentation defined for the Modulr integration. The MCP server is scoped to a single integrated account (a specific tenant's connected Modulr instance), and authentication is handled entirely by the generated server URL.
There are two ways to create this MCP server.
Method 1: Via the Truto UI
For administrators setting up Claude Desktop for internal FinOps teams, the UI provides the fastest path:
- Navigate to the Integrated Accounts page in the Truto dashboard.
- Select your connected Modulr account.
- Click the MCP Servers tab.
- Click Create MCP Server.
- Select your configuration. If you only want Claude to check balances and audit transactions, select
readunder allowed methods. If you want it to issue cards, allowwrite. - Copy the generated MCP server URL (e.g.,
https://api.truto.one/mcp/abc123def456...).
Method 2: Via the Truto API
For engineers building multi-tenant AI products that need to programmatically provision MCP servers for end-users, you can create the server via a REST API call to Truto.
curl -X POST https://api.truto.one/integrated-account/{integrated_account_id}/mcp \
-H "Authorization: Bearer YOUR_TRUTO_API_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"name": "Modulr Finance Agent MCP",
"config": {
"methods": ["read", "write", "custom"]
},
"expires_at": null
}'The API returns a database record and the secure url needed to authenticate the JSON-RPC connection.
{
"id": "mcp_8a7b6c5d",
"name": "Modulr Finance Agent MCP",
"config": { "methods": ["read", "write", "custom"] },
"expires_at": null,
"url": "https://api.truto.one/mcp/a1b2c3d4e5f6g7h8i9j0"
}Connecting the MCP Server to Claude
Once you have the Truto MCP URL, connecting it to Claude requires zero custom code. You can configure this via the Claude desktop app or using a manual JSON configuration file.
Method 1: Via the Claude UI
If you are using Claude's enterprise or desktop interfaces that support UI-based custom connectors:
- Open Settings.
- Navigate to Integrations or Connectors (depending on your Claude tier).
- Click Add MCP Server or Add custom connector.
- Paste the Truto MCP URL and save. Claude will automatically call the
tools/listprotocol method and ingest all available Modulr endpoints.
Method 2: Via Manual Configuration File
For local development with Claude Desktop, you must edit the claude_desktop_config.json file. Truto MCP servers support Server-Sent Events (SSE) via the official MCP SDKs.
Locate your configuration file:
- Mac:
~/Library/Application Support/Claude/claude_desktop_config.json - Windows:
%APPDATA%\Claude\claude_desktop_config.json
Add the following configuration, replacing the URL with your actual Truto MCP URL:
{
"mcpServers": {
"modulr-finance": {
"command": "npx",
"args": [
"-y",
"@modelcontextprotocol/server-sse",
"https://api.truto.one/mcp/a1b2c3d4e5f6g7h8i9j0"
]
}
}
}Restart Claude Desktop. The hammer icon in the prompt bar will indicate that the Modulr tools are now active.
Modulr Hero Tools for AI Agents
When Claude connects to the Truto MCP server, it receives flattened JSON schemas for every documented Modulr endpoint. Below are six hero tools that provide the highest leverage for FinOps automation.
Tool: list_all_modulr_accounts
This tool allows the agent to fetch current balances, account statuses, and currency data across the entire Modulr tenant or filtered by a specific customer ID.
"Claude, check our Modulr environment and list all accounts that have an available balance below 5,000 GBP."
Tool: create_a_modulr_payment
Initiates a Faster Payment to an external bank account or transfers funds between internal Modulr accounts. Claude requires the source account, destination details, amount, and currency.
"Draft a payment of 1,200 EUR from our primary operations account to the vendor associated with external reference VEND-883. Do not execute until I approve the JSON payload."
Tool: create_a_modulr_account_name_check
Performs a Confirmation of Payee (CoP) check to verify that a payee's bank details match their registered name before initiating a high-value transfer. This is a critical fraud-prevention tool.
"Before we pay ACME Corp, run an account name check against their provided sort code and account number to verify it matches the entity name 'ACME Corporation Ltd'."
Tool: create_a_modulr_account_card
Provisions a new virtual card funded by a specific Modulr account. This is heavily used for issuing single-use or vendor-specific virtual cards on the fly.
"Issue a new virtual card linked to the Marketing budget account. Set a hard spend limit of $500 for the upcoming SaaS subscription renewal."
Tool: create_a_modulr_card_suspend
Suspends an active card immediately. This temporarily blocks new authorizations while leaving settled transactions unaffected, perfect for rapid response to suspicious activity.
"I just received a fraud alert for card ending in 4921. Please find the card ID and suspend it immediately."
Tool: list_all_modulr_batchpayments
Retrieves the status of bulk payment runs. Because batch payments are processed asynchronously, this tool allows Claude to audit which payments succeeded and which required manual intervention.
"Check the status of yesterday's contractor payroll batch payment. Were there any failed transactions that require approval?"
For a complete list of Modulr tools - including webhook configuration, mandate management, and secure card detail tokenization - see the Modulr integration page.
Workflows in Action
Exposing individual tools is only step one. The real power of MCP is allowing Claude to string these tools together into autonomous workflows based on natural language commands.
Workflow 1: Vendor Payment and Verification Routing
Accounts Payable workflows are typically bogged down by manual verification steps. An LLM can orchestrate the entire Confirmation of Payee and payment staging process.
"We need to pay a new vendor, TechLogistics, 4,500 GBP today. Their sort code is 12-34-56 and account is 98765432. Verify the account name matches. If it is a full match, stage a payment from our main UK account and alert me when it is ready for final approval."
Execution Steps:
- Claude calls
list_all_modulr_accountsto find the ID of the "main UK account" and verifies there is at least 4,500 GBP available. - Claude calls
create_a_modulr_account_name_checkpassing the sort code, account number, and the string "TechLogistics". - Claude parses the CoP JSON response. If the status returns a match, it proceeds.
- Claude calls
create_a_modulr_paymentwith the source account ID, the destination details, the amount, and a generated reference. - Claude replies to the user summarizing the verification result and showing the pending payment ID for final manual sign-off in the Modulr UI.
sequenceDiagram
participant User
participant Claude as Claude Desktop
participant MCP as Truto MCP Server
participant Modulr as Modulr API
User->>Claude: "Verify payee and stage payment"
Claude->>MCP: Call list_all_modulr_accounts
MCP->>Modulr: GET /accounts
Modulr-->>MCP: Returns balances
MCP-->>Claude: Account data
Claude->>MCP: Call create_a_modulr_account_name_check
MCP->>Modulr: POST /account-name-check
Modulr-->>MCP: Returns CoP match status
MCP-->>Claude: Match confirmed
Claude->>MCP: Call create_a_modulr_payment
MCP->>Modulr: POST /payments
Modulr-->>MCP: 202 Accepted (Payment ID)
MCP-->>Claude: Payment staged
Claude-->>User: "Verification successful. Payment staged."Workflow 2: Automated Virtual Card Provisioning
Managing team expenses often requires issuing physical or virtual cards dynamically, while ensuring strict controls are in place.
"The engineering team needs a virtual card to pay for AWS this month. Look up the Engineering Cost Center account, issue a new virtual card with a 10,000 USD limit, and output the card ID so I can map it to our internal tracker."
Execution Steps:
- Claude calls
list_all_modulr_accountsand filters by the search string "Engineering Cost Center" to retrieve the correctaccount_id. - Claude calls
create_a_modulr_account_cardpassing theaccount_id, currency, and a customlimitparameter of 10,000. - Claude receives the response containing the new card ID, masked PAN, and creation date, returning these directly to the IT administrator.
Security and Access Control
Giving AI models access to corporate bank accounts demands strict guardrails. Truto MCP servers support multiple layers of configuration to limit the blast radius of an autonomous agent:
- Method Filtering: You can restrict an MCP server at creation to specific operations. Passing
methods: ["read"]ensures the server will only generate tools for GET and LIST operations, completely preventing the LLM from making state changes like issuing cards or initiating payments. - Tag Filtering: Integrations are mapped with tool tags. You can pass
tags: ["cards"]to ensure the LLM only has access to card management tools, excluding payment initiation or customer creation tools entirely. - Require API Token Authentication: By setting
require_api_token_auth: true, possession of the MCP URL is no longer sufficient. The connecting client must also pass a valid Truto API token via a Bearer header. This prevents a leaked MCP URL from being exploited by unauthorized users. - Server Expiration: You can configure an
expires_atISO datetime when generating the server. Once the timestamp is reached, Truto automatically triggers a Durable Object cleanup alarm, purging the server from the database and edge KV storage. This is ideal for granting an AI agent temporary access to Modulr to execute a specific monthly reconciliation job.
Moving Forward
Connecting Modulr to Claude using a managed MCP server removes the heavy lifting of maintaining REST schemas, handling OAuth intricacies, and writing boilerplate JSON-RPC routers. By offloading the integration layer, your engineering team can focus entirely on prompting, workflow orchestration, and agent logic.
Remember that while Truto normalizes the connection and the schemas, you are still operating against production financial infrastructure. Ensure your agents are built to responsibly handle the 429 rate limit responses Truto passes through, and always use method filtering for read-only analytical workloads.
FAQ
- How does the Modulr MCP server handle API rate limits?
- Truto does not automatically retry or absorb rate limit errors. When Modulr returns an HTTP 429, Truto passes the error back to the caller alongside standardized IETF headers (ratelimit-limit, ratelimit-remaining, ratelimit-reset). Your agent framework must handle the retry and backoff logic.
- Can I restrict Claude to only reading Modulr account balances?
- Yes. When generating the MCP server, you can use method filtering by passing config: { methods: ['read'] }. This ensures Claude can only access GET and LIST operations, preventing the model from initiating payments or modifying card statuses.
- Does Claude need to authenticate with Modulr directly?
- No. The MCP server URL generated by Truto encodes the cryptographic token tied to your connected Modulr account. Claude connects via this URL without needing direct OAuth or API key access to Modulr.