@esignlaunchpad/mcp-server
v2.0.1
Published
MCP (Model Context Protocol) server for eSign Launchpad - enables AI agents to create, send, and manage e-sign packages.
Maintainers
Readme
eSign Launchpad MCP Server
MCP (Model Context Protocol) server that enables AI agents to interact with the eSign Launchpad e-signature platform. Create, send, and manage signing packages directly from Claude, Cursor, or any MCP-compatible AI client.
Quick Start
# Install
npm install @esignlaunchpad/mcp-server
# Run (requires a credential - see "Credential setup" below)
ESIGN_API_KEY=<your_credential> npx @esignlaunchpad/mcp-serverClaude Desktop Configuration
Add to your claude_desktop_config.json:
{
"mcpServers": {
"esign-launchpad": {
"command": "npx",
"args": ["@esignlaunchpad/mcp-server"],
"env": {
"ESIGN_API_KEY": "<your_credential>"
}
}
}
}What Can AI Agents Do?
With this MCP server, AI agents can:
- Create signing packages with documents, signers, and annotation fields
- Upload documents (PDF, DOCX) via chunked upload
- Add signers with authentication requirements (email, SMS, KBA, ID verification)
- Place signature fields on documents with precise positioning
- Send packages for signing with custom email messages
- Track status of packages and individual signers
- Download completed documents and certificates of completion
- Manage templates for reusable signing workflows
- Configure webhooks for real-time event notifications
- Manage signing groups for team-based signing
Environment Variables
| Variable | Required | Default | Description |
|----------|----------|---------|-------------|
| ESIGN_API_KEY | Yes | - | Your eSign Launchpad credential. Both Personal Access Tokens and OAuth client credentials are supported (auto-detected). |
| ESIGN_API_URL | No | https://api.esignlaunchpad.com | API base URL |
| ESIGN_SPEC_URL | No | {API_URL}/openapi/tenant-api.json | OpenAPI spec URL |
Credential setup
eSign Launchpad supports two credential formats. Either works - paste whichever the portal gives you into ESIGN_API_KEY. The MCP server detects the format automatically.
Log in to eSign Launchpad.
Go to Settings → API.
Click Generate and choose the credential type:
Personal Access Token (PAT) - a single long-lived bearer string. Easiest for individual use, copy-paste once and you're done. Used directly in every API call as
Authorization: Bearer <token>.OAuth client credentials - a composite
clientId:clientSecretstring. The MCP server exchanges this at/connect/tokenfor a 1-hour access token, then refreshes automatically before expiry. Use this if you need standards-compliant OAuth (e.g. for compliance auditors who recognize the client_credentials flow) or if you want short-lived access tokens at rest.
Select the permissions your agent needs (see scopes below).
Copy the credential (shown only once).
Both formats deliver identical capabilities at the API surface - pick whichever matches your operational preference.
Available Permissions
Credentials are scoped. Select only what your agent needs:
| Scope | Operations |
|-------|-----------|
| sign.package.read | List, view, download packages |
| sign.package.create | Create new draft packages |
| sign.package.update | Modify existing packages |
| sign.package.send | Send packages for signature |
| sign.package.void | Void in-progress packages |
| sign.package.delete | Delete unsent packages |
| sign.template.read | List and view templates |
| sign.template.create / update / delete | Manage templates |
| sign.group.read / create / update / delete | Manage signing groups |
| sign.webhook.manage | Register, update, and delete webhook subscriptions |
Tenant administration, billing operations, and Stripe Connect onboarding are managed only from the eSign Launchpad portal (Settings) and cannot be granted to API credentials.
How It Works
This MCP server reads the eSign Launchpad OpenAPI specification at startup and dynamically generates MCP tools for each API endpoint. When the API is updated with new features, simply restart the server to pick up new tools automatically.
No code generation needed. No manual tool definitions. The OpenAPI spec is the single source of truth.
For OAuth credentials the server caches the issued access token and refreshes it 60 seconds before expiry. A single in-flight refresh is shared across concurrent requests so an MCP burst at expiry triggers exactly one /connect/token call, not one per tool call.
License
MIT
