The Stripe MCP server connects Claude, Cursor, and other AI tools directly to your Stripe account — exposing payment data as callable tools without the dashboard. You can query customers, subscriptions, invoices, disputes, and balance in natural language. The critical first step: create a restricted Stripe API key with minimum permissions. PCI scope and idempotency key behavior mean a full live secret key should never sit in an MCP config file.
For a curated list of top servers in this space, see the best finance MCP servers.
What Is the Stripe MCP Server and What Does It Do?
The Stripe MCP server is an official integration built and maintained by Stripe. It connects AI tools to your Stripe account through the Model Context Protocol, exposing payment data as typed tools that Claude or Cursor can call without requiring you to open the dashboard or write one-off data scripts. The server covers customers, payments, subscriptions, invoices, refunds, disputes, products, prices, and balance retrieval.
We analyzed MCPFind's finance category, which indexes 41 servers with an average of 34.63 GitHub stars each. Stripe leads at 1,395 stars, a gap that reflects active maintenance and real-world deployment. The server updates in step with Stripe API version releases and carries official support documentation. The broader MCPFind finance category also indexes bank data, accounting, and transaction enrichment servers for adjacent payment workflows. If you are new to the protocol itself, What Is MCP? gives a grounded foundation before diving into configuration.
How Do You Install the Stripe MCP Server in Claude or Cursor?
The Stripe MCP server runs as a Node.js package via npx, using stdio transport. There is no persistent background process to manage and no ports to configure.
For Claude Desktop, add this block to your claude_desktop_config.json file (located at ~/Library/Application Support/Claude/ on macOS):
{
"mcpServers": {
"stripe": {
"command": "npx",
"args": ["-y", "@stripe/mcp", "--api-key", "sk_live_YOUR_RESTRICTED_KEY"]
}
}
}For Cursor, open Settings > MCP Servers and paste the same configuration block. Restart after saving.
The server starts on demand when you open a chat session and terminates when you close it. For Claude Code users, you can add the server with claude mcp add stripe -- npx -y @stripe/mcp --api-key sk_live_YOUR_KEY from the terminal. The server is listed on MCPFind at /servers/com-stripe-mcp, where you can see version history and community notes alongside the install configuration.
What Payment Operations Can You Run Through Stripe MCP?
The most practical use case is fast lookups. A developer can ask Claude to pull all failed payment attempts for a specific customer email in the last 30 days, check whether a subscription is active or past due, list disputes opened this quarter, retrieve a customer's lifetime charge total, or summarize invoice history by product line. These are queries that take multiple dashboard clicks to assemble; through Stripe MCP, a single prompt is enough.
Write operations are also supported. The server can create refunds, update customer metadata, cancel subscriptions, issue credits, and modify subscription quantities. These operations require API keys with write access to the specific resources involved. We recommend keeping write-enabled keys completely separate from read-only keys. If your primary workflow is support and lookup, provision a read-only restricted key. Save write access for specific workflow tools where the AI action is intentional and reviewed. For a broader look at ecommerce MCP options including Shopify and Square alternatives, see the best ecommerce MCP servers roundup.
How Do You Scope Stripe API Keys Securely for MCP?
The Stripe API key you pass to the MCP server lives in your local config file. Any process with read access to that file can use it. Three scoping practices limit the exposure.
First, create a restricted key in the Stripe dashboard under Developers > API Keys > Create restricted key. Stripe's permission model lets you select read or write access per resource type. A support workflow that needs to look up customers and disputes does not need write access to subscriptions or products. Scoping precisely means a malformed AI-generated tool call cannot do more than read a customer record.
Second, use test mode keys during prompt development. Test keys (sk_test_...) point to your test environment, so no live transactions are affected while you are iterating on how to phrase queries. This is particularly important when testing write operations like refund creation.
Third, rotate keys on a quarterly schedule. Restricted keys can be revoked and replaced without touching your main API credentials. If you notice unexpected write operations in your Stripe event log, revoke the key immediately. For teams sharing MCP access, each developer should provision their own restricted key rather than sharing a single credential across environments.
How Does the Stripe MCP Server Compare to Direct API Scripting?
The practical difference comes down to iteration speed. When a developer writes a script to pull customer data, they define the exact query upfront and run it in one step. When the same developer uses Stripe MCP with Claude, they can ask follow-up questions in natural language without writing additional code. The first query might return a customer record; the second might ask Claude to identify which of those customers have active disputes and open subscriptions simultaneously. Claude assembles the multi-step query from Stripe's tools without the developer specifying each API call.
The tradeoff is auditability. Direct scripts leave a clear code trail. MCP tool calls are logged differently, and the prompts that trigger them are not always reproducible in the exact same form. For workflows where audit trails matter, keep write operations in scripted form and use MCP for the read-heavy lookup work where the human reviews results before acting. Teams already using Stripe's official libraries should treat Stripe MCP as a complement to their existing integration, not a replacement. The server works alongside existing code and does not affect how your application calls the Stripe API outside of Claude sessions.
Gus Marquez