stripe-mcp-server
Verified Safeby julian-najas
Overview
A production-ready Stripe payment server designed for AI agents, providing idempotent payment intent creation, verified webhook handling, and payment status retrieval via a Model Context Protocol (MCP) interface.
Installation
uvicorn app.main:app --reloadEnvironment Variables
- STRIPE_API_KEY
- STRIPE_WEBHOOK_SECRET
- API_KEY
- DATABASE_URL
- DEBUG
- ENVIRONMENT
- USE_STRIPE_REAL
Security Notes
The server demonstrates good security practices including explicit webhook signature verification, persistent idempotency to prevent double charges, and requiring API keys for most operations (configurable for debug). Secrets like Stripe API keys and webhook secrets are correctly loaded from environment variables with safe defaults for development. A dedicated SECURITY.md outlines important production security considerations, such as not committing secrets, key rotation, and database best practices. However, it explicitly notes that rate limiting is not implemented and recommends HTTPS for webhooks, which are common to address in production deployments.
Similar Servers
agentxsuite
A unified open-source platform for connecting, managing, and monitoring AI agents and tools across various Model Context Protocol (MCP) servers.
mcp-fastmcp-starter
Provides a minimal, production-minded MCP-shaped tool server for building agentic AI services with typed tool contracts and deterministic JSON I/O via FastAPI.
mcp-framework-server
A Python-based server for a Model Context Protocol (MCP) enabling interactive career orientation (proforientation) dialogues via a REST API, designed to integrate with a Telegram bot.
omise-mcp
Facilitate secure and managed integration with Omise payment APIs for various financial operations using the Model Context Protocol.