50+ typed tools
Market data, account, trading, funding, earn and subaccounts — every endpoint a separate MCP tool with full type annotations.
Model Context Protocol · Kraken Spot
The Kraken API.
Now an MCP server.
Talk to Kraken from any MCP client. Full Spot REST API mapped to typed tools, secured with bearer-token-authenticated HTTP, ships as a hardened Docker image.
What you get
Bearer-token HTTP
Mint, list and revoke opaque tokens from the CLI. Only SHA-256
hashes are stored. Send the token via Authorization: Bearer
header or ?apikey= query param for clients that
can't set custom headers (e.g. Claude Desktop).
Permission-aware
Probes your API key on the first call, caches the permission set, and refuses unauthorised tools before they hit the wire.
Docker-ready
Multi-stage build, non-root uid 10001, read-only
rootfs, multi-arch image on GHCR. compose.yml included.
Built and tested on Python 3.14.
Health endpoint
GET /health returns {"status":"ok"}
with no bearer token. Safe for Docker healthchecks, Kubernetes
probes, and load-balancer pings.
HTTP, HTTPS, stdio
Same code, three transports. Streamable HTTP for remote MCP, HTTPS
with locally-trusted certs, stdio for Claude Desktop and
uvx.
Tested & typed
Strict mypy, ruff lint + format, pytest with a signing reference vector, CodeQL SAST, Dependabot CVE alerts on every dependency.
Quick start
One command pulls the container, one mints a bearer token, one starts the server. Two ways to authenticate your MCP client:
Authorization: Bearer mck_…header — preferred, token never touches the URLhttp://localhost:8765/mcp/?apikey=mck_…— query param fallback for clients that can't set headers (Claude Desktop)
# 1. Pull and run the latest release
$ docker run -d --name mcp-kraken -p 8765:8765 \
-e KRAKEN_API_KEY=… -e KRAKEN_API_SECRET=… \
-v $(pwd)/data:/data \
ghcr.io/xavierbeheydt/mcp-kraken:latest
# 2. Mint a bearer token for your MCP client
$ docker exec -it mcp-kraken mcp-kraken token create claude-desktop
# 3. Verify the server is up (no token needed)
$ curl -sS http://localhost:8765/health
# {"status":"ok"}
# 4. Wire your MCP client
$ curl -sS http://localhost:8765/mcp/ \
-H "Authorization: Bearer mck_…"Tools
Every Kraken endpoint is its own MCP tool, grouped by concern.
Market data public
get_server_time, get_system_status,
get_assets, get_asset_pairs,
get_ticker, get_ohlc,
get_order_book, get_recent_trades,
get_recent_spreads
Account & balances private
get_account_balance, get_extended_balance,
get_trade_balance, get_trade_volume,
get_ledgers, query_ledgers,
get_credit_lines, get_api_key_info,
request_export_report, retrieve_export
Trading private
get_open_orders, get_closed_orders,
query_orders, get_trade_history,
get_open_positions, add_order,
add_order_batch, amend_order,
edit_order, cancel_order,
cancel_all_orders, cancel_all_orders_after
Funding private
get_deposit_methods, get_deposit_addresses,
get_deposit_status,
get_withdrawal_methods, withdraw,
get_withdrawal_status, cancel_withdrawal,
wallet_transfer
Earn private
list_earn_strategies, list_earn_allocations,
allocate_earn, deallocate_earn,
get_earn_allocation_status,
get_earn_deallocation_status
WebSocket auth private
get_websockets_token
Disclaimer
This project is alpha software. Interfaces, tool signatures, default behaviours and the on-disk token format may change in any minor release until v1.0. Run a non-production instance against a read-only Kraken API key first, and read every tool's docstring before granting it credentials with trading or withdrawal permissions.
No liability. The author provides this software as is, without any warranty of any kind, express or implied. The author is not responsible for any direct, indirect, incidental or consequential financial loss arising from the use, misuse or unavailability of this software — including but not limited to misrouted withdrawals, unintended trades, missed executions, exchange downtime, API rate-limit hits, or compromised credentials.
Not financial advice. Nothing in this software, the documentation, or any tool output constitutes investment, trading, tax or legal advice. You are solely responsible for the decisions you make and the orders you submit.
Not affiliated with Kraken or Payward Inc. "Kraken" is a trademark of its respective owner. This project is an independent client of the public Kraken REST API.
On the roadmap
- WebSocket v2 — public feeds, private executions, balances
- FIX 4.4 trading session, sidecar deployment
- Per-token Kraken credentials (multi-tenant)
- Prometheus metrics, OpenTelemetry tracing