Live demo mode. AI dispatches return fictional vendor cards. Real transactions launching with first pilot partners. Terms of Service and Privacy Policy in counsel review; drafts available upon request via /contact.

Enterprise docs

Self-hosted MCP gateway

A thin MCP server you run in your own network. Your AI assistant talks to it instead of scope.bid directly. The server forwards your requests to scope.bid and returns the bids. Same dispatches. Same vendors. Same Stripe Connect payment rail. Your security team sees every call before it leaves your network.

BetaProduction GA target: Q3 2026

Reference deployment

A reference deployment of the Scope gateway is live at scope-mcp-gateway.onrender.com. You can curl the health and tools endpoints from any environment to verify the protocol shape before deploying your own. This staging instance is rate-limited, runs on Render's free tier (cold-starts after 15 minutes of idle), and rotates tokens nightly. Do not use it for production dispatches.

curl https://scope-mcp-gateway.onrender.com/health
# {"status":"ok","vertical":"legal","version":"1.0.0",...}

curl -H "Authorization: Bearer <token>" \
  https://scope-mcp-gateway.onrender.com/mcp/v1/tools
# {"tools":[ ... ]}

Architecture

Two outbound HTTPS connections leave your perimeter. No inbound traffic.

Customer perimeterClaude Managed Agent(your AI assistant)Anthropic MCP tunnel(deployed by you)Scope gateway(stateless proxy)Anthropic(model + tunnel)scope.bid(vendor network)HTTPS outboundHTTPS outbound

Deploy in 5 minutes

Provider-specific templates live in the scope-mcp repo under deploy/. Each one is a single-page README: prerequisites, deploy command, health-check verification.

Resource sizing

  • Small (under 100 dispatches/day): 0.25 vCPU, 256 MB RAM
  • Medium (100-1,000 dispatches/day): 0.5 vCPU, 512 MB RAM
  • Large (1,000+ dispatches/day): 1 vCPU, 1 GB RAM

Auth and secrets

Scope issues a SCOPE_API_TOKENat enterprise onboarding. The token is the gateway's only credential - injected at runtime via your provider's standard secret mechanism, never baked into the container image.

  • Rotation: the gateway re-reads the token on SIGHUP - no restart, no downtime.
  • Revocation: Scope can disable a token in the admin console. The next upstream call fails 401 and stops gracefully.
  • Scope: tokens authorize the firm's organization on scope.bid. They never carry secrets that work outside that scope.

Observability

  • Logs: every tool call writes a structured JSON line to stdout - timestamp, tool_name, token_suffix (last 4 only), scope_id, upstream_status, latency_ms. Pipe stdout to your existing aggregator (Datadog, Splunk, Cloudflare Logs).
  • Metrics: Prometheus format at /metrics. Total tool calls, error count by upstream status, latency p50/p95/p99.
  • Health probes: /health for liveness (returns 200 + build version), /ready for readiness (returns 200 only after a successful upstream call).
  • Alerts to wire: upstream 5xx rate above 1%, p95 latency above 500ms, container restart loops.

Troubleshooting

  • Upstream 401: the SCOPE_API_TOKEN is expired or revoked. Generate a new token via Scope admin, inject via your secret mechanism, send SIGHUP.
  • DNS resolution failures: the container needs egress to scope.bid over 443. Confirm with dig scope.bid inside the container.
  • TLS trust: the container ships with a stock CA bundle. If your network terminates TLS at a corporate proxy, mount your CA into /etc/ssl/certs and set NODE_EXTRA_CA_CERTS.
  • Rate limits: scope.bid returns 429 with a Retry-After header. The gateway surfaces this to the calling agent verbatim. Sustained 429s indicate dispatch volume above the enterprise rate-limit tier - email enterprise@scope.bid.

Status

Beta. Currently available to qualifying enterprise customers. Production GA target Q3 2026. Best-effort support during beta. For deployment scoping, token issuance, or production-readiness questions, email enterprise@scope.bid.