# How to integrate Identitycheck MCP with Mastra AI ```json { "title": "How to integrate Identitycheck MCP with Mastra AI", "toolkit": "Identitycheck", "toolkit_slug": "identitycheck", "framework": "Mastra AI", "framework_slug": "mastra-ai", "url": "https://composio.dev/toolkits/identitycheck/framework/mastra-ai", "markdown_url": "https://composio.dev/toolkits/identitycheck/framework/mastra-ai.md", "updated_at": "2026-05-12T10:15:38.342Z" } ``` ## Introduction This guide walks you through connecting Identitycheck to Mastra AI using the Composio tool router. By the end, you'll have a working Identitycheck agent that can check onboarding status for a specific user, list all successful onboardings from last week, fetch document content for a given onboarding through natural language commands. This guide will help you understand how to give your Mastra AI agent real control over a Identitycheck account through Composio's Identitycheck MCP server. Before we dive in, let's take a quick look at the key ideas and tools involved. ## Also integrate Identitycheck with - [OpenAI Agents SDK](https://composio.dev/toolkits/identitycheck/framework/open-ai-agents-sdk) - [Claude Agent SDK](https://composio.dev/toolkits/identitycheck/framework/claude-agents-sdk) - [Claude Code](https://composio.dev/toolkits/identitycheck/framework/claude-code) - [Claude Cowork](https://composio.dev/toolkits/identitycheck/framework/claude-cowork) - [Codex](https://composio.dev/toolkits/identitycheck/framework/codex) - [OpenClaw](https://composio.dev/toolkits/identitycheck/framework/openclaw) - [Hermes](https://composio.dev/toolkits/identitycheck/framework/hermes-agent) - [CLI](https://composio.dev/toolkits/identitycheck/framework/cli) - [Google ADK](https://composio.dev/toolkits/identitycheck/framework/google-adk) - [LangChain](https://composio.dev/toolkits/identitycheck/framework/langchain) - [Vercel AI SDK](https://composio.dev/toolkits/identitycheck/framework/ai-sdk) - [LlamaIndex](https://composio.dev/toolkits/identitycheck/framework/llama-index) - [CrewAI](https://composio.dev/toolkits/identitycheck/framework/crew-ai) ## TL;DR Here's what you'll learn: - Set up your environment so Mastra, OpenAI, and Composio work together - Create a Tool Router session in Composio that exposes Identitycheck tools - Connect Mastra's MCP client to the Composio generated MCP URL - Fetch Identitycheck tool definitions and attach them as a toolset - Build a Mastra agent that can reason, call tools, and return structured results - Run an interactive CLI where you can chat with your Identitycheck agent ## What is Mastra AI? Mastra AI is a TypeScript framework for building AI agents with tool support. It provides a clean API for creating agents that can use external services through MCP. Key features include: - MCP Client: Built-in support for Model Context Protocol servers - Toolsets: Organize tools into logical groups - Step Callbacks: Monitor and debug agent execution - OpenAI Integration: Works with OpenAI models via @ai-sdk/openai ## What is the Identitycheck MCP server, and what's possible with it? The Identitycheck MCP server is an implementation of the Model Context Protocol that connects your AI agent and assistants like Claude, Cursor, etc directly to your Identitycheck account. It provides structured and secure access to your verification workflows, so your agent can perform actions like checking onboarding status, fetching document content, managing notification endpoints, and retrieving configurations on your behalf. - Instant onboarding status checks: Your agent can retrieve and monitor the progress or result of any onboarding process, keeping you updated in real time. - Document content retrieval: Effortlessly fetch base64-encoded document content tied to a specific onboarding and document code for further analysis or archiving. - Comprehensive configuration management: List, fetch, or delete identity verification configurations, giving you full control over your Identitycheck setup without manual dashboard work. - Notification endpoint oversight: List, fetch, or remove notification endpoints to customize how and where you receive verification event updates. - API health monitoring: Quickly verify API availability before performing operations, ensuring reliability and uptime for your verification workflows. ## Supported Tools | Tool slug | Name | Description | |---|---|---| | `IDENTITYCHECK_CHECK_API_HEALTH` | Check API Health | Performs an API health check to verify endpoint availability and responsiveness. This tool sends an HTTP request to a specified endpoint and interprets a 200 OK response as indicating the API is UP. It handles both JSON and non-JSON responses (including HTML). Use this before other operations to confirm the API is reachable. | | `IDENTITYCHECK_DELETE_CONFIGURATION` | Delete configuration | Tool to delete an existing configuration. Use when you need to remove a configuration by its unique code. | | `IDENTITYCHECK_DELETE_NOTIFICATION_ENDPOINT` | Delete Notification Endpoint | Tool to delete a notification endpoint by its unique code. This operation is idempotent - it will succeed whether the endpoint exists or has already been deleted. Use when you need to remove a callback endpoint that receives webhook notifications for identity verification events. | | `IDENTITYCHECK_FETCH_ALL_CONFIGURATIONS` | Fetch All Configurations | Tool to fetch all existing configurations. Use when you need to list all customer configurations after authentication. | | `IDENTITYCHECK_FETCH_ALL_NOTIFICATION_ENDPOINTS` | Fetch all notification endpoints | Fetches all configured notification endpoints (webhooks) for the IdentityCheck SDK. Use this to list all callback URLs that receive onboarding event notifications (START_ONBOARDING, END_ONBOARDING). | | `IDENTITYCHECK_FETCH_CONFIGURATION` | Fetch Configuration | Fetch a specific identity verification configuration by its code. Use this action when you need to: - Retrieve theme customizations (logo, colors, button styles) for a configuration - Get custom wordings/translations defined for different languages - Review configuration options like link validity, email sender name, or ID capture settings - Verify that a configuration exists before using it in an onboarding flow The configuration code is the unique identifier assigned when the configuration was created. | | `IDENTITYCHECK_FETCH_NOTIFICATION_ENDPOINT` | Fetch Notification Endpoint | Tool to fetch a notification endpoint by its code. Use when you need the current configuration of a specific callback endpoint. | | `IDENTITYCHECK_FETCH_ONBOARDINGS` | Fetch Onboardings | Retrieves identity verification onboarding sessions with comprehensive filtering and pagination. An onboarding represents a customer's identity verification journey, tracking their progress from link creation through document capture and verification completion. Each onboarding has a unique link sent via email/phone/none, and transitions through states: CREATED → CLICKED → CAPTURE_ONGOING → SUCCESS/ERROR/EXPIRED. Use this to: - Monitor verification sessions by status, date range, or customer identifiers - Track onboarding completion rates and error patterns - Retrieve specific onboardings by UID or business-specific identifiers - Analyze notification delivery methods and their effectiveness Returns paginated results with statistics (total results, distinct users, captures per document). All filter parameters are optional; omit them to retrieve all onboardings. Example: Find all failed verifications due to network errors in January 2024 | | `IDENTITYCHECK_GET_DOCUMENT_CONTENT` | Get Document Content | Tool to retrieve base64-encoded document content. Use when you have an onboarding UID and document code. | | `IDENTITYCHECK_RETRIEVE_ONBOARDING_STATUS` | Retrieve Onboarding Status | Retrieve the current status and results of an identity verification onboarding session. Use this tool to check the progress of an onboarding (CREATED, CLICKED, CAPTURE_ONGOING) or get final results (SUCCESS, ERROR, EXPIRED). Returns detailed analysis results, error causes, and CIS export data when available. | | `IDENTITYCHECK_UPDATE_CONFIGURATION` | Update Configuration | Tool to update an existing configuration. Use when you need to modify properties of a configuration identified by code. | ## Supported Triggers None listed. ## Creating MCP Server - Stand-alone vs Composio SDK The Identitycheck MCP server is an implementation of the Model Context Protocol that connects your AI agent to Identitycheck. It provides structured and secure access so your agent can perform Identitycheck operations on your behalf through a secure, permission-based interface. With Composio's managed implementation, you don't have to create your own developer app. For production, if you're building an end product, we recommend using your own credentials. The managed server helps you prototype fast and go from 0-1 faster. ## Step-by-step Guide ### 1. Prerequisites Before starting, make sure you have: - Node.js 18 or higher - A Composio account with an active API key - An OpenAI API key - Basic familiarity with TypeScript ### 1. Getting API Keys for OpenAI and Composio OpenAI API Key - Go to the [OpenAI dashboard](https://platform.openai.com/settings/organization/api-keys) and create an API key. - You need credits or a connected billing setup to use the models. - Store the key somewhere safe. Composio API Key - Log in to the [Composio dashboard](https://dashboard.composio.dev?utm_source=toolkits&utm_medium=framework_docs). - Go to Settings and copy your API key. - This key lets your Mastra agent talk to Composio and reach Identitycheck through MCP. ### 2. Install dependencies Install the required packages. What's happening: - @composio/core is the Composio SDK for creating MCP sessions - @mastra/core provides the Agent class - @mastra/mcp is Mastra's MCP client - @ai-sdk/openai is the model wrapper for OpenAI - dotenv loads environment variables from .env ```bash npm install @composio/core @mastra/core @mastra/mcp @ai-sdk/openai dotenv ``` ### 3. Set up environment variables Create a .env file in your project root. What's happening: - COMPOSIO_API_KEY authenticates your requests to Composio - COMPOSIO_USER_ID tells Composio which user this session belongs to - OPENAI_API_KEY lets the Mastra agent call OpenAI models ```bash COMPOSIO_API_KEY=your_composio_api_key_here COMPOSIO_USER_ID=your_user_id_here OPENAI_API_KEY=your_openai_api_key_here ``` ### 4. Import libraries and validate environment What's happening: - dotenv/config auto loads your .env so process.env.* is available - openai gives you a Mastra compatible model wrapper - Agent is the Mastra agent that will call tools and produce answers - MCPClient connects Mastra to your Composio MCP server - Composio is used to create a Tool Router session ```typescript import "dotenv/config"; import { openai } from "@ai-sdk/openai"; import { Agent } from "@mastra/core/agent"; import { MCPClient } from "@mastra/mcp"; import { Composio } from "@composio/core"; import * as readline from "readline"; import type { AiMessageType } from "@mastra/core/agent"; const openaiAPIKey = process.env.OPENAI_API_KEY; const composioAPIKey = process.env.COMPOSIO_API_KEY; const composioUserID = process.env.COMPOSIO_USER_ID; if (!openaiAPIKey) throw new Error("OPENAI_API_KEY is not set"); if (!composioAPIKey) throw new Error("COMPOSIO_API_KEY is not set"); if (!composioUserID) throw new Error("COMPOSIO_USER_ID is not set"); const composio = new Composio({ apiKey: composioAPIKey as string, }); ``` ### 5. Create a Tool Router session for Identitycheck What's happening: - create spins up a short-lived MCP HTTP endpoint for this user - The toolkits array contains "identitycheck" for Identitycheck access - session.mcp.url is the MCP URL that Mastra's MCPClient will connect to ```typescript async function main() { const session = await composio.create( composioUserID as string, { toolkits: ["identitycheck"], }, ); const composioMCPUrl = session.mcp.url; console.log("Identitycheck MCP URL:", composioMCPUrl); ``` ### 6. Configure Mastra MCP client and fetch tools What's happening: - MCPClient takes an id for this client and a list of MCP servers - The headers property includes the x-api-key for authentication - getTools fetches the tool definitions exposed by the Identitycheck toolkit ```typescript const mcpClient = new MCPClient({ id: composioUserID as string, servers: { nasdaq: { url: new URL(composioMCPUrl), requestInit: { headers: session.mcp.headers, }, }, }, timeout: 30_000, }); console.log("Fetching MCP tools from Composio..."); const composioTools = await mcpClient.getTools(); console.log("Number of tools:", Object.keys(composioTools).length); ``` ### 7. Create the Mastra agent What's happening: - Agent is the core Mastra agent - name is just an identifier for logging and debugging - instructions guide the agent to use tools instead of only answering in natural language - model uses openai("gpt-5") to configure the underlying LLM ```typescript const agent = new Agent({ name: "identitycheck-mastra-agent", instructions: "You are an AI agent with Identitycheck tools via Composio.", model: "openai/gpt-5", }); ``` ### 8. Set up interactive chat interface What's happening: - messages keeps the full conversation history in Mastra's expected format - agent.generate runs the agent with conversation history and Identitycheck toolsets - maxSteps limits how many tool calls the agent can take in a single run - onStepFinish is a hook that prints intermediate steps for debugging ```typescript let messages: AiMessageType[] = []; console.log("Chat started! Type 'exit' or 'quit' to end.\n"); const rl = readline.createInterface({ input: process.stdin, output: process.stdout, prompt: "> ", }); rl.prompt(); rl.on("line", async (userInput: string) => { const trimmedInput = userInput.trim(); if (["exit", "quit", "bye"].includes(trimmedInput.toLowerCase())) { console.log("\nGoodbye!"); rl.close(); process.exit(0); } if (!trimmedInput) { rl.prompt(); return; } messages.push({ id: crypto.randomUUID(), role: "user", content: trimmedInput, }); console.log("\nAgent is thinking...\n"); try { const response = await agent.generate(messages, { toolsets: { identitycheck: composioTools, }, maxSteps: 8, }); const { text } = response; if (text && text.trim().length > 0) { console.log(`Agent: ${text}\n`); messages.push({ id: crypto.randomUUID(), role: "assistant", content: text, }); } } catch (error) { console.error("\nError:", error); } rl.prompt(); }); rl.on("close", async () => { console.log("\nSession ended."); await mcpClient.disconnect(); process.exit(0); }); } main().catch((err) => { console.error("Fatal error:", err); process.exit(1); }); ``` ## Complete Code ```typescript import "dotenv/config"; import { openai } from "@ai-sdk/openai"; import { Agent } from "@mastra/core/agent"; import { MCPClient } from "@mastra/mcp"; import { Composio } from "@composio/core"; import * as readline from "readline"; import type { AiMessageType } from "@mastra/core/agent"; const openaiAPIKey = process.env.OPENAI_API_KEY; const composioAPIKey = process.env.COMPOSIO_API_KEY; const composioUserID = process.env.COMPOSIO_USER_ID; if (!openaiAPIKey) throw new Error("OPENAI_API_KEY is not set"); if (!composioAPIKey) throw new Error("COMPOSIO_API_KEY is not set"); if (!composioUserID) throw new Error("COMPOSIO_USER_ID is not set"); const composio = new Composio({ apiKey: composioAPIKey as string }); async function main() { const session = await composio.create(composioUserID as string, { toolkits: ["identitycheck"], }); const composioMCPUrl = session.mcp.url; const mcpClient = new MCPClient({ id: composioUserID as string, servers: { identitycheck: { url: new URL(composioMCPUrl), requestInit: { headers: session.mcp.headers, }, }, }, timeout: 30_000, }); const composioTools = await mcpClient.getTools(); const agent = new Agent({ name: "identitycheck-mastra-agent", instructions: "You are an AI agent with Identitycheck tools via Composio.", model: "openai/gpt-5", }); let messages: AiMessageType[] = []; const rl = readline.createInterface({ input: process.stdin, output: process.stdout, prompt: "> ", }); rl.prompt(); rl.on("line", async (input: string) => { const trimmed = input.trim(); if (["exit", "quit"].includes(trimmed.toLowerCase())) { rl.close(); return; } messages.push({ id: crypto.randomUUID(), role: "user", content: trimmed }); const { text } = await agent.generate(messages, { toolsets: { identitycheck: composioTools }, maxSteps: 8, }); if (text) { console.log(`Agent: ${text}\n`); messages.push({ id: crypto.randomUUID(), role: "assistant", content: text }); } rl.prompt(); }); rl.on("close", async () => { await mcpClient.disconnect(); process.exit(0); }); } main(); ``` ## Conclusion You've built a Mastra AI agent that can interact with Identitycheck through Composio's Tool Router. You can extend this further by: - Adding other toolkits like Gmail, Slack, or GitHub - Building a web-based chat interface around this agent - Using multiple MCP endpoints to enable cross-app workflows ## How to build Identitycheck MCP Agent with another framework - [OpenAI Agents SDK](https://composio.dev/toolkits/identitycheck/framework/open-ai-agents-sdk) - [Claude Agent SDK](https://composio.dev/toolkits/identitycheck/framework/claude-agents-sdk) - [Claude Code](https://composio.dev/toolkits/identitycheck/framework/claude-code) - [Claude Cowork](https://composio.dev/toolkits/identitycheck/framework/claude-cowork) - [Codex](https://composio.dev/toolkits/identitycheck/framework/codex) - [OpenClaw](https://composio.dev/toolkits/identitycheck/framework/openclaw) - [Hermes](https://composio.dev/toolkits/identitycheck/framework/hermes-agent) - [CLI](https://composio.dev/toolkits/identitycheck/framework/cli) - [Google ADK](https://composio.dev/toolkits/identitycheck/framework/google-adk) - [LangChain](https://composio.dev/toolkits/identitycheck/framework/langchain) - [Vercel AI SDK](https://composio.dev/toolkits/identitycheck/framework/ai-sdk) - [LlamaIndex](https://composio.dev/toolkits/identitycheck/framework/llama-index) - [CrewAI](https://composio.dev/toolkits/identitycheck/framework/crew-ai) ## Related Toolkits - [Gmail](https://composio.dev/toolkits/gmail) - Gmail is Google's email service with powerful spam protection, search, and G Suite integration. It keeps your inbox organized and makes communication fast and reliable. - [Google Calendar](https://composio.dev/toolkits/googlecalendar) - Google Calendar is a time management service for scheduling meetings, events, and reminders. It streamlines personal and team organization with integrated notifications and sharing options. - [Google Drive](https://composio.dev/toolkits/googledrive) - Google Drive is a cloud storage platform for uploading, sharing, and collaborating on files. It's perfect for keeping your documents accessible and organized across devices. - [Outlook](https://composio.dev/toolkits/outlook) - Outlook is Microsoft's email and calendaring platform for unified communications and scheduling. It helps users stay organized with powerful email, contacts, and calendar management. - [Twitter](https://composio.dev/toolkits/twitter) - Twitter is a social media platform for sharing real-time updates, conversations, and news. Stay connected, informed, and engaged with communities worldwide. - [Google Sheets](https://composio.dev/toolkits/googlesheets) - Google Sheets is a cloud-based spreadsheet tool for real-time collaboration and data analysis. It lets teams work together from anywhere, updating information instantly. - [Supabase](https://composio.dev/toolkits/supabase) - Supabase is an open-source backend platform offering scalable Postgres databases, authentication, storage, and real-time APIs. It lets developers build modern apps without managing infrastructure. - [Composio](https://composio.dev/toolkits/composio) - Composio is an integration platform that connects AI agents with hundreds of business tools. It streamlines authentication and lets you trigger actions across services—no custom code needed. - [Notion](https://composio.dev/toolkits/notion) - Notion is a collaborative workspace for notes, docs, wikis, and tasks. It streamlines team knowledge, project tracking, and workflow customization in one place. - [Slack](https://composio.dev/toolkits/slack) - Slack is a channel-based messaging platform for teams and organizations. It helps people collaborate in real time, share files, and connect all their tools in one place. - [Airtable](https://composio.dev/toolkits/airtable) - Airtable combines the flexibility of spreadsheets with the power of a database for easy project and data management. Teams use Airtable to organize, track, and collaborate with custom views and automations. - [Google Docs](https://composio.dev/toolkits/googledocs) - Google Docs is a cloud-based word processor that enables document creation and real-time collaboration. Its seamless sharing and version history make team editing and content management a breeze. - [Google Super](https://composio.dev/toolkits/googlesuper) - Google Super is an all-in-one suite combining Gmail, Drive, Calendar, Sheets, Analytics, and more. It gives you a unified platform to manage your digital life, boosting productivity and organization. - [Hubspot](https://composio.dev/toolkits/hubspot) - HubSpot is an all-in-one marketing, sales, and customer service platform. It lets teams nurture leads, automate outreach, and track every customer interaction in one place. - [Codeinterpreter](https://composio.dev/toolkits/codeinterpreter) - Codeinterpreter is a Python-based coding environment with built-in data analysis and visualization. It lets you instantly run scripts, plot results, and prototype solutions inside supported platforms. - [Gong](https://composio.dev/toolkits/gong) - Gong is a platform for video meetings, call recording, and team collaboration. It helps teams capture conversations, analyze calls, and turn insights into action. - [Asana](https://composio.dev/toolkits/asana) - Asana is a collaborative work management platform for teams to organize and track projects. It streamlines teamwork, boosts productivity, and keeps everyone aligned on goals. - [Ashby](https://composio.dev/toolkits/ashby) - Ashby is an applicant tracking system that handles job postings, candidate management, and hiring analytics. - [Pipedrive](https://composio.dev/toolkits/pipedrive) - Pipedrive is a sales management platform offering pipeline visualization, lead tracking, and workflow automation. It helps sales teams keep deals moving forward efficiently and never miss a follow-up. - [Google Tasks](https://composio.dev/toolkits/googletasks) - Google Tasks is a to-do list and task management tool integrated into Gmail and Google Calendar. It helps you organize, track, and complete tasks across your Google ecosystem. ## Frequently Asked Questions ### What are the differences in Tool Router MCP and Identitycheck MCP? With a standalone Identitycheck MCP server, the agents and LLMs can only access a fixed set of Identitycheck tools tied to that server. However, with the Composio Tool Router, agents can dynamically load tools from Identitycheck and many other apps based on the task at hand, all through a single MCP endpoint. ### Can I use Tool Router MCP with Mastra AI? Yes, you can. Mastra AI fully supports MCP integration. You get structured tool calling, message history handling, and model orchestration while Tool Router takes care of discovering and serving the right Identitycheck tools. ### Can I manage the permissions and scopes for Identitycheck while using Tool Router? Yes, absolutely. You can configure which Identitycheck scopes and actions are allowed when connecting your account to Composio. You can also bring your own OAuth credentials or API configuration so you keep full control over what the agent can do. ### How safe is my data with Composio Tool Router? All sensitive data such as tokens, keys, and configuration is fully encrypted at rest and in transit. Composio is SOC 2 Type 2 compliant and follows strict security practices so your Identitycheck data and credentials are handled as safely as possible. --- [See all toolkits](https://composio.dev/toolkits) · [Composio docs](https://docs.composio.dev/llms.txt)