How to integrate Paradym MCP with Mastra AI

Trusted by
AWS
Glean
Zoom
Airtable
GET STARTED FOR FREEGET A DEMO

30 min · no commitment · see it on your stack

Paradym logo
Mastra AI logo
divider

Introduction

This guide walks you through connecting Paradym to Mastra AI using the Composio tool router. By the end, you'll have a working Paradym agent that can issue sd-jwt verifiable credential for a user, verify authenticity of a presented credential, list all credentials issued to an email address through natural language commands.

This guide will help you understand how to give your Mastra AI agent real control over a Paradym account through Composio's Paradym MCP server.

Before we dive in, let's take a quick look at the key ideas and tools involved.

Also integrate Paradym with

TL;DR

Here's what you'll learn:
  • Set up your environment so Mastra, OpenAI, and Composio work together
  • Create a Tool Router session in Composio that exposes Paradym tools
  • Connect Mastra's MCP client to the Composio generated MCP URL
  • Fetch Paradym tool definitions and attach them as a toolset
  • Build a Mastra agent that can reason, call tools, and return structured results
  • Run an interactive CLI where you can chat with your Paradym agent

What is Mastra AI?

Mastra AI is a TypeScript framework for building AI agents with tool support. It provides a clean API for creating agents that can use external services through MCP.

Key features include:

  • MCP Client: Built-in support for Model Context Protocol servers
  • Toolsets: Organize tools into logical groups
  • Step Callbacks: Monitor and debug agent execution
  • OpenAI Integration: Works with OpenAI models via @ai-sdk/openai

What is the Paradym MCP server, and what's possible with it?

The Paradym MCP server is an implementation of the Model Context Protocol that connects your AI agent and assistants like Claude, Cursor, etc directly to your Paradym account. It provides structured and secure access to your verifiable credential workflows, so your agent can perform actions like issuing credentials, verifying identity claims, managing credential lifecycles, and supporting interoperability across digital identity standards.

  • Automated credential issuance: Instruct your agent to issue new verifiable credentials to users or systems, supporting protocols like SD-JWT VCs and AnonCreds.
  • Seamless credential verification: Enable your agent to verify the authenticity and validity of credentials presented by others, streamlining onboarding and trust checks.
  • Credential lifecycle management: Allow your agent to update, revoke, or renew existing credentials, ensuring full control over your digital identity assets.
  • Interoperability with identity standards: Leverage your agent to work across OpenID4VC, DIDComm, and other standards for maximum compatibility and flexibility.
  • Audit and usage tracking: Task your agent to retrieve detailed logs or status reports on credential activity, helping you maintain compliance and visibility.

Supported Tools & Triggers

Tools
Activate CertificateTool to activate a certificate for use in a project.
Archive AnonCreds Credential TemplateTool to archive an AnonCreds credential template in a project.
Archive mDoc Credential TemplateTool to archive an mDoc credential template.
Archive Presentation TemplateTool to archive a presentation template in a project.
Archive SD-JWT VC Credential TemplateTool to archive an SD-JWT VC credential template in a project.
Create AnonCreds Credential TemplateTool to create a new AnonCreds credential template.
Create CertificateTool to create a new self-signed X.
Create DIDComm Connection InvitationTool to create a DIDComm connection invitation.
Create DIDComm Issuance OfferTool to create a DIDComm credential issuance offer.
Create OpenID4VC Credential OfferTool to create an OpenID4VC credential offer.
Create OpenID4VC Verification RequestTool to create an OpenID4VC verification request.
Create Presentation TemplateTool to create a new presentation template.
Create Project WebhookTool to create a new webhook for a project.
Create SD-JWT VC Credential TemplateTool to create a new SD-JWT VC credential template with selective disclosure capabilities.
Create Trusted EntityTool to create a new trusted entity for a project.
Deactivate CertificateTool to deactivate a certificate in a project.
Delete DIDComm ConnectionTool to delete a DIDComm connection from a project.
Delete DIDComm InvitationTool to delete a DIDComm invitation from a project.
Delete Trusted EntityTool to delete a trusted entity from a project.
Delete Project WebhookTool to delete a webhook endpoint from a project.
Get AnonCreds Credential TemplateTool to retrieve a specific AnonCreds credential template by ID.
Get AnonCreds Credential Template JSON SchemaTool to retrieve the JSON schema for an AnonCreds credential template.
Get DIDComm ConnectionTool to retrieve a specific DIDComm connection by ID.
Get DIDComm ConnectionsTool to retrieve a list of DIDComm connections for a project.
Get DIDComm InvitationTool to retrieve a specific DIDComm invitation by ID.
Get DIDComm Issuance SessionTool to retrieve a specific DIDComm issuance session by ID.
Get DIDsTool to retrieve a list of Decentralized Identifiers (DIDs) for a specific project.
Get mDoc Credential TemplateTool to retrieve a specific mDoc credential template by ID.
Get mDoc Credential Template JSON SchemaTool to retrieve the JSON schema for an mDoc credential template.
Get OpenID4VC Issuance SessionTool to retrieve a specific OpenID4VC issuance session by ID.
Get OpenID4VC Verification SessionTool to retrieve a specific OpenID4VC verification session by ID.
Get Presentation TemplateTool to retrieve a specific presentation template by ID.
Get Presentation TemplatesTool to retrieve a list of presentation templates for a project.
Get Project MembersTool to retrieve a list of project members.
Get Project ProfileTool to retrieve the default profile for a project.
Get ProjectsTool to retrieve a list of all projects accessible to the authenticated user.
Get Project WebhooksTool to retrieve a list of webhooks configured for a specific project.
Get SD-JWT VC Credential TemplateTool to retrieve a specific SD-JWT VC credential template by ID.
Get SD-JWT VC Credential Template JSON SchemaTool to retrieve the JSON schema for an SD-JWT VC credential template.
Get Trusted EntitiesTool to retrieve trusted entities for a specific project.
Get Trusted EntityTool to retrieve a specific trusted entity by ID.
Issue Direct SD-JWT VCTool to directly issue an SD-JWT VC credential without exchange protocol.
List AnonCreds Credential TemplatesTool to retrieve all AnonCreds credential templates for a project.
List CertificatesTool to retrieve all X.
List Certificate Signing RequestsTool to retrieve all certificate signing requests for a project.
List DIDComm InvitationsTool to retrieve all DIDComm invitations for a project.
List DIDComm Issuance OffersTool to list all DIDComm issuance offers within a project.
List DIDComm Mediator ConnectionsTool to retrieve connections for a DIDComm mediator.
List DIDComm MediatorsTool to retrieve all DIDComm mediators for a project.
List DIDComm Verification RequestsTool to list all DIDComm verification sessions for a project.
List Issued CredentialsTool to list metadata for all issued credentials within a project.
List mDoc Credential TemplatesTool to retrieve all mDoc credential templates for a project.
List OpenID4VC Issuance SessionsTool to retrieve all OpenID4VC issuance sessions for a project.
List OpenID4VC Verification SessionsTool to retrieve all OpenID4VC verification sessions for a project.
List SD-JWT VC Credential TemplatesTool to retrieve all SD-JWT VC credential templates for a project.
Receive DIDComm InvitationTool to receive and process an external DIDComm invitation.
Revoke CertificateTool to revoke a certificate in a project.
Send DIDComm Basic MessageTool to send a basic DIDComm message to a connection.
Send Custom DIDComm MessageTool to send a custom DIDComm message to a connection.
Unarchive AnonCreds Credential TemplateTool to unarchive an archived AnonCreds credential template.
Unarchive mDoc Credential TemplateTool to unarchive an archived mDoc credential template.
Unarchive SD-JWT VC Credential TemplateTool to unarchive an archived SD-JWT VC credential template.
Update DIDComm ConnectionTool to update a DIDComm connection.
Update mDoc Credential TemplateTool to update an existing mDoc credential template.
Update Presentation TemplateTool to update an existing presentation template.
Update ProjectTool to update an existing project's name and verification data access settings.
Update Project ProfileTool to update the default profile for a project.
Update SD-JWT VC Credential TemplateTool to update an existing SD-JWT VC credential template.
Update Trusted EntityTool to update an existing trusted entity in a project.

What is the Composio tool router, and how does it fit here?

What is Composio SDK?

Composio's Composio SDK helps agents find the right tools for a task at runtime. You can plug in multiple toolkits (like Gmail, HubSpot, and GitHub), and the agent will identify the relevant app and action to complete multi-step workflows. This can reduce token usage and improve the reliability of tool calls. Read more here: Getting started with Composio SDK

The tool router generates a secure MCP URL that your agents can access to perform actions.

How the Composio SDK works

The Composio SDK follows a three-phase workflow:

  1. Discovery: Searches for tools matching your task and returns relevant toolkits with their details.
  2. Authentication: Checks for active connections. If missing, creates an auth config and returns a connection URL via Auth Link.
  3. Execution: Executes the action using the authenticated connection.

Step-by-step Guide

Prerequisites

Before starting, make sure you have:
  • Node.js 18 or higher
  • A Composio account with an active API key
  • An OpenAI API key
  • Basic familiarity with TypeScript

Getting API Keys for OpenAI and Composio

OpenAI API Key
  • Go to the OpenAI dashboard and create an API key.
  • You need credits or a connected billing setup to use the models.
  • Store the key somewhere safe.
Composio API Key
  • Log in to the Composio dashboard.
  • Go to Settings and copy your API key.
  • This key lets your Mastra agent talk to Composio and reach Paradym through MCP.

Install dependencies

bash
npm install @composio/core @mastra/core @mastra/mcp @ai-sdk/openai dotenv

Install the required packages.

What's happening:

  • @composio/core is the Composio SDK for creating MCP sessions
  • @mastra/core provides the Agent class
  • @mastra/mcp is Mastra's MCP client
  • @ai-sdk/openai is the model wrapper for OpenAI
  • dotenv loads environment variables from .env

Set up environment variables

bash
COMPOSIO_API_KEY=your_composio_api_key_here
COMPOSIO_USER_ID=your_user_id_here
OPENAI_API_KEY=your_openai_api_key_here

Create a .env file in your project root.

What's happening:

  • COMPOSIO_API_KEY authenticates your requests to Composio
  • COMPOSIO_USER_ID tells Composio which user this session belongs to
  • OPENAI_API_KEY lets the Mastra agent call OpenAI models

Import libraries and validate environment

typescript
import "dotenv/config";
import { openai } from "@ai-sdk/openai";
import { Agent } from "@mastra/core/agent";
import { MCPClient } from "@mastra/mcp";
import { Composio } from "@composio/core";
import * as readline from "readline";

import type { AiMessageType } from "@mastra/core/agent";

const openaiAPIKey = process.env.OPENAI_API_KEY;
const composioAPIKey = process.env.COMPOSIO_API_KEY;
const composioUserID = process.env.COMPOSIO_USER_ID;

if (!openaiAPIKey) throw new Error("OPENAI_API_KEY is not set");
if (!composioAPIKey) throw new Error("COMPOSIO_API_KEY is not set");
if (!composioUserID) throw new Error("COMPOSIO_USER_ID is not set");

const composio = new Composio({
  apiKey: composioAPIKey as string,
});
What's happening:
  • dotenv/config auto loads your .env so process.env.* is available
  • openai gives you a Mastra compatible model wrapper
  • Agent is the Mastra agent that will call tools and produce answers
  • MCPClient connects Mastra to your Composio MCP server
  • Composio is used to create a Tool Router session

Create a Tool Router session for Paradym

typescript
async function main() {
  const session = await composio.create(
    composioUserID as string,
    {
      toolkits: ["paradym"],
    },
  );

  const composioMCPUrl = session.mcp.url;
  console.log("Paradym MCP URL:", composioMCPUrl);
What's happening:
  • create spins up a short-lived MCP HTTP endpoint for this user
  • The toolkits array contains "paradym" for Paradym access
  • session.mcp.url is the MCP URL that Mastra's MCPClient will connect to

Configure Mastra MCP client and fetch tools

typescript
const mcpClient = new MCPClient({
    id: composioUserID as string,
    servers: {
      nasdaq: {
        url: new URL(composioMCPUrl),
        requestInit: {
          headers: session.mcp.headers,
        },
      },
    },
    timeout: 30_000,
  });

console.log("Fetching MCP tools from Composio...");
const composioTools = await mcpClient.getTools();
console.log("Number of tools:", Object.keys(composioTools).length);
What's happening:
  • MCPClient takes an id for this client and a list of MCP servers
  • The headers property includes the x-api-key for authentication
  • getTools fetches the tool definitions exposed by the Paradym toolkit

Create the Mastra agent

typescript
const agent = new Agent({
    name: "paradym-mastra-agent",
    instructions: "You are an AI agent with Paradym tools via Composio.",
    model: "openai/gpt-5",
  });
What's happening:
  • Agent is the core Mastra agent
  • name is just an identifier for logging and debugging
  • instructions guide the agent to use tools instead of only answering in natural language
  • model uses openai("gpt-5") to configure the underlying LLM

Set up interactive chat interface

typescript
let messages: AiMessageType[] = [];

console.log("Chat started! Type 'exit' or 'quit' to end.\n");

const rl = readline.createInterface({
  input: process.stdin,
  output: process.stdout,
  prompt: "> ",
});

rl.prompt();

rl.on("line", async (userInput: string) => {
  const trimmedInput = userInput.trim();

  if (["exit", "quit", "bye"].includes(trimmedInput.toLowerCase())) {
    console.log("\nGoodbye!");
    rl.close();
    process.exit(0);
  }

  if (!trimmedInput) {
    rl.prompt();
    return;
  }

  messages.push({
    id: crypto.randomUUID(),
    role: "user",
    content: trimmedInput,
  });

  console.log("\nAgent is thinking...\n");

  try {
    const response = await agent.generate(messages, {
      toolsets: {
        paradym: composioTools,
      },
      maxSteps: 8,
    });

    const { text } = response;

    if (text && text.trim().length > 0) {
      console.log(`Agent: ${text}\n`);
        messages.push({
          id: crypto.randomUUID(),
          role: "assistant",
          content: text,
        });
      }
    } catch (error) {
      console.error("\nError:", error);
    }

    rl.prompt();
  });

  rl.on("close", async () => {
    console.log("\nSession ended.");
    await mcpClient.disconnect();
    process.exit(0);
  });
}

main().catch((err) => {
  console.error("Fatal error:", err);
  process.exit(1);
});
What's happening:
  • messages keeps the full conversation history in Mastra's expected format
  • agent.generate runs the agent with conversation history and Paradym toolsets
  • maxSteps limits how many tool calls the agent can take in a single run
  • onStepFinish is a hook that prints intermediate steps for debugging

Complete Code

Here's the complete code to get you started with Paradym and Mastra AI:

typescript
import "dotenv/config";
import { openai } from "@ai-sdk/openai";
import { Agent } from "@mastra/core/agent";
import { MCPClient } from "@mastra/mcp";
import { Composio } from "@composio/core";
import * as readline from "readline";

import type { AiMessageType } from "@mastra/core/agent";

const openaiAPIKey = process.env.OPENAI_API_KEY;
const composioAPIKey = process.env.COMPOSIO_API_KEY;
const composioUserID = process.env.COMPOSIO_USER_ID;

if (!openaiAPIKey) throw new Error("OPENAI_API_KEY is not set");
if (!composioAPIKey) throw new Error("COMPOSIO_API_KEY is not set");
if (!composioUserID) throw new Error("COMPOSIO_USER_ID is not set");

const composio = new Composio({ apiKey: composioAPIKey as string });

async function main() {
  const session = await composio.create(composioUserID as string, {
    toolkits: ["paradym"],
  });

  const composioMCPUrl = session.mcp.url;

  const mcpClient = new MCPClient({
    id: composioUserID as string,
    servers: {
      paradym: {
        url: new URL(composioMCPUrl),
        requestInit: {
          headers: session.mcp.headers,
        },
      },
    },
    timeout: 30_000,
  });

  const composioTools = await mcpClient.getTools();

  const agent = new Agent({
    name: "paradym-mastra-agent",
    instructions: "You are an AI agent with Paradym tools via Composio.",
    model: "openai/gpt-5",
  });

  let messages: AiMessageType[] = [];

  const rl = readline.createInterface({
    input: process.stdin,
    output: process.stdout,
    prompt: "> ",
  });

  rl.prompt();

  rl.on("line", async (input: string) => {
    const trimmed = input.trim();
    if (["exit", "quit"].includes(trimmed.toLowerCase())) {
      rl.close();
      return;
    }

    messages.push({ id: crypto.randomUUID(), role: "user", content: trimmed });

    const { text } = await agent.generate(messages, {
      toolsets: { paradym: composioTools },
      maxSteps: 8,
    });

    if (text) {
      console.log(`Agent: ${text}\n`);
      messages.push({ id: crypto.randomUUID(), role: "assistant", content: text });
    }

    rl.prompt();
  });

  rl.on("close", async () => {
    await mcpClient.disconnect();
    process.exit(0);
  });
}

main();

Conclusion

You've built a Mastra AI agent that can interact with Paradym through Composio's Tool Router. You can extend this further by:
  • Adding other toolkits like Gmail, Slack, or GitHub
  • Building a web-based chat interface around this agent
  • Using multiple MCP endpoints to enable cross-app workflows

How to build Paradym MCP Agent with another framework

OpenAI Agents SDK logo

OpenAI Agents SDK

Use Paradym MCP with OpenAI Agents SDK

Claude Agent SDK logo

Claude Agent SDK

Use Paradym MCP with Claude Agent SDK

Claude Code logo

Claude Code

Use Paradym MCP with Claude Code

Claude Cowork logo

Claude Cowork

Use Paradym MCP with Claude Cowork

Codex logo

Codex

Use Paradym MCP with Codex

OpenClaw logo

OpenClaw

Use Paradym MCP with OpenClaw

Hermes logo

Hermes

Use Paradym MCP with Hermes

CLI logo

CLI

Use Paradym MCP with CLI

Google ADK logo

Google ADK

Use Paradym MCP with Google ADK

LangChain logo

LangChain

Use Paradym MCP with LangChain

Vercel AI SDK logo

Vercel AI SDK

Use Paradym MCP with Vercel AI SDK

LlamaIndex logo

LlamaIndex

Use Paradym MCP with LlamaIndex

CrewAI logo

CrewAI

Use Paradym MCP with CrewAI

FAQ

What are the differences in Tool Router MCP and Paradym MCP?

With a standalone Paradym MCP server, the agents and LLMs can only access a fixed set of Paradym tools tied to that server. However, with the Composio Tool Router, agents can dynamically load tools from Paradym and many other apps based on the task at hand, all through a single MCP endpoint.

Can I use Tool Router MCP with Mastra AI?

Yes, you can. Mastra AI fully supports MCP integration. You get structured tool calling, message history handling, and model orchestration while Tool Router takes care of discovering and serving the right Paradym tools.

Can I manage the permissions and scopes for Paradym while using Tool Router?

Yes, absolutely. You can configure which Paradym scopes and actions are allowed when connecting your account to Composio. You can also bring your own OAuth credentials or API configuration so you keep full control over what the agent can do.

How safe is my data with Composio Tool Router?

All sensitive data such as tokens, keys, and configuration is fully encrypted at rest and in transit. Composio is SOC 2 Type 2 compliant and follows strict security practices so your Paradym data and credentials are handled as safely as possible.

Used by agents from

Context
Letta
glean
HubSpot
Agent.ai
Altera
DataStax
Entelligence
Rolai
Context
Letta
glean
HubSpot
Agent.ai
Altera
DataStax
Entelligence
Rolai
Context
Letta
glean
HubSpot
Agent.ai
Altera
DataStax
Entelligence
Rolai

Never worry about agent reliability

We handle tool reliability, observability, and security so you never have to second-guess an agent action.

Get started for freeGet a demo