Registration Sessions

Run registration sessions with browser continuity.

Create one session per service, let KeyID route email or SMS artifacts into it, keep the browser state in the vault, and finish with an explicit completed or blocked outcome.

Use With Claude Use With Cursor Low-Level Verification
Session lifecycle Browser continuity SMS lease routing Artifact correlation

Install options

Use the hosted endpoint first. Keep the local stdio package for developer-controlled identity and offline-style workflows.

Remote OAuth

Hosted remote endpoint

https://keyid.ai/mcp

Local BYO keypair

Local stdio fallback

{
  "mcpServers": {
    "keyid": {
      "command": "npx",
      "args": ["-y", "@keyid/agent-kit"]
    }
  }
}

Identity behavior

A signup session is the unit of work for one external registration attempt. It records the service, expected channels, expected senders, normalized artifacts, browser-state key, and final outcome.

Artifacts are attached automatically when inbound email, SMS, or imported TOTP data clearly match the session. If multiple sessions could match, KeyID marks the session ambiguous instead of guessing.

Browser execution stays client-side. Claude, Cursor, or Playwright loads browser state from KeyID before opening the site, saves it back after progress, and then marks the session completed or blocked.

Copy-paste prompts

These prompts are written for chat-first workflows where the model should stay inside the KeyID MCP surface as long as possible.

  • Start a signup session for Supabase with expected sender noreply@supabase.com and artifact type magic_link.
  • Wait for the session artifact, tell me the best link or code, and do not complete the session yet.
  • Load the saved browser state, continue the signup in the browser, and save the updated state after the workspace is created.
  • If Supabase blocks the flow or the message never arrives, mark the session blocked with a precise reason.
  • Once the account is live, complete the session and save the final registration plus any recovery material.

Expected tool sequence

  1. `provision_identity` — Create or reveal the email identity for this MCP session.
  2. `start_registration_session` — Start a signup session that correlates email, SMS, or TOTP artifacts for one service.
  3. `wait_for_registration_artifact` — Poll a signup session until an artifact arrives or the session expires, blocks, or times out.
  4. `get_registration_artifacts` — Fetch the normalized artifacts attached to a signup session in priority order.
  5. `load_browser_state` — Load the saved browser state for a signup session.
  6. `save_browser_state` — Store cookies and browser session state for a signup session in the KeyID vault.
  7. `complete_registration_session` — Mark a signup session complete after the browser flow succeeds.
  8. `save_registration` — Create or update a registration record for an external service.
  9. `put_secret` — Create or update a vault entry.

Failure and recovery notes

  • If two active sessions could match the same inbound code, KeyID marks them ambiguous. Read the session details before submitting anything in the browser.
  • If the site requires SMS but the shared phone is noisy, create the session with useSmsLease enabled before requesting the number in the form.
  • If browser state keeps resetting, confirm the caller is saving state back after the page changes and loading the same session before each resume.