Verification

Use low-level verification tools when you need direct control.

KeyID still exposes wait, code extraction, and safe link-follow tools directly. Use them when you are debugging a flow or when a full signup session is unnecessary.

Registration sessions Use With Claude OTP + TOTP Page
Email verification SMS verification Server-side link follow Artifact debugging

Install options

Use the hosted endpoint first. Keep the local stdio package for developer-controlled identity and offline-style workflows.

Hosted OAuth

Remote-first setup

https://keyid.ai/mcp

Local stdio

Local fallback config

{
  "mcpServers": {
    "keyid": {
      "command": "npx",
      "args": ["-y", "@keyid/agent-kit"]
    }
  }
}

Identity behavior

This page covers the lower-level primitives underneath signup sessions. It is useful when you need to inspect a specific message, debug extraction, or follow a link manually.

wait_for_message keeps polling inside the tool, so the model does not need to implement its own timers or retries.

follow_verification_link performs server-side fetches with SSRF protections, which is safer than telling the model to open arbitrary URLs directly.

Copy-paste prompts

These prompts are written for chat-first workflows where the model should stay inside the KeyID MCP surface as long as possible.

  • Watch for the next Supabase verification email and stop as soon as you have a usable link.
  • If the message contains multiple links, prefer the strongest account-confirmation link rather than unsubscribe or support links.
  • If the site asks for a code instead of a link, return the newest code and the message it came from.
  • After verification completes, save the registration with status verified and store any recovery code as a secret.
  • If no message arrives after 90 seconds, tell me exactly what filter to tighten next.

Expected tool sequence

  1. `wait_for_message` — Poll until a matching inbound message arrives.
  2. `get_message` — Fetch the full details for a single message.
  3. `get_verification_codes` — Read OTP or verification codes from a message, or from the latest matching message.
  4. `follow_verification_link` — Follow a verification link directly or from an extracted message link list.
  5. `save_registration` — Create or update a registration record for an external service.
  6. `put_secret` — Create or update a vault entry.

Failure and recovery notes

  • If verification mail is noisy, set senderContains and subjectContains together so wait_for_message does not grab a newsletter.
  • If the provider sends only plain text with no extracted codes, read the full message body with get_message and inspect the structured content.
  • If a link follow returns an unexpected final URL, stop and confirm before continuing with any browser action.