ChatGPT and CrossTrade MCP Authentication
This page is the canonical technical reference for connecting a ChatGPT-compatible client to CrossTrade MCP. For a screenshot walkthrough, use the ChatGPT setup tutorial.
Supported connection models
CrossTrade MCP supports any client that implements the Model Context Protocol over Streamable HTTP with OAuth 2.1 and dynamic client registration. The ChatGPT side of that varies by plan and environment.
| Connection model | Description |
|---|---|
| ChatGPT app / custom connector | A ChatGPT plan that allows registering remote MCP connectors. Add the CrossTrade server URL in the connectors UI. |
| ChatGPT developer mode | Available in some plans for tool-use experiments. Add the MCP server URL via the developer settings. |
| OpenAI API remote MCP | Use the OpenAI SDK's remote MCP connector parameter to pass the CrossTrade URL. |
| API Playground | The OpenAI Playground may support remote MCP for tool-use experiments. |
Availability of remote MCP varies by plan and region. If your ChatGPT environment does not list a remote MCP option, the path is not yet enabled for you.
MCP server endpoint
https://app.crosstrade.io/v1/api/mcp
Transport: Streamable HTTP per the MCP spec.
OAuth discovery sequence
A compliant client follows this sequence:
- Client POSTs to
https://app.crosstrade.io/v1/api/mcpwithout a bearer token. - Server returns
401 Unauthorizedwith:WWW-Authenticate: Bearer resource_metadata="https://app.crosstrade.io/.well-known/oauth-protected-resource" - Client GETs the resource metadata URL (RFC 9728) and reads the
authorization_serverslist. - Client GETs
/.well-known/oauth-authorization-server(RFC 8414) on the listed authorization server. The response includes:issuerauthorization_endpointtoken_endpointregistration_endpointrevocation_endpointresponse_types_supported:["code"]grant_types_supported:["authorization_code", "refresh_token"]code_challenge_methods_supported:["S256"]token_endpoint_auth_methods_supported:["none"]scopes_supported:["mcp:read", "mcp:trade"]
- Client POSTs to
/v1/oauth/mcp/register(RFC 7591) with client metadata. Server returns aclient_id. - Client opens the user's browser to the authorization endpoint with PKCE parameters.
- User signs in to CrossTrade (if not already) and approves the requested scope.
- Browser redirects back to the client with an authorization code.
- Client exchanges the code at
/v1/oauth/mcp/token, presenting the PKCE verifier. - Server returns an access token. Client retries the original request with
Authorization: Bearer <token>.
Dynamic client registration behavior
CrossTrade implements RFC 7591. Most ChatGPT-compatible clients self-register on first connect. The user does not need to pre-register a developer app.
Registration is rate-limited per IP (10 registrations per hour). Re-registration is normal for clients that store the client_id locally.
Only public PKCE clients are supported (token_endpoint_auth_method: "none"). There are no client secrets to manage.
Consent screen
The consent screen displays:
- Client display name (set during registration)
- Requested scope
- CrossTrade account being authorized
- Allow / Deny
The user can only consent to one scope at a time per token. To upgrade from mcp:read to mcp:trade, revoke the existing token and reauthorize at the new scope.
Scope selection
| Scope | Allows |
|---|---|
mcp:read | Inspection-only tools: accounts, connections, positions, orders, executions, journal, webhook history, add-on activity, watermarks, market data, NinjaScript source files, prior backtest results |
mcp:trade | All read tools plus: order placement and management; flatten and reverse; NinjaScript compile and file write; new backtest jobs; strategy deployment and stop; alert emission; workspace and chart writes |
mcp:trade is a superset; granting it issues a token with both mcp:read and mcp:trade capability.
Token lifecycle and revocation
| Aspect | Behavior |
|---|---|
| Access token lifetime | Rolling window; refresh tokens are issued for clients that request them |
| Storage | Client-side keychain or secure store; CrossTrade does not see local storage details |
| Header | Authorization: Bearer <token> |
| Revocation | RFC 7009 at /v1/oauth/mcp/revoke, or via the AI Clients page |
| Scope upgrade | Not supported in place; revoke and reauthorize at the new scope |
Common errors
| HTTP | error | Cause | Resolution |
|---|---|---|---|
| 401 | invalid_token | Token expired, revoked, or never issued | Reauthorize |
| 403 | subscription_required / MCP requires an Elite subscription | Account below Elite | Upgrade |
| 403 | insufficient_scope | Tool needs mcp:trade; token has mcp:read | Reauthorize at mcp:trade |
| 408 | addon_disconnected / timeout | NT8 closed or add-on disconnected | Open NT8, verify the add-on |
| 400 | invalid_grant | PKCE mismatch or stale code | Restart the auth flow |
| 429 | too_many_registrations | Rate-limit on /v1/oauth/mcp/register | Reuse the existing client_id or retry later |
Security notes
- Tokens are bound to the registered client. Each device or browser context must complete its own OAuth flow.
- Never paste tokens into logs, issue trackers, or chat threads.
- If a token may have been exposed, revoke it immediately.
- For trade-enabled scope on a funded account, require explicit human confirmation on every order action regardless of what the token allows.
- For prompt-injection defenses, see MCP Workflows and Safety.
Links to Learn tutorials
- How to Connect ChatGPT to NinjaTrader 8
- How to Authenticate the CrossTrade MCP Server
- How to Use mcp:read vs mcp:trade
- How to Revoke AI Client Access
- How to Troubleshoot 401, 403, and 408 Errors