Developers
MCP Server, REST API, and everything you need to build on OnlyData Club.
MCP Server
Manage professional identities from Claude Code, Claude Desktop, Cursor, or any MCP-compatible AI agent.
# Local (Claude Code, Cursor, Desktop) npx @onlydata/mcp-server # Remote (Claude.ai, Streamable HTTP) https://mcp.onlydata.club/mcp
No API key needed. Read tools work immediately. Write tools use OAuth 2.1 (automatic in Claude.ai).
Claude Code config
{
"mcpServers": {
"onlydata": {
"command": "npx",
"args": ["@onlydata/mcp-server"]
}
}
}
MCP Tools
| Tool | Access | Description |
|---|---|---|
| Profiles | ||
get_profile | Public | Get a profile by slug |
list_profiles | Public | List all public profiles, optionally filter by type |
search_profiles | Public | Server-side profile filter (query, profile_source, claimed_only, has_contact, company_slug) — returns linkedin_url + website + verified_email |
create_profile | Auth | Create a person or company profile |
update_profile | Auth | Update profile fields |
| Signals & Verification | ||
set_signals | Auth | Set open-to signals (recruiting, advisory, etc.) |
set_coop_sharing | Auth | Enable/disable cooperative sharing |
get_verification | Public | Full attribute provenance for any profile |
verify_domain | Auth | Verify company domain ownership (DNS, file, or meta tag) |
| Messaging | ||
send_message | Auth | Message another member |
get_inbox | Auth | Read your messages |
get_sent_messages | Auth | View sent messages |
| Businesses | ||
search_businesses | Public | Search 21,300+ businesses with rich filters |
get_business | Public | Full firmographic profile by ID or name |
get_similar_businesses | Public | Find similar businesses by attributes |
get_company_locations | Public | All locations for a multi-location brand |
match_company | Public | Match company by name, domain, phone, or email |
| Curated Datasets | ||
list_datasets | Public | List all curated datasets |
browse_dataset | Public | Browse companies in a dataset by slug |
list_public_datasets | Public | List all public custom datasets (company, person, other) |
browse_public_dataset | Public | Browse a public custom dataset by slug — supports person datasets (e.g. ai-builders) |
get_dataset_history | Public | Living-dataset changelog for a public dataset (slug or UUID) |
get_dataset_snapshots | Public | Daily metric timeline — row_count, attribute_fills, role/company/location breakdowns |
get_dataset_fields | Public | Field dictionary — type, description, enum values, coverage target per column |
attribute_detail | Public | Deep dive on a specific business attribute |
| Upload & Custom Datasets | ||
upload_data | Auth | Upload CSV/JSON for entity resolution and enrichment |
list_uploads | Auth | List upload history |
query_upload | Public | Query rows from a specific upload |
create_custom_dataset | Auth | Upload arbitrary CSV as a private dataset |
list_custom_datasets | Public | List custom datasets |
query_custom_dataset | Public | Query a custom dataset with keyword search + per-column filters |
| Semantic Search & Discovery | ||
semantic_search | Public | Vector search by meaning across all businesses |
semantic_search_dataset | Auth | Natural-language similarity search within a custom dataset (pgvector) |
| Jobs & Candidate Match | ||
post_job_opening | Auth | Create a job opening; auto-embeds against AI Minds for matching |
list_job_openings | Auth | List your job openings |
match_candidates_for_job | Auth | Rank AI Minds candidates for a job — semantic + transition/signals/contact boosts |
match_jobs_for_person | Public | Reverse match — jobs that fit a given profile slug |
ai_minds_at_company | Public | Talent graph at a company — AI Minds people linked, transition distribution, AR score |
subscribe_ai_minds_webhook | Auth | Push updates when rows transition / get claimed / get matched. HMAC-signed. |
list_ai_minds_webhooks | Auth | Your webhook subscriptions + health |
suggest_ai_minds_person | Auth | Contribute a candidate to the dataset — admin review queue |
record_job_feedback | Auth | Log a recruiter action on a candidate (shortlisted/contacted/hired/...) |
find_similar | Public | Find semantically similar businesses |
create_segment | Public | Create micro-segment from natural language description |
scan_agent_readiness | Public | Scan a website and auto-publish agent readiness report |
score_person_readiness | Public | Score a person's AI readiness — person_ar_v2, source-aware: 4 external dims (max 80) + OnlyData engagement (max 20). Elite external evidence alone can reach AI-FORWARD. |
prospect_dashboard | Auth | Interactive prospect intelligence dashboard with ICP-scored companies and action cards |
company_brief | Public | One-pager company intelligence brief with AR score, industry, team, and enrichment data |
render_strategy_page | Public | Render a private, password-gated strategy page (e.g. sturdy-v2) inline in Claude as a visual artifact |
onlydata_overview | Public | Platform overview and usage guide |
| Data Requests | ||
request_data | Auth | Submit a natural language data request |
list_data_requests | Public | List your data requests |
get_data_request | Public | Get details for a specific data request |
| Artifacts | ||
create_artifact | Auth | Create HTML/SVG/Markdown/React artifact on a profile |
import_claude_artifact | Auth | Import an artifact from another Claude conversation |
list_artifacts | Public | List artifacts on a profile |
get_artifact | Public | Get a single artifact with source |
update_artifact | Auth | Update artifact fields or content |
publish_artifact | Auth | Publish a draft artifact |
delete_artifact | Auth | Delete an artifact permanently |
list_artifact_shares | Public | List who an artifact is shared with |
share_artifact_with_workspace | Auth | Grant a Rally workspace read access |
share_artifact_with_email | Auth | Grant an email address read access |
unshare_artifact_workspace | Auth | Revoke workspace share |
unshare_artifact_email | Auth | Revoke email share |
| Workspace & Team | ||
list_my_workspaces | Auth | List Rally workspaces you belong to |
list_pending_extractions | Public | List pending team member extractions |
publish_team_extraction | Auth | Publish extracted team members as profiles |
| User Lists | ||
list_user_lists | Auth | List your saved company/contact lists |
get_user_list | Public | Get a list by slug with hydrated members |
create_user_list | Auth | Create a new named list |
add_to_user_list | Auth | Add a company by domain or ID |
remove_from_user_list | Auth | Remove a member from a list |
update_user_list | Auth | Update list name, description, or visibility |
build_user_list | Auth | Research & populate a list from our company database |
get_list_build_status | Public | Check build/enrichment progress of a list |
| Career | ||
create_tailored_resume | Auth | Generate a tailored resume for a specific job |
| Changelog | ||
get_changelog | Public | Recent changes across OnlyData, Rally, and PH |
| Dataset History (Living Datasets) | ||
get_dataset_history | Public | Changelog entries for a public dataset — methodology, backfills, attribute changes (slug or UUID) |
get_dataset_snapshots | Public | Daily metric timeline — row_count, attribute_fills, role/company/location breakdowns, since + limit params |
get_dataset_fields | Public | Field dictionary — per-column type, examples, enums, quality rules, coverage targets |
No tools match your search.
Access levels
No account needed
Search and read all public profiles, verification data, and metadata. Anyone — human or agent — can query OnlyData without authentication.
- Browse and search all public profiles
- Read full profile data (name, headline, about, roles, skills, projects)
- Get verification and provenance JSON for any profile
- Access OpenAPI spec, llms.txt, MCP manifest, sitemap
With account (OAuth 2.1)
Create a free account at /join. Write operations authenticate via OAuth 2.1 with Dynamic Client Registration — no API key setup needed. With an account you can:
- Create and update your own profile
- Set availability signals (open to recruiting, advisory, partnerships)
- Send and receive messages from other members
- Enable cooperative sharing (opt your profile into partner networks)
- Configure what's shareable (email, phone, signals are all user-controlled)
Rate limits
Each caller has a cost budget per 60-second rolling window. Individual MCP tools (and the equivalent HTTP endpoints) consume cost_units according to how expensive they are to run.
| Tier | Budget per 60s | Keyed by |
|---|---|---|
| Authenticated | 500 cost_units | Supabase user id (JWT sub) |
| Anonymous | 50 cost_units | hashed source IP |
Per-call costs (rough):
1— cheap indexed reads:get_profile,get_business,get_dataset_history/snapshots/fields,get_changelog3— shallow searches:list_profiles,search_profiles, unlisted tools default5— dataset-scan queries:search_businesses,match_company,get_similar_businesses10— vector / embedding:semantic_search20— multi-call fan-out:company_brief,prospect_dashboard,score_person_readiness,create_tailored_resume30— rendered pages:render_strategy_page50— browser scans (real $):scan_agent_readiness
Full cost table lives in mcp-server/lib/rate-limit.js — source of truth.
When you exceed budget the MCP tool returns isError: true with payload:
{
"error": "rate_limit_exceeded",
"message": "Budget exceeded for 'scan_agent_readiness'. Retry in 27s.",
"retry_after_seconds": 27,
"tier": "authenticated",
"window_ends_at": "2026-04-21T20:15:00.000Z"
}HTTP endpoints return 429 with the same JSON body plus headers Retry-After: <seconds>, X-RateLimit-Tool, X-RateLimit-Tier, X-RateLimit-Remaining.
A well-behaved agent should read retry_after_seconds, back off, and retry — not tight-loop the same tool call.
REST API
Full OpenAPI 3.0 spec at /openapi.json. Key endpoints:
| Method | Endpoint | Access |
|---|---|---|
| GET | /api/profiles | Public |
| GET | /api/profile/:slug | Public |
| GET | /api/profile/:slug/verification | Public |
| GET | /api/coop/profiles | Public |
| POST | /api/claim | Auth |
| PATCH | /api/profile/:slug | Auth |
| POST | /api/profile/:slug/signals | Auth |
| POST | /api/messages/send | Auth |
| GET | /api/messages/inbox | Auth |
| GET | /api/verify-domain/instructions/:slug | Public |
| POST | /api/verify-domain/:slug | Auth |
| GET | /api/agent-readiness | Public |
| GET | /api/agent-readiness/:slug | Public |
# List all profiles curl https://onlydata.club/api/profiles # Get a profile by slug curl https://onlydata.club/api/profile/jane-doe # Authenticated request curl -H "x-api-key: od_your_key" \ https://onlydata.club/api/me
// List all profiles const res = await fetch('https://onlydata.club/api/profiles'); const { profiles } = await res.json(); // Authenticated request const res = await fetch('https://onlydata.club/api/me', { headers: { 'x-api-key': 'od_your_key' } });
import requests # List all profiles res = requests.get('https://onlydata.club/api/profiles') profiles = res.json()['profiles'] # Authenticated request res = requests.get( 'https://onlydata.club/api/me', headers={'x-api-key': 'od_your_key'} )
Authentication
Three methods: OAuth 2.1 (recommended for MCP connections — automatic in Claude.ai), API key (for scripts and direct API calls), or Supabase JWT (browser sessions). MCP connections use OAuth automatically — no setup needed.
# API key (recommended) curl -H "x-api-key: od_your_key" \ https://onlydata.club/api/me # Supabase JWT (browser sessions) curl -H "Authorization: Bearer eyJ..." \ https://onlydata.club/api/me
// API key const res = await fetch('https://onlydata.club/api/me', { headers: { 'x-api-key': 'od_your_key' } }); // Supabase JWT const res = await fetch('https://onlydata.club/api/me', { headers: { 'Authorization': `Bearer ${token}` } });
import requests # API key res = requests.get( 'https://onlydata.club/api/me', headers={'x-api-key': 'od_your_key'} ) # Supabase JWT res = requests.get( 'https://onlydata.club/api/me', headers={'Authorization': f'Bearer {token}'} )
Webhooks
Push and pull data with webhooks. Receive data to trigger enrichment, or subscribe to events when data changes.
Incoming: Ingest Companies
Send companies to OnlyData for entity resolution and enrichment. Each company is matched against existing entities or created as new. The full enrichment pipeline runs automatically.
curl -X POST https://onlydata.club/api/webhooks/ingest \
-H "Content-Type: application/json" \
-H "X-Api-Key: YOUR_API_KEY" \
-d '{
"companies": [
{"name": "Acme Corp", "domain": "acme.com", "city": "Boise", "state": "ID"},
{"name": "TechStart", "domain": "techstart.io"}
]
}'Response includes entity IDs and which enrichment models were queued:
{
"ok": true,
"created": 1,
"existing": 1,
"results": [
{"action": "exists", "id": 1234, "name": "Acme Corp", "domain": "acme.com"},
{"action": "created", "id": 5678, "name": "TechStart", "domain": "techstart.io",
"models_queued": ["verify_v1","industry_v2","description_v1","agent_readiness_v2","mx_profile_v2","ai_native_v1","agent_role_v1"]}
]
}Outgoing: Subscribe to Events
Register a URL to receive signed POST requests when data changes. Each delivery includes an HMAC-SHA256 signature in the X-Webhook-Signature header.
| Event | When |
|---|---|
business.created | New entity created (via upload, scan, webhook ingest, or MCP) |
business.enriched | Enrichment model completes (includes model name + fields updated) |
business.classified | AI classification completes (ai_native, agent_role) |
business.cascade | Cascade triggered — downstream models re-queued due to field change |
business.scanned | Agent readiness scan completes |
curl -X POST https://onlydata.club/api/webhooks \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{"url": "https://your-app.com/hooks/onlydata", "events": ["business.enriched", "business.classified"]}'The response includes a secret_shown_once — save it for signature verification. Webhooks auto-disable after 10 consecutive delivery failures.
Signature Verification
const crypto = require('crypto')
const sig = req.headers['x-webhook-signature']
const expected = crypto.createHmac('sha256', YOUR_SECRET).update(JSON.stringify(req.body)).digest('hex')
if (sig !== expected) return res.status(401).send('Bad signature')Cascade Rules
When upstream fields change, dependent models automatically re-queue. This implements the enrichment pipeline cascade logic:
| Field Changed | Re-queues |
|---|---|
description | b2b_v2, ai_native_v1 |
super_category | b2b_v2, employee_v1 |
name | industry_v2, description_v1 |
domain | agent_readiness_v2, mx_profile_v2 |
ai_native | ai_stack_v1 (if non-none) |
Domain Verification
Prove ownership of a company domain to get a verified badge. Three methods available — pick whichever fits your setup. Verified companies also auto-elevate team members whose email domains match.
Step 1: Get instructions
curl https://onlydata.club/api/verify-domain/instructions/your-company
Step 2: Choose a method
| Method | What to do | Best for |
|---|---|---|
dns |
Add TXT record: onlydata-verify=your-slug |
Recommended — strongest proof, works for any domain |
file |
Host /.well-known/onlydata-verify.txt with your slug |
Easy if you control the web server |
meta |
Add <meta name="onlydata-verify" content="your-slug"> to homepage |
Quick — just a one-line HTML change |
Step 3: Trigger verification
# DNS verification curl -X POST https://onlydata.club/api/verify-domain/your-company \ -H "x-api-key: od_your_key" \ -H "Content-Type: application/json" \ -d '{"method": "dns"}' # File verification curl -X POST https://onlydata.club/api/verify-domain/your-company \ -H "x-api-key: od_your_key" \ -H "Content-Type: application/json" \ -d '{"method": "file"}' # Meta tag verification curl -X POST https://onlydata.club/api/verify-domain/your-company \ -H "x-api-key: od_your_key" \ -H "Content-Type: application/json" \ -d '{"method": "meta"}'
const res = await fetch('https://onlydata.club/api/verify-domain/your-company', { method: 'POST', headers: { 'x-api-key': 'od_your_key', 'Content-Type': 'application/json' }, body: JSON.stringify({ method: 'dns' }) });
import requests res = requests.post( 'https://onlydata.club/api/verify-domain/your-company', headers={'x-api-key': 'od_your_key'}, json={'method': 'dns'} )
On success
- Profile gets verified status with green badge
- Verification proof stored in
profile_data.domain_verification - Team members with matching email domains are auto-elevated to verified
Admin override
Admins can verify any profile directly — no DNS/file check needed:
curl -X POST https://onlydata.club/api/admin/verify/your-company \ -H "x-admin-key: YOUR_ADMIN_KEY" \ -H "Content-Type: application/json" \ -d '{"status": "verified", "domain": "yourcompany.com"}'
MCP tool
Agents can verify domains through the MCP server:
// Get instructions (omit method) { "tool": "verify_domain", "args": { "slug": "your-company" } } // Attempt DNS verification { "tool": "verify_domain", "args": { "slug": "your-company", "method": "dns" } }
Agent Readiness Scores
Every OnlyData profile with a website is scanned for agent-readiness signals. Scores range 0–100 using Algorithm E — “Spread” (v3, April 2026): web quality is capped at 30 points, llms.txt adds +15, openapi.json +15, ai-plugin.json +10, mcp.json +25, plus small bonuses for JSON-LD and for discovering agent endpoints on developer / docs / api subdomains. The scanner probes developer.<domain>, developers.<domain>, docs.<domain>, and api.<domain> in parallel so companies that expose their API behind a dev subdomain get credit. Soft-404 detection prevents false positives. There are two meaningful ceilings: ~50 for a well-behaved SaaS site that ships llms.txt but no API, and 100 for true agent-native infrastructure with MCP + OpenAPI + ai-plugin. Six underlying categories:
| Category | What it measures |
|---|---|
| Crawlability | robots.txt, sitemap.xml |
| Machine Readability | JSON-LD, schema.org, meta tags |
| API Readiness | OpenAPI spec, API docs links |
| Agentic Commerce | ai-plugin.json, MCP manifest, llms.txt |
| Content Access | RSS/Atom feeds, clean HTML |
| Agent Signals | Explicit MCP, LLM, and agent support |
# All scores (ranked) curl https://onlydata.club/api/agent-readiness # Single profile curl https://onlydata.club/api/agent-readiness/producthacker
// All scores { "tool": "get_agent_readiness" } // Single profile { "tool": "get_agent_readiness", "args": { "slug": "producthacker" } }
Scans run on a periodic schedule with soft-404 detection. Under Algorithm E (v3), a bare site with only robots.txt + sitemap scores ~15. A well-built SaaS with llms.txt + JSON-LD hits the well-behaved ceiling at ~50. Crossing 50 requires real API exposure — openapi.json, ai-plugin.json, or mcp.json at the root or on a dev subdomain. True agent-native infrastructure with all three reaches 90+.
Agent-readable files
| File | Purpose |
|---|---|
/llms.txt | LLM-readable site description |
/openapi.json | OpenAPI 3.0 specification |
/mcp.json | MCP tool manifest |
/.well-known/ai-plugin.json | AI plugin manifest |
/sitemap.xml | Dynamic sitemap |
/robots.txt | Crawler rules (AI bots welcome) |
# Fetch LLM description curl https://onlydata.club/llms.txt # Fetch OpenAPI spec curl https://onlydata.club/openapi.json # Fetch MCP manifest curl https://onlydata.club/mcp.json
Semantic Vector Search
Search by meaning, not keywords. All 24,000+ businesses are embedded with all-MiniLM-L6-v2 (384 dims). pgvector powers cosine similarity search in Supabase.
GET /api/semantic-search?q=... | Natural language business search |
limit | Max results (default 20) |
min_similarity | Threshold 0-1 (default 0.5) |
dataset | Filter to metro: boise, charlotte, raleigh-durham |
segment=1 | Returns segment stats with results |
Find Similar Businesses
Given a business, find others that are semantically similar — considers description, industry, type, and location context.
GET /api/similar-search?name=... | By business name |
GET /api/similar-search?id=... | By business ID |
Micro-Segments
Create segments from natural language descriptions. Returns matching businesses + stats: count, industry breakdown, avg agent readiness.
MCP tool: create_segment
Example: "upscale dining establishments with strong web presence"
Vibe Prompts
Copy-paste these into Claude (Code or Desktop) with the OnlyData MCP connected. Each one works immediately.
Search & Discovery
Profiles
Data Upload
Agent Readiness
Analysis
Our Models
Every attribute is produced by a named, versioned enrichment model. View full model documentation with live stats →
agent_readiness_v2 | Website agent readiness scan (0-100) | Railway |
industry_v2 | Multi-pass NAICS/SIC classification | Stu |
mx_profile_v2 | Email infrastructure profiling | Railway |
description_v1 | Business description generation | Stu |
size_v1 | Business size (solo/smb/enterprise) | Stu |
verify_v1 | Business verification | Railway |
semantic_search | Vector embeddings (384 dims) | Both |
Ask Cam & Jody
Have a question about the data, our models, or how to use the platform? Ask the founders directly.