An MCP server for IBKR
A single endpoint at https://ibkr-gateway.bogdanripa.com/mcp that any
MCP host can connect to. 13 tools covering accounts, quotes,
history, portfolio, cash, orders. Speaks JSON-RPC 2.0 over HTTP.
Bring AI tools to your
Interactive Brokers account
IBKR Gateway is a free, hosted bridge that exposes your Interactive Brokers account over the Model Context Protocol (MCP). Plug Claude, ChatGPT, Cursor, or any MCP-compatible AI host into IBKR with one consent screen. Read-only by default, read & write only when you grant it — per app, per connection.
TL;DR. Sign in with Google → add an IBKR connection
(paper or live) → point Claude at
https://ibkr-gateway.bogdanripa.com/mcp →
pick read or read&write on the consent screen → start asking Claude
about your portfolio.
What you get
Proper OAuth, not API keys
OAuth 2.1 + PKCE + Dynamic Client Registration. Hosts auto-discover
the authorization endpoints via
/.well-known/oauth-protected-resource. You sign in
with Google and explicitly consent to each app.
Scoped per app
Each authorization is bound to one IBKR connection and one scope.
Read-only hides place_order and
cancel_order from the tools list entirely.
Read & write unlocks them. Revoke any
app from the console at any time.
Paper and live accounts
Both are first-class. Develop against a paper account, then point the same MCP client at a live connection when you're ready. Live connections sign in unattended via the IBKR Authenticator App (TOTP).
API keys for programmatic access
Not every caller is an AI host. Every connection auto-generates
a per-connection API key on creation, and you can mint more
from the console. Any third-party app, script, scheduled job
or backend service can call /mcp with it as a
static Authorization: Bearer credential — no
OAuth dance required.
Credentials in Secret Manager
IBKR username, password, and Authenticator App secret live in Google Cloud Secret Manager — encrypted at rest, never exposed to other tenants, never logged.
How it works
- You sign in with Google and add an IBKR connection. Paper credentials work out of the box; live requires the Authenticator App activation code so the gateway can sign you in unattended.
-
In your AI host (Claude.ai → Settings → Connectors → Add custom,
Claude Desktop's
claude_desktop_config.json, Cursor's MCP settings, etc.), you point it athttps://ibkr-gateway.bogdanripa.com/mcp. - The host kicks off OAuth: it opens a consent screen on this site, you pick which IBKR connection to expose, you pick read-only vs read & write, and you approve.
-
The host now holds a scoped access token. It calls
get_portfolio,get_quote,place_order, etc. The gateway routes each call to IBKR's Client Portal under your existing session. - You can revoke the app at any time from the Connected apps panel in the console.
Tested hosts
Claude.ai
Settings → Connectors → Add custom →
https://ibkr-gateway.bogdanripa.com/mcp. Walks the OAuth flow in a popup.
Claude Desktop
Drop the URL into claude_desktop_config.json under
mcpServers. Same OAuth dance on first contact.
ChatGPT
Settings → Connectors → Create → paste
https://ibkr-gateway.bogdanripa.com/mcp. Available on plans that
expose custom connectors (Business, Enterprise, Edu, Pro).
Cursor
Cursor's MCP support uses the same OAuth profile — point it at the URL and follow the prompts.
Anything else MCP-compatible
If the host implements MCP's OAuth 2.1 + DCR profile, it auto-discovers the endpoints from our metadata documents.
The MCP tools
get_accounts— list every sub-account on the connection.get_current_account/set_current_account— read or pin the implicit sub-account (set is write-scope).get_portfolio— stocks, options, other positions, plus the cash ledger.get_cash— cash balances per currency.search_security— find a contract by ticker or company name; returns conid + exchange + secTypes.get_quote— snapshot last / bid / ask / day H/L / change for one contract.get_history— OHLCV bars over a period.get_change— first→last close % change over a period.get_orders/get_order_status— live order book.place_order— place an equity order (MKT / LMT / STP / STP_LIMIT). Write scope only.cancel_order— cancel a working order by id. Write scope only.
The full reference lives on the
MCP guide, including exactly which tools
disappear from tools/list in read-only mode.
Don't want to share your IBKR credentials with us? Run your own.
The hosted instance at https://ibkr-gateway.bogdanripa.com stores
your IBKR username + password (and Authenticator App secret, for
live) in Google Cloud Secret Manager under our project. If you'd
rather keep that custody to yourself, the gateway is fully
open-source and self-hostable — same code, same MCP surface, same
OAuth flow, just running on your own infrastructure.
- The repo is at github.com/bogdanripa/ibkr-gateway.
- README walks through a single-VM GCP deployment end-to-end: Firestore, Secret Manager, the systemd unit, Caddy + TLS, Firebase Auth, the GitHub Actions deploy workflow.
- Stack: Node 22 + Express + Firestore + GCP Secret Manager + Playwright (for IBKR's headless login). No proprietary dependencies, no licence wall.
-
The cost on the reference deployment is roughly a single
e2-smallVM ($15-ish/month) plus a free-tier Firestore database.
Either way, IBKR sees the same Client Portal traffic — the only difference is who holds the keys to the secret store.
Security model
- You own the connection. Credentials are stored in Google Cloud Secret Manager, encrypted at rest, scoped to your account record only.
-
Tokens are scoped at consent time. An app
granted read-only literally cannot invoke
place_order— it returns JSON-RPC error-32004and the tool isn't even listed. -
Tokens expire. 30-day access tokens by default;
stored as
sha256hashes (not the raw token) on our side. Revoke instantly from the console. - Every call is auditable. Failed tool calls and auth-middleware errors get persisted with the source (OAuth or API key), scope, connection, and IP, with a 14-day Firestore TTL.
FAQ
Is this free?
Yes. The gateway is an open-source side project running on a single GCP VM. There's no usage-based billing or feature gating.
Do I need to install anything?
No. The gateway is hosted at
https://ibkr-gateway.bogdanripa.com. Sign in, add a connection,
point your MCP host at /mcp. That's it.
Can Claude or ChatGPT actually trade my account?
Only if you grant the read & write scope on
the consent screen. With read-only, place_order and
cancel_order aren't visible to the host and would
be rejected server-side anyway. The toggle is per app.
How does IBKR see this — am I breaking ToS?
The gateway uses IBKR's official Client Portal Web API (the same surface their Java CPG jar exposes). It signs in using your normal IBKR credentials. There's no scraping, no unofficial endpoint.
Can I host my own instance?
Yes — fork the repo on GitHub and follow the README. It documents a single-VM GCP deployment (Firestore, Secret Manager, systemd, Caddy + TLS, Firebase Auth, GitHub Actions). If you'd rather not share your IBKR credentials with the hosted instance, self-hosting is the answer.
What about non-MCP / programmatic clients?
Use the per-connection API key. It's auto-generated when you
create a connection and works as a static
Authorization: Bearer credential against
/mcp — usable from any third-party app, server,
script, notebook, or cron job. Same tool surface as the OAuth
path, no consent screen, no token refresh.
Ready to wire Claude or ChatGPT into your IBKR account?
Sign in with Google, add a paper or live IBKR connection, then
point Claude, ChatGPT, Cursor, or your own MCP client at
https://ibkr-gateway.bogdanripa.com/mcp. The consent screen takes
about ten seconds.