API Status: Offline
Documentation

Claude Code & MCP

Rest Faker exposes a Model Context Protocol (MCP) endpoint so AI assistants like Claude Code can create and manage your mock APIs directly — without opening the dashboard.

Describe it, get it

Tell Claude Code what your API should look like and it will create the project, resources, and custom routes in one shot — no form filling, no clicks.

Batch from a contract

Use restfaker_generate_from_contract to create an entire mock backend — project, multiple resources, and custom routes — in a single call, with idempotency so retries are always safe.

Step 1 — Create an API token

Open Profile Settings → API Tokens and click New token. Give it a name (e.g. Claude Code) and select the scopes you need.

MCP Access
mcp:readmcp:write
Projects
projects:readprojects:write
Schemas
schemas:readschemas:write
Routes
routes:readroutes:write
Mock Users
mockusers:write
For full access select all nine scopes. For a read-only assistant select only mcp:read, projects:read, schemas:read, and routes:read. Add mockusers:write only if the assistant should seed mock login users.

The token starts with rf_live_ and is shown only once — copy it before closing the dialog.

Step 2 — Connect Claude Code

Run this once in your terminal, replacing <TOKEN> with the token you just copied:

bash
claude mcp add restfaker --transport http https://api.restfaker.dev/mcp \
  --header "Authorization: Bearer <TOKEN>"

Verify the connection with claude mcp list. Rest Faker should appear with status connected.

Available tools

restfaker_create_project
mcp:writeprojects:write

Create a new Rest Faker project.

restfaker_list_projects
mcp:readprojects:read

List all projects owned by the authenticated user.

restfaker_update_project
mcp:writeprojects:write

Rename a project and/or change its auth scheme (authConfig); pass null to reset auth to the default.

restfaker_delete_project
mcp:writeprojects:write

Permanently delete a project and everything in it.

restfaker_create_crud_resource
mcp:writeschemas:writeroutes:write

Add a CRUD mock resource (schema) to an existing project.

restfaker_update_crud_resource
mcp:writeschemas:writeroutes:write

Update an existing resource — add, change, or remove fields, edit config and relations (regenerates mock data).

restfaker_delete_resource
mcp:writeschemas:write

Delete a CRUD resource (schema) from a project by name.

restfaker_seed_records
mcp:writeschemas:write

Insert specific known records into a resource so tests can assert on stable ids and values.

restfaker_get_records
mcp:readschemas:read

Read a sample of a resource's current records.

restfaker_create_custom_route
mcp:writeroutes:write

Add a static route that returns a fixed JSON response.

restfaker_update_custom_route
mcp:writeroutes:write

Update a custom route by id — method, path, response, status, delay, headers, or protection.

restfaker_delete_custom_route
mcp:writeroutes:write

Delete a custom route by id.

restfaker_list_project_routes
mcp:readprojects:readroutes:read

List all CRUD and custom routes inside a project, including which ones are protected.

restfaker_create_mock_users
mcp:writemockusers:write

Seed mock auth users so clients and tests can sign in and call protected routes.

restfaker_delete_mock_user
mcp:writemockusers:write

Delete a seeded mock auth user from a project by id.

restfaker_generate_from_contract
mcp:writeprojects:writeschemas:writeroutes:writemockusers:write

Batch-create a full mock backend — project, resources, custom routes, mock auth, and users — from a single structured contract.

restfaker_import_openapi
mcp:writeprojects:writeschemas:write

Create a mock project from an OpenAPI/Swagger spec (Startup/Enterprise). Omit selectedRoutes to import all.

restfaker_create_from_template
mcp:writeprojects:writeschemas:write

Create a project from a prebuilt template (blog, ecommerce, chat, crm, social-network).

restfaker_get_request_logs
mcp:readprojects:read

Fetch recent request logs for a project to confirm the mock API is being called.

Example prompt

Once connected, describe your API in plain language:

“Create a Rest Faker project called ‘Blog API’ with two resources: posts (title, body, authorId, tags) and comments (postId, author, body). Add 20 records each. Also add a custom GET /health route that returns {"status": "ok"}.”

Claude will call restfaker_generate_from_contract automatically and return the base URL and project token ready to paste into your frontend config.

Contract format

When using restfaker_generate_from_contract directly, the contract follows this shape:

json
{
  "project": {
    "name": "Blog API",
    "description": "Mock blog backend"
  },
  "resources": [
    {
      "resourceName": "posts",
      "recordCount": 20,
      "fields": [
        { "name": "title",    "type": "lorem",    "subtype": "sentence"  },
        { "name": "body",     "type": "lorem",    "subtype": "paragraph" },
        { "name": "authorId", "type": "string",   "subtype": "uuid"      },
        { "name": "tags",     "type": "lorem",    "subtype": "words"     }
      ],
      "methods": ["GET", "POST", "PATCH", "DELETE"]
    },
    {
      "resourceName": "comments",
      "recordCount": 50,
      "fields": [
        { "name": "postId", "type": "string",   "subtype": "uuid"     },
        { "name": "author", "type": "person",   "subtype": "fullName" },
        { "name": "body",   "type": "lorem",    "subtype": "sentence" }
      ]
    }
  ],
  "customRoutes": [
    {
      "method": "GET",
      "path": "/health",
      "statusCode": 200,
      "response": { "status": "ok", "version": "1.0.0" }
    }
  ],
  "idempotencyKey": "blog-api-v1"
}
Idempotency key: include a unique string in idempotencyKey so that retrying the same call (after a timeout or partial failure) never creates duplicates.
Field types: each field's type is a Faker category (e.g. internet, person, number, string) with a subtype method — not a JSON primitive like string or integer. Claude can read the full catalog from the MCP resource restfaker://field-types, and unknown pairs return INVALID_FIELD_TYPE with the valid options. Use enumValues for a fixed set of values, or array: true (or { min, max }) for a list field like tagList.
Custom lookup key: set lookupKey on a resource to address records by a field like slug or username instead of id GET/PATCH/DELETE /articles/:slug. It must be one of the fields and is auto-made unique.
Body envelopes: set envelope: { request, single, list } to mirror APIs that wrap payloads — e.g. { "article": {...} } on create and { "articles": [...] } on list. And an authConfig token field can be a dot-path like user.token to nest the JWT under { user: { token } }.
Nested resources: give a resource a nested config ({ parent, parentKey, foreignKey }) to mount it as a child collection — GET/POST /articles/:slug/comments. Create the parent first; generated children link to real parent keys, and child auth is enforced independently.
Action routes: add actions for side-effect endpoints like POST/DELETE /articles/:slug/favorite POST increments a counter / sets a flag, DELETE reverses it. Mutations are global (no per-user state) — enough to drive optimistic UI.
Relations: declare relations between resources ({ fromResource, toResource, type }) and CRUD responses are enriched with the related records — belongsTo, hasOne, hasMany (manyToMany maps to hasMany).

Protected routes & mock auth

Mirror an API that sits behind auth. Mark any resource or custom route protected, seed login users, and Claude receives an authGuide in the response describing exactly how to sign in and attach the token. Protected routes require a plan with mock auth (Startup or Enterprise) — otherwise tools return MOCK_AUTH_UNAVAILABLE.

json
{
  "project": { "name": "Store API" },
  "resources": [
    {
      "resourceName": "orders",
      "protected": true,
      "fields": [{ "name": "total", "type": "number", "subtype": "int" }]
    }
  ],
  "mockAuth": {
    "enabled": true,
    "protectedRoutes": ["orders"],
    "users": [
      { "email": "demo@test.com", "password": "secret123" }
    ]
  }
}

Default flow: sign up / sign in at /api/schema/signup and /api/schema/signin (with the apitoken header), then send Authorization: Bearer <token> on protected requests.

Custom scheme: pass an authConfig on the project to mirror a real API — custom login path, credential field names, and where the token is returned/sent (e.g. body accessToken, header X-Auth-Token). Omit it for the default convention above.

Lifecycle endpoints: add an authConfig.lifecycle block to mock the rest of a typical auth flow. Each field is a route path (omit or null to leave it unexposed): logoutPath, refreshPath, forgotPasswordPath, resetPasswordPath, sendVerificationEmailPath, verifyEmailPath.

  • logout clears the token cookie (cookie schemes) and returns 200 — stateless JWTs are not revoked server-side.
  • refresh — present the current token to receive a fresh one, returned exactly like sign-in; 401 if none is sent.
  • forgot / reset password and send / verify email return realistic 200 acknowledgements (no email is sent and mock users are not mutated).

Enabled endpoints (all POST under /api/schema) are echoed back in each tool's authGuide.lifecycle array, and appear in a project's Auth & Users tab.

Troubleshooting

401 UNAUTHORIZED — Missing or invalid Authorization header

Make sure the header is Authorization: Bearer rf_live_.... Regenerate the token if it was revoked or expired.

403 FORBIDDEN — Missing required scopes

The token does not have the scope required by the tool. Revoke it in Profile Settings and create a new one with the correct scopes.

403 FORBIDDEN — Account disabled or not activated

API tokens stop working while the owning account is suspended or its email is unverified. Resolve the account status and the same token works again.

Tool returns PROJECT_NOT_FOUND

The projectId does not exist or belongs to a different account. Run restfaker_list_projects to look up your project IDs.

Tool returns SCHEMA_CONFLICT

A resource with that name already exists in the project. Choose a different resourceName.

Tool returns ROUTE_CONFLICT

A custom route with the same method and path already exists in the project.

Tool returns MOCK_AUTH_UNAVAILABLE

You tried to create a protected route or seed users on a plan without mock auth. Upgrade to Startup or Enterprise, or drop the protected / mockAuth options.

429 — Rate limit exceeded

The MCP endpoint allows 60 requests per minute per API token. Wait a moment before retrying, or split a large contract across multiple calls.