Claude Code & MCP
Rest Faker exposes a Model Context Protocol (MCP) endpoint so AI assistants like Claude Code can create and manage your mock APIs directly — without opening the dashboard.
Describe it, get it
Tell Claude Code what your API should look like and it will create the project, resources, and custom routes in one shot — no form filling, no clicks.
Batch from a contract
Use restfaker_generate_from_contract to create an entire mock backend — project, multiple resources, and custom routes — in a single call, with idempotency so retries are always safe.
Step 1 — Create an API token
Open Profile Settings → API Tokens and click New token. Give it a name (e.g. Claude Code) and select the scopes you need.
mcp:read, projects:read, schemas:read, and routes:read. Add mockusers:write only if the assistant should seed mock login users.The token starts with rf_live_ and is shown only once — copy it before closing the dialog.
Step 2 — Connect Claude Code
Run this once in your terminal, replacing <TOKEN> with the token you just copied:
claude mcp add restfaker --transport http https://api.restfaker.dev/mcp \
--header "Authorization: Bearer <TOKEN>"Verify the connection with claude mcp list. Rest Faker should appear with status connected.
Available tools
restfaker_create_projectCreate a new Rest Faker project.
restfaker_list_projectsList all projects owned by the authenticated user.
restfaker_update_projectRename a project and/or change its auth scheme (authConfig); pass null to reset auth to the default.
restfaker_delete_projectPermanently delete a project and everything in it.
restfaker_create_crud_resourceAdd a CRUD mock resource (schema) to an existing project.
restfaker_update_crud_resourceUpdate an existing resource — add, change, or remove fields, edit config and relations (regenerates mock data).
restfaker_delete_resourceDelete a CRUD resource (schema) from a project by name.
restfaker_seed_recordsInsert specific known records into a resource so tests can assert on stable ids and values.
restfaker_get_recordsRead a sample of a resource's current records.
restfaker_create_custom_routeAdd a static route that returns a fixed JSON response.
restfaker_update_custom_routeUpdate a custom route by id — method, path, response, status, delay, headers, or protection.
restfaker_delete_custom_routeDelete a custom route by id.
restfaker_list_project_routesList all CRUD and custom routes inside a project, including which ones are protected.
restfaker_create_mock_usersSeed mock auth users so clients and tests can sign in and call protected routes.
restfaker_delete_mock_userDelete a seeded mock auth user from a project by id.
restfaker_generate_from_contractBatch-create a full mock backend — project, resources, custom routes, mock auth, and users — from a single structured contract.
restfaker_import_openapiCreate a mock project from an OpenAPI/Swagger spec (Startup/Enterprise). Omit selectedRoutes to import all.
restfaker_create_from_templateCreate a project from a prebuilt template (blog, ecommerce, chat, crm, social-network).
restfaker_get_request_logsFetch recent request logs for a project to confirm the mock API is being called.
Example prompt
Once connected, describe your API in plain language:
{"status": "ok"}.”Claude will call restfaker_generate_from_contract automatically and return the base URL and project token ready to paste into your frontend config.
Contract format
When using restfaker_generate_from_contract directly, the contract follows this shape:
{
"project": {
"name": "Blog API",
"description": "Mock blog backend"
},
"resources": [
{
"resourceName": "posts",
"recordCount": 20,
"fields": [
{ "name": "title", "type": "lorem", "subtype": "sentence" },
{ "name": "body", "type": "lorem", "subtype": "paragraph" },
{ "name": "authorId", "type": "string", "subtype": "uuid" },
{ "name": "tags", "type": "lorem", "subtype": "words" }
],
"methods": ["GET", "POST", "PATCH", "DELETE"]
},
{
"resourceName": "comments",
"recordCount": 50,
"fields": [
{ "name": "postId", "type": "string", "subtype": "uuid" },
{ "name": "author", "type": "person", "subtype": "fullName" },
{ "name": "body", "type": "lorem", "subtype": "sentence" }
]
}
],
"customRoutes": [
{
"method": "GET",
"path": "/health",
"statusCode": 200,
"response": { "status": "ok", "version": "1.0.0" }
}
],
"idempotencyKey": "blog-api-v1"
}idempotencyKey so that retrying the same call (after a timeout or partial failure) never creates duplicates.type is a Faker category (e.g. internet, person, number, string) with a subtype method — not a JSON primitive like string or integer. Claude can read the full catalog from the MCP resource restfaker://field-types, and unknown pairs return INVALID_FIELD_TYPE with the valid options. Use enumValues for a fixed set of values, or array: true (or { min, max }) for a list field like tagList.lookupKey on a resource to address records by a field like slug or username instead of id — GET/PATCH/DELETE /articles/:slug. It must be one of the fields and is auto-made unique.envelope: { request, single, list } to mirror APIs that wrap payloads — e.g. { "article": {...} } on create and { "articles": [...] } on list. And an authConfig token field can be a dot-path like user.token to nest the JWT under { user: { token } }.nested config ({ parent, parentKey, foreignKey }) to mount it as a child collection — GET/POST /articles/:slug/comments. Create the parent first; generated children link to real parent keys, and child auth is enforced independently.actions for side-effect endpoints like POST/DELETE /articles/:slug/favorite — POST increments a counter / sets a flag, DELETE reverses it. Mutations are global (no per-user state) — enough to drive optimistic UI.relations between resources ({ fromResource, toResource, type }) and CRUD responses are enriched with the related records — belongsTo, hasOne, hasMany (manyToMany maps to hasMany).Protected routes & mock auth
Mirror an API that sits behind auth. Mark any resource or custom route protected, seed login users, and Claude receives an authGuide in the response describing exactly how to sign in and attach the token. Protected routes require a plan with mock auth (Startup or Enterprise) — otherwise tools return MOCK_AUTH_UNAVAILABLE.
{
"project": { "name": "Store API" },
"resources": [
{
"resourceName": "orders",
"protected": true,
"fields": [{ "name": "total", "type": "number", "subtype": "int" }]
}
],
"mockAuth": {
"enabled": true,
"protectedRoutes": ["orders"],
"users": [
{ "email": "demo@test.com", "password": "secret123" }
]
}
}Default flow: sign up / sign in at /api/schema/signup and /api/schema/signin (with the apitoken header), then send Authorization: Bearer <token> on protected requests.
Custom scheme: pass an authConfig on the project to mirror a real API — custom login path, credential field names, and where the token is returned/sent (e.g. body accessToken, header X-Auth-Token). Omit it for the default convention above.
Lifecycle endpoints: add an authConfig.lifecycle block to mock the rest of a typical auth flow. Each field is a route path (omit or null to leave it unexposed): logoutPath, refreshPath, forgotPasswordPath, resetPasswordPath, sendVerificationEmailPath, verifyEmailPath.
logoutclears the token cookie (cookie schemes) and returns200— stateless JWTs are not revoked server-side.refresh— present the current token to receive a fresh one, returned exactly like sign-in;401if none is sent.forgot / reset passwordandsend / verify emailreturn realistic200acknowledgements (no email is sent and mock users are not mutated).
Enabled endpoints (all POST under /api/schema) are echoed back in each tool's authGuide.lifecycle array, and appear in a project's Auth & Users tab.
Troubleshooting
401 UNAUTHORIZED — Missing or invalid Authorization header
Make sure the header is Authorization: Bearer rf_live_.... Regenerate the token if it was revoked or expired.
403 FORBIDDEN — Missing required scopes
The token does not have the scope required by the tool. Revoke it in Profile Settings and create a new one with the correct scopes.
403 FORBIDDEN — Account disabled or not activated
API tokens stop working while the owning account is suspended or its email is unverified. Resolve the account status and the same token works again.
Tool returns PROJECT_NOT_FOUND
The projectId does not exist or belongs to a different account. Run restfaker_list_projects to look up your project IDs.
Tool returns SCHEMA_CONFLICT
A resource with that name already exists in the project. Choose a different resourceName.
Tool returns ROUTE_CONFLICT
A custom route with the same method and path already exists in the project.
Tool returns MOCK_AUTH_UNAVAILABLE
You tried to create a protected route or seed users on a plan without mock auth. Upgrade to Startup or Enterprise, or drop the protected / mockAuth options.
429 — Rate limit exceeded
The MCP endpoint allows 60 requests per minute per API token. Wait a moment before retrying, or split a large contract across multiple calls.