Skip to main contentSkip to footer
For agents
For agents

Public vs protected

What is available anonymously and what requires authentication on the Blueprint MCP endpoint.

MCP setup

Public tools — no auth required

Read-only retrieval tools are fully anonymous: list_principles, list_clusters, get_principle, get_cluster, get_example, search_principles, search_examples, and list_agent_assets. Signal tools (report_value_event, submit_feedback) are also anonymous-allowed but opt-in only — never called automatically.

Protected tools — authentication required

Personalised tools require a valid Bearer token: get_my_learning_path and get_my_coaching_context (any authenticated plan). validate_agent_architecture and summarize_team_usage require Pro or Teams plan. add_evidence_note requires course enrollment. Handoff tools (request_operator_handoff, request_partnership_handoff, request_agency_handoff) are for admin use only.

Access model

Pass an Authorization: Bearer <token> header to unlock protected tools. Public retrieval tools continue to work with or without auth — authentication never degrades the read-only surface. Protected tools return a structured error if the plan does not cover them, not a 401. This is expected plan-gating behavior, not a connection failure.

Public · Read-only
Public tools
These tools are public and read-only. No authentication required.
  • list_principles(cluster?)
  • list_clusters()
  • get_principle(slug)
  • get_cluster(slug)
  • get_example(slug)
  • search_principles(query, limit?)
  • search_examples(query, principle_ids?, difficulty?, library?, limit?)
  • list_agent_assets()
Authenticated · Pro
Authenticated / Pro tools
They appear in the live registry, but require authentication and are not part of the public read-only promise.
  • get_my_learning_path()
  • get_my_coaching_context()
  • validate_agent_architecture(implementation_context, focus_area?, task?, language?, repository?, files?, goals?, example_limit?)
  • add_evidence_note(course_slug, stage_id, note)

get_my_coaching_context() is designed for a single context injection per session — call it once at the start and pass the payload downstream. Polling it on every turn doubles your input tokens without adding new information.

Choose the path that matches your plan

Keep the information architecture honest: public doctrine access is available now, while Pro is the practitioner layer for protected reports, saved evidence, authenticated MCP, and recurring next actions.

Available now
Basic / Free: public doctrine access for local agent setups
Use downloadable rules, prompt packs, and the read-only public MCP endpoint to expose principles and examples inside Claude, Codex, Cursor, Windsurf, GitHub Copilot, Gemini CLI, DeepSeek, Qwen, and other agent-aware clients without account setup.
  • Download Claude skill packs, Cursor and Windsurf rules, Copilot instructions, Gemini context, Markdown, JSON, and llms.txt
  • Call the public read-only MCP tools
  • Right starting point for solo exploration and content discovery
See pricing context →
Next increment
Pro: protected personal validation and deeper retrieval
Pro is the practitioner workspace where MCP and skills turn real workflow evidence into protected readiness reports, saved findings, authenticated coaching context, and recurring next actions.
  • Protected validation against the principles
  • Sharper example retrieval with freshness metadata
  • Built for individual practitioners applying the doctrine to product and code
See pricing context →
Later phase
Teams: shared governance and agent visibility
Team-level agent workflows come after the protected layer is proven. That path is about shared audit visibility, private overlays, and organisational consistency, not a separate handbook.
  • Shared audit visibility for agent use and validation activity
  • Private overlays and admin visibility
  • Only after the hosted personal path proves real demand
See pricing context →
How should a team use this page in the larger site?

Use it after the doctrine and examples are clear enough to operationalize. Principles define the standards, examples provide inspectable evidence, and this page distributes both into agent tooling.

Also in this section

MCP setupTrust and data handlingStart here