v0.4.0 Open Source Apache 2.0

One paso. Every protocol.

Declare your API's capabilities once.
paso turns them into a live MCP server.
No protocol code to write.

From npm install to a running MCP server in under 5 minutes.

npm install usepaso pip install usepaso GitHub → 
 # That's it. Seriously.
$ usepaso init --name "Sentry"
  Created usepaso.yaml

$ usepaso serve
  usepaso serving "Sentry" (6 capabilities)
  # Agents can now access your API via MCP
The Problem
17 agent protocols and counting.

Every new protocol is a bet on someone else's roadmap.

MCP today. A2A next quarter. Three more by the end of the year. Each one means new server code, new testing, new dependencies you didn't ask for. You're not building protocol adapters. You're building a product.

There's a simpler way to think about this.

Or you can keep writing protocol adapters. One for each new standard, forever.

What We Believe

Your service has value.
The protocol layer shouldn't extract it.

Declare what your API can do, once. One YAML file. paso turns that declaration into a live MCP server today, and whatever protocol the industry agrees on tomorrow. You write the declaration. We handle the rest.

The agent economy is coming. Every service will need to participate. We think the terms should be yours, not set by whoever controls the integration layer.

One declaration. Every protocol. Your terms.

The Receipts
Self-hosted Runs on your machine. No telemetry. No phone-home.
Apache 2.0 Read every line. Fork it. Ship it as yours.
Zero lock-in Output is static JSON. Vendor it, commit it, leave us.
Zero runtime deps paso generates. Your server runs standalone. Nothing to keep alive.

Node.js and Python. Claude Desktop and Cursor ready.

How It Works
1

Declare

Describe your API's capabilities in a single YAML file. Or generate from your OpenAPI spec.

2

Validate & Test

paso checks your declaration and lets you test capabilities before going live.

3

Serve

Start an MCP server. Agents connect. No protocol code to write.

# usepaso.yaml — Sentry example
version: "1.0"

service:
  name: Sentry
  description: Error monitoring for software teams
  base_url: https://sentry.io/api/0
  auth:
    type: bearer

capabilities:
  - name: list_issues
    description: List issues for a project
    method: GET
    path: /projects/{org}/{project}/issues/
    permission: read
$ usepaso inspect

Service: Sentry
Tools:   6
Auth:    bearer

  list_issues      List issues for a project
  get_issue        Get issue details by ID
  resolve_issue    Resolve an issue
  list_projects    List organization projects
  get_event        Get event details
  search_events    Search events by query
// Claude Desktop → Settings → MCP Servers
{
  "mcpServers": {
    "sentry": {
      "command": "npx",
      "args": ["usepaso", "serve"],
      "env": {
        "USEPASO_AUTH_TOKEN": "your-sentry-token"
      }
    }
  }
}
What You Get

One Declaration, Working Server

You write YAML describing your API's capabilities. paso handles the MCP protocol, server setup, request routing, auth forwarding, and error handling. No MCP SDK knowledge required.

# Your entire integration
$ usepaso serve
  usepaso serving "Stripe" (12 capabilities)
  # That's it. No MCP code to write.

You Set the Boundaries

Permission tiers: read, write, admin. Consent required for destructive actions. Rate limit constraints. A forbidden list to block what agents should never touch. You declare exactly what agents can and cannot do.

capabilities:
  - name: "delete_project"
    permission: "admin"
    consent_required: true

constraints:
  rate_limit: 100
  max_items: 50

forbidden:
  - "DELETE /org/{org}"

OpenAPI to Agent-Ready in Minutes

Already have an OpenAPI spec? Generate your declaration from it. Edit to curate which endpoints agents can access. Serve. Done.

$ usepaso init --from-openapi ./openapi.json
  Generated usepaso.yaml (23 capabilities)

# Edit to curate, then serve
$ usepaso serve
  usepaso serving "MyAPI" (12 capabilities)
After

What changes when your API is agent-ready.

Before

You write an MCP server. Then an A2A adapter. Then maintain both.

After

You write a YAML file. paso handles the rest. New protocols require zero code changes.

Before

Agents can call any endpoint. You hope nothing breaks.

After

Permission tiers, consent gates, and a forbidden list. You control exactly what agents can do.

Protocol Support

Protocols come and go. Your declaration stays the same.

Protocol Status What happens
MCP Stable usepaso serve starts a live MCP server
A2A Planned Coming next
More Future Declaration format is designed to be protocol-agnostic
FAQ
How do I create an MCP server?
Declare your API's capabilities in a usepaso.yaml file, then run usepaso serve. paso generates a standards-compliant MCP server from the declaration. No protocol code to write. Works with any REST API.
Can I generate an MCP server from an OpenAPI spec?
Yes. Run usepaso init --from-openapi ./openapi.json to generate a declaration from your spec. Edit it to curate which endpoints agents can access and set permissions. Then usepaso serve.
What is the easiest way to make my API work with Claude?
Install paso (npm install -g usepaso or pip install usepaso), run usepaso init --name "YourAPI", fill in the YAML, and add the MCP server to Claude Desktop's config. The docs have copy-paste snippets.
Do I need to know the MCP protocol to use paso?
No. paso handles protocol compliance, request routing, auth forwarding, input validation, and error handling. You declare what your API can do in YAML. paso does the rest.
How is this different from writing an MCP server manually?
You write YAML, not TypeScript or Python MCP server code. A manual MCP server requires implementing tool schemas, request handlers, error formatting, and transport. paso generates all of that from your declaration.
What MCP clients does it work with?
Claude Desktop, Cursor, and any MCP-compatible client. The docs include copy-paste config snippets for each.
Does paso work with Python?
Yes. paso has Node.js and Python SDKs with identical behavior. Same CLI, same YAML format, same output. Install with pip install usepaso.
How do I control what agents can do?
Permission tiers (read/write/admin), consent_required for destructive actions, rate limit constraints, max item limits, and a forbidden list to block capabilities agents should never call.
Is paso free?
Yes. Apache 2.0 license. Self-hosted. No cloud dependency, no usage limits, no SaaS.

Your API is one YAML file away
from being agent-ready.

npm install usepaso pip install usepaso Read the docs →