Skip to main content

Set up the Ironclad MCP server

The Ironclad MCP server gives AI agents read-only access to Ironclad CLM — running Conversational Search over contracts, reading contract records, and reading workflows. This guide covers registering an Ironclad OAuth client and connecting the Ironclad MCP server to MintMCP.

Prerequisites

  • A MintMCP admin account
  • An Ironclad account on NA1 with the API add-on enabled
  • An Ironclad admin to register the OAuth client
  • Each user needs their own Ironclad login to complete OAuth consent

Register an Ironclad OAuth client

Ironclad does not support dynamic client registration, so an Ironclad admin must register an OAuth app once. This produces the client_id and client_secret you'll paste into MintMCP.

Reference: developer.ironcladapp.com/reference/register-oauth-client

  1. In Ironclad, click your profile in the top-right corner and select Company Settings.

  2. Select the API tab in the left sidebar. If you don't see it, your instance doesn't have the API add-on enabled.

    Company Settings sidebar with the API tab

  3. Click Create new app, enter a name (for example, MintMCP), and click Create app.

    Ironclad API apps page with Create new app button

  4. Copy the client_id and client_secret from the confirmation dialog. The secret is shown only once — store it somewhere secure before closing the modal.

    Dialog showing the generated client ID and client secret

  5. Fill in the rest of the client application details and click Save Changes:

    • Redirect URI: https://app.mintmcp.com/oauth/callback
    • Grant Types: Authorization Code
    • Requested Resource Scopes: the read scopes you want exposed through MCP — see Scope reference below
    Client app configuration form with title, redirect URI, grant types, and scopes

Scope reference

CapabilityScope
Conversational search over contractspublic.search.conversational
Read contract recordspublic.records.readRecords
Read workflowspublic.workflows.readWorkflows

Enable only the scopes your users need. Follow the principle of least privilege.

Add Ironclad to MintMCP

  1. In MintMCP, go to MCP store > Manage store.
  2. Click + Add an MCP to your registryConnect to an MCP by URL.
  3. Fill in the form:
    • Name: Ironclad
    • MCP Server URL: https://mcp.na1.ironcladapp.com/mcp
    • Authorization Method: OAuth
    • Connection Type: Per-user credentials
  4. Open OAuth Client Advanced Settings and paste:
    • Client ID: the client_id from the Ironclad app
    • Client Secret: the client_secret from the Ironclad app
  5. Click Save.

Security considerations

  • The client secret is shown only once in Ironclad — store it securely immediately after creating the app.
  • Each user authenticates individually with their own Ironclad login, so contract access reflects their individual Ironclad permissions.
  • Enable only the scopes your users need. The public.search.conversational, public.records.readRecords, and public.workflows.readWorkflows scopes are read-only.
  • Each Ironclad environment (NA1, EU1, demo) is independent — this guide covers NA1. If your organization uses EU1, register a separate OAuth client there and use the corresponding MCP server URL.

Next steps