×
How it works

One server. Every API you use. Any agent.

Most agents only know about the tools their developer wired in. Joshua flips that: you decide which APIs your agent knows about, and any agent that connects to Joshua over MCP picks up the whole set automatically.

Register the APIs you want your agents to use

There are three ways to add a tool, and you can mix them freely:

  • Pick from the catalog. We keep a reviewed set of common APIs — Stripe, GitHub, Notion, Slack, and more. Click, name it, save.
  • Build your own. Paste an OpenAPI spec, an MCP descriptor, or a plain-English how-to for any API — including the internal ones you never documented. It stays private to your account.
  • Submit to the catalog. If you've written a good spec and think others would benefit, send it to the review queue. Approved entries show up on the homepage.

Tell Joshua where the credential lives (not the credential itself)

When you register a tool, you pick an auth type — bearer, basic, OAuth, or none — and a pointer to where the real credential is stored:

  • An environment variable name (STRIPE_SECRET_KEY)
  • A 1Password vault path (op://Personal/Stripe/credential)
  • Doppler, Infisical, or AWS Secrets Manager references

Joshua never stores the credential. Your agent's runtime resolves the pointer at call time — which means rotating a key in your vault is enough; you don't have to update Joshua.

Add notes so your agent uses each entry correctly

The same tool can be registered many times under different names — Stripe (test)vs Stripe (live), two Notion workspaces, a staging and a prod database. For each one, you can leave a note telling the agent when to use it:

"Test mode. Safe for experiments. Never use this for real customer data. For anything real, use the entry named 'Stripe (live)'."

The agent reads these notes every time it fetches the tool. Private to you — they only travel through your own API key.

Connect your agent to Joshua

Your settings page gives you two URLs — one for Claude.ai's custom connector (the key is in the URL) and one with a Bearer header for everything else. Paste it in and you're done.

Joshua exposes exactly two tools over MCP:

  • list_user_tools — the menu. Names, summaries, IDs.
  • fetch_user_tool — the detail. Full spec, auth pointer, and your notes for one specific entry.

That's the whole surface. Every other API is something Joshua describes, not something Joshua calls — your agent makes the actual HTTP request to Stripe or Notion or your internal service directly.

Your agent just works

When you ask your agent to do something that needs an API, it calls list_user_tools, finds what it needs, calls fetch_user_tool to get the spec and auth pointer, resolves the credential from your secret store, and makes the request. You don't re-explain your stack every conversation. New agent, same Joshua URL, same toolbox.

The short version

You curate a list of APIs. Joshua serves them over one MCP endpoint. Any agent that connects sees them all. Credentials stay in your vault. We teach your agent, you keep your secrets.