Getting started
How agents connect
Choose between MCP and the Ramp CLI, and understand the auth model.
Ramp agents usually connect in one of two ways: remote MCP inside an assistant, or the Ramp CLI inside a shell. Both use browser OAuth, both act as the signed-in Ramp user, and both should be treated as access to real company data.
Choose a channel
Use MCP when:
- You're using Claude, ChatGPT, Cursor, Perplexity, or another MCP-compatible client.
- The work is conversational: "show me recent SaaS spend," "what cards do I have," "is this purchase allowed," or "generate Agent Card credentials for this checkout."
- You want the assistant to discover and call Ramp tools during the conversation.
Use the Ramp CLI when:
- The agent has terminal access or runs as a script or scheduled job.
- You're working with coding agents, CI workflows, or headless services on a remote host.
- You want JSON output for downstream processing, or packaged skills like
agentic-purchase.
You can run both side by side. They are independent clients using Ramp OAuth and the permissions of the authenticated user.
Permissions and audit
- Actions are attributed to you. The agent acts as the Ramp user who authenticated the connection.
- Permissions match your role. If you can't see something in the dashboard, the agent can't see it either. Employees see only their own data; admins see company-wide data.
- Writes are audited. When a tool or CLI command changes Ramp data, the action lands in the Ramp audit log.
- Admins can restrict MCP access. Ramp admins can manage who may use MCP from Company -> Integrations -> Ramp MCP -> Manage Access.
Prerequisites
- A Ramp production or sandbox account.
- Access to a supported client (for MCP) or a terminal (for the CLI).
- For Agent Cards: business enrollment, appropriate scopes, and at least one active fund.
Continue to the Quickstart to make your first connection.