Getting started

How agents connect

Choose between MCP and the Ramp CLI, and understand the auth model.

Ramp agents usually connect in one of two ways: remote MCP inside an assistant, or the Ramp CLI inside a shell. Both use browser OAuth, both act as the signed-in Ramp user, and both should be treated as access to real company data.

Choose a channel

Use MCP when:

  • You're using Claude, ChatGPT, Cursor, Perplexity, or another MCP-compatible client.
  • The work is conversational: "show me recent SaaS spend," "what cards do I have," "is this purchase allowed," or "generate Agent Card credentials for this checkout."
  • You want the assistant to discover and call Ramp tools during the conversation.

Use the Ramp CLI when:

  • The agent has terminal access or runs as a script or scheduled job.
  • You're working with coding agents, CI workflows, or headless services on a remote host.
  • You want JSON output for downstream processing, or packaged skills like agentic-purchase.

You can run both side by side. They are independent clients using Ramp OAuth and the permissions of the authenticated user.

Permissions and audit

  • Actions are attributed to you. The agent acts as the Ramp user who authenticated the connection.
  • Permissions match your role. If you can't see something in the dashboard, the agent can't see it either. Employees see only their own data; admins see company-wide data.
  • Writes are audited. When a tool or CLI command changes Ramp data, the action lands in the Ramp audit log.
  • Admins can restrict MCP access. Ramp admins can manage who may use MCP from Company -> Integrations -> Ramp MCP -> Manage Access.

Prerequisites

  • A Ramp production or sandbox account.
  • Access to a supported client (for MCP) or a terminal (for the CLI).
  • For Agent Cards: business enrollment, appropriate scopes, and at least one active fund.

Continue to the Quickstart to make your first connection.