- Transport: streamable HTTP (the standard MCP HTTP transport). This is not SSE-only and not a stdio server — connect with any MCP client that supports HTTP transports.
- Auth: the same partner API key as the REST API, sent as
Authorization: Bearer whk_…. Unauthenticated requests get401 {"error":"unauthorized"}. - Tools: 20 tools mirroring the REST API’s 20 resource operations (
whistle_list_leagues,whistle_create_games,whistle_assign_official, …) — everything except theGET /api/v1index, which has no tool. Tool results are the REST response’sdatapayload; REST errors surface as tool errors with the sameerrorcode. - Scoping: the server forwards your bearer token to the REST API, so every tool call runs as you — the same source scope and attribution as direct REST calls.
Connect from Claude Code
Use an environment variable — don’t paste the key into the command history:list Whistle leagues to verify the connection with a read-only tool.
Connect from a generic MCP client
Any MCP client configuration that supports HTTP servers with custom headers works. For clients using the common JSON config shape:Check your client’s documentation for how it interpolates environment variables into headers — the goal is that the literal key never lands in a config file you might commit.
The 20 tools
| Read (safe) | Write (confirm first) |
|---|---|
whistle_list_leagues | whistle_create_league |
whistle_get_league | whistle_update_league |
whistle_list_games | whistle_create_games |
whistle_get_game | whistle_update_game |
whistle_list_officials | whistle_cancel_game ⚠️ |
whistle_list_assignments | whistle_add_official |
whistle_list_payments | whistle_remove_official ⚠️ |
whistle_list_webhooks | whistle_assign_official |
whistle_list_webhook_deliveries | whistle_unassign_position ⚠️ |
whistle_register_webhook | |
whistle_delete_webhook ⚠️ |

