A practical guide to connecting Claude (or any MCP client) to the Junyr Suite's native MCP server — how the delegated, passkey-secured auth works, why CRU-A writes and tier governance keep an SME sovereign, and what the ~125 tools (incl. ~25 pre-computed) let an AI assistant actually do.
Connect Claude to Run Your Business with the Junyr Suite MCP
In short — the Junyr Suite ships a native MCP server at mcp.junyr.app that lets you connect Claude — or any MCP-compatible client — and steer your whole business in plain language. Authentication is delegated to the Junyr login page with WebAuthn passkey 2FA (the MCP never sees your password), every call is scoped to one company and governed by its confidentiality tier, and the server exposes more than 120 read/write tools — including around two dozen pre-computed ones (KPIs, margins, cash forecast, the Morning Briefing).
The Model Context Protocol (MCP) is the open standard that lets an AI assistant like Claude read and act on real software. Most companies bolt MCP onto a single tool — a CRM, a calendar. The Junyr Suite — the sovereign AI operating system for your business — takes the opposite route: it exposes its entire operating surface (messaging, the 8-module ERP, CRM, calendar, documents, finance) through one secure MCP server. The result is an AI assistant that doesn't just look things up — it can genuinely run the day-to-day of an SME, with sovereignty and an audit trail intact.
This guide walks through how the connection works, why the security model matters for a small business, and what you can actually do once Claude is plugged in.
🔌 How it works
You connect a Claude MCP client (or any MCP-compatible AI client) to a single endpoint:
MCP server: mcp.junyr.app
Auth: delegated to the Junyr login page + WebAuthn passkey 2FA
Scope: one company per session (you choose which org)
Governance: every call respects the company's confidentiality tier
Three things are worth unpacking.
- Delegated authentication. When you add the connector, Junyr hands you off to its own login page. You sign in there — password plus a WebAuthn passkey for second-factor (AAL2) — and grant the connection. The MCP server never sees your password. This is the same delegated, passkey-backed flow Junyr uses everywhere else; the AI client only ever holds a scoped grant.
- One company at a time. A Junyr user can belong to several organizations at once (a personal "Personnel" org plus one or more business orgs). The MCP makes the active company explicit — you discover which orgs you can reach, then every tool call is scoped to exactly one. No cross-tenant leakage by construction.
- Tier governance on every call. Junyr has three confidentiality tiers — Simple, Sécurisée and Totale. The MCP honors them per call: a Totale company refuses content reads outright, and a Sécurisée company returns sanitized data. The connection can't be used to side-step the data-protection level you set.
🛡️ Why the security model matters for an SME
For a small business, "let an AI touch my data" is a sovereignty question before it's a productivity one. The Junyr MCP is built so the convenience never costs you control.
| Concern | How the Junyr Suite MCP answers it |
|---|---|
| Passwords | Auth is delegated to the Junyr login page with passkey 2FA — the MCP never receives your password. |
| Data residency | Junyr is hosted in Europe; an On-Prem option and bring-your-own local LLM keep data on your own hardware. |
| Confidentiality | Per-call tier governance — Totale refuses content reads, Sécurisée sanitizes. |
| Reversibility | Writes are CRU-A: create, read, update and archive — archiving is reversible, and there is no hard-delete in the MCP. |
| Scope | One company per session; cross-tenant reads are impossible by design. |
That CRU-A model deserves a line of its own. Letting an AI agent write to your business is only safe if mistakes are recoverable. In the Junyr Suite MCP, the destructive verb simply doesn't exist — the strongest thing the assistant can do is archive a record, which you can restore. Hard deletion stays a deliberate, human action inside the Junyr interface.
🧰 What you can do once Claude is connected
The server exposes more than 120 tools — read and write — spanning the whole platform: email and contacts, projects (deals), quotes, invoices and payments, suppliers and orders, the product catalog, production, finance, expense reports, calendar and sovereign Visio, documents, HR, CSR and BI. Around two dozen of them are pre-computed: instead of pulling hundreds of raw rows for the model to crunch, they return an answer already aggregated server-side.
| Domain | Pre-computed answers (examples) |
|---|---|
| Day steering | The Morning Briefing — the day's priorities, alerts and agenda in one call |
| Finance | Finance KPIs, cash-runway forecast, year-over-year comparison |
| Commerce | Consolidated pipeline, quote statistics, sales-meeting prep |
| Margins | Margin computed per deal, per invoice, per quote |
| Customers & BI | Customer health scoring, top customers, objectives vs actuals, anomaly detection |
A concrete morning looks like this:
You, to Claude: "What does my day look like, and where do I stand on cash?"
Claude, via the Junyr MCP:
1. Morning Briefing → priorities, alerts, agenda (1 call)
2. cash-runway forecast → projected cash, computed server-side
3. commercial pipeline → consolidated, already aggregated
= a handful of calls, compact answers, deterministic figures —
not 20 raw list calls the model has to sum up itself.
Because the heavy lifting happens server-side, the assistant reasons over answers rather than tables. That means fewer tokens, faster replies and figures that don't drift — a real difference when the AI is steering an SME's books rather than answering trivia.
And it's not read-only theater. Within tier governance, Claude can draft quotes, create or update projects and contacts, schedule calendar events, prepare a sales meeting, mint a private expiring document share link — and, where it would otherwise remove something, archive it reversibly instead.
One graph, one assistant. Junyr links companies, contacts, projects, documents and events into a single connected graph — so "tell me everything about client X" resolves to one entity and its linked records, not a scavenger hunt across disconnected tools.
🤝 Junyr Agents and Claude — not either/or
The Junyr Suite already includes Junyr Agents — AI agents you recruit and train inside the platform — and the conversational Ask Junyr assistant in the sidebar. The MCP server doesn't replace them; it opens the same operating surface to your preferred external AI client. You can pilot the business from inside Junyr, from Claude, or both — the data, the tiers and the audit trail are identical either way.
If you'd rather the AI run entirely on your own hardware, that's a first-class option too: Junyr lets you bring your own local LLM, so eligible AI runs on your endpoint and the data never leaves it.
Discover the Junyr Suite → · See pricing → · How Junyr's MCP compares for ERP/CRM →
FAQ
How do I connect Claude to my business with Junyr?
Add the Junyr Suite MCP server at mcp.junyr.app as a connector in a Claude MCP client. Authentication is delegated to the Junyr login page with a WebAuthn passkey for 2FA, so Claude never sees your password; you then pick which company the session is scoped to, and every tool call respects that company's confidentiality tier.
Is it safe to let an AI assistant write to my business data?
Yes — Junyr's MCP writes are CRU-A: the AI can create, read, update and archive records, but there is no hard-delete. Archiving is reversible, hard deletion stays a deliberate human action in the Junyr interface, and Totale-tier companies refuse content reads entirely, so an AI client can never side-step the protection level you set.
What can Claude actually do through the Junyr Suite MCP?
More than 120 read/write tools cover the whole platform — email, CRM, projects, quotes, invoices, payments, suppliers, catalog, production, finance, calendar, documents, HR, CSR and BI. Around two dozen are pre-computed (Morning Briefing, finance KPIs, cash-runway forecast, margins, pipeline), returning ready answers instead of raw rows for fewer tokens and more reliable figures.
Does connecting Claude replace the Junyr Agents?
No. The Junyr Suite still includes Junyr Agents you recruit inside the platform and the Ask Junyr sidebar assistant. The MCP server simply opens the same operating surface to your external AI client, with the same per-company scope, confidentiality tiers and reversible writes — so you can run the business from Junyr, from Claude, or both. See pricing to get started.
Croissance & Transitions guide. Updated 2026-06-14.
Junyr Team
AI Platform Team
The Junyr team builds AI workforce tools that help European SMEs recruit, train, and manage autonomous AI agents for everyday business tasks.
Related Articles
Junyr now supports A2A: the open agent-to-agent protocol
Junyr implements the Agent2Agent (A2A) protocol — external AI agents can autonomously delegate business tasks to your Junyr agent, complementing the existing MCP connector. Discovered via an Agent Card, OAuth 2.1, scoped per company.
Read article →MCP for ERP/CRM Compared: Surface Coverage + Pre-Computed Tools
A two-axis comparison of MCP servers for ERP and CRM — full business coverage and pre-computed answers — showing why the Junyr Suite lets an AI agent drive the whole ERP, not just touch tables.
Read article →MCP & ERP: Why Surface Coverage Is the Real Prerequisite
Why an AI agent can only run your business if the MCP server exposes the whole business — and how the Junyr Suite covers all 16 ERP surfaces with ready-to-use tools instead of generic CRUD.
Read article →