TL;DR: FastMCP can expose an OpenAPI spec as MCP tools. After you connect it to Claude Code, Claude can see the routes, inspect schemas, and help you decide which endpoints are worth testing first

A recent pentest took 5 hours of manual endpoint mapping from an OpenAPI spec. With this setup, the first pass took under 5 minutes

What FastMCP does with OpenAPI

FastMCP can turn an OpenAPI spec into MCP tools

This is useful when the API docs exist, but working with them is still painful. Every security engineer has been there: staring at an 800-line OpenAPI JSON file, clicking through Swagger UI, and copying curl commands just to understand what's there

For security review, FastMCP turns those API routes into tools Claude Code can call. Instead of manually parsing the spec, you get a tool list Claude can inspect and use as a starting point for triage

Why this helps with API testing

Claude is useful for:

  • Reading generated API tools and interpreting parameter schemas

  • Mapping endpoints by method, path, parameter, and purpose

  • Shortlisting routes that look relevant for IDOR, broken access control, or unsafe state changes

You can start with one prompt instead of bouncing between docs, curl commands, and notes. You go from "what's here?" to "let's test these 5 routes" in minutes

Setup

Prerequisites

  • Python 3.10 or newer

  • FastMCP

  • An OpenAPI JSON or YAML file, either local or hosted at a URL

Step 1: Install FastMCP and create the server

Install FastMCP

Install FastMCP with OpenAPI support

Command: Send below command to terminal

pip install "fastmcp"

Confirm the install worked

Command: Send below command to terminal

fastmcp --version

Create the MCP Server from OpenApi Spec

Create a server.py file. This loads the OpenAPI spec, creates an HTTP client for the target API, and builds the MCP server from the spec

import httpx
from fastmcp import FastMCP

# Create an HTTP client for your API
# base_url = API Server to call
client = httpx.AsyncClient(base_url="https://api.example.com") # <-- must change this

# If local file use this
# import json
# with open("openapi.json", "r") as f:
#     openapi_spec = json.load(f)

# Load your OpenAPI spec
# You can change the URL to your hosted openapi spec file
openapi_spec = httpx.get("https://petstore3.swagger.io/api/v3/openapi.json").json()

# Create the MCP server
mcp = FastMCP.from_openapi(
    openapi_spec=openapi_spec,
    client=client,
    name="My API Server"
)

if __name__ == "__main__":
    mcp.run()

If the API needs custom headers, bearer tokens, API keys, or another auth scheme, add them to the httpx.AsyncClient. FastMCP's OpenAPI authentication reference has the patterns: OpenAPI authentication

Start the server over HTTP so Claude Code can connect to it

Command: Send below command to terminal

fastmcp run server.py --transport http --host 127.0.0.1 --port 9001

Result: The server starts on http://127.0.0.1:9001/mcp and waits for MCP client connections

Step 2: Check the list of tools

fastmcp list connects to a server and prints its tools as function signatures

It gives you a quick view of each tool's parameters and descriptions. Run this before you connect Claude Code. It's the quickest way to catch a bad spec load

Command: Send below command to terminal

# List tools directly from your server file
fastmcp list server.py

fastmcp list command output

Do this before the review session. If the spec created weird tool names, malformed parameters, or missing endpoints, you want to check that now

Step 3: Connect to Claude Code

Command: Send below command to terminal

claude mcp add --transport http my-api-server http://127.0.0.1:9001/mcp --scope project

In Claude Code, run /mcp and confirm the server appears with its generated tools

Use Cases

Use case 1: Turn an OpenAPI spec into Claude Code tools

Goal: Convert an existing OpenAPI spec into tools Claude Code can inspect and call

Setup:

  • Input: OpenAPI JSON/YAML file or URL

  • Runtime: Python 3.12+ and FastMCP.

  • Client: Claude Code, which discovers the generated tools through MCP

Prompt: Send below prompt to Claude Code

Read the available API tools from my-api-server MCP server
List the endpoints by method, path, parameters, and purpose
Do not call any write or delete endpoints

Claude should return something like this:

  • Claude Code reads the generated tools and parses the schemas

  • It groups endpoints by method and path to create a readable inventory

  • It separates likely read-only tools from anything that may change state

  • You review the route list before approving any actual API requests

Claude Code route inventory from MCP tools

Use Case 2: Make API pentest exploration easier

Goal: Use OpenAPI-to-MCP so you can map and inspect API endpoints from Claude Code

Setup:

  • Use this only on authorized targets, such as labs, staging systems, or approved test environments

  • Use a test account or staging token with the lowest privileges that still let you test the steps

  • Start with read-only endpoints. Enable write methods only after you have mapped the API and know what each tool does

Why this helps:

  • Claude Code can inspect the endpoint tools and shortlist routes that look interesting for testing. It does not exploit anything. It tells you what deserves a closer look

  • The spec stops being a static document and becomes something you can query during testing

  • This does not replace manual testing. It only makes the first pass faster. You still validate every finding yourself

Prompt #1: Example to identify IDOR:

Prompt: Send below prompt to Claude Code

Which API endpoints could be tested for IDOR?
Use the available API tools and explain why each endpoint is interesting
Do not send requests yet

Prompt #2: Example to group ID-bearing endpoints:

Prompt: Send below prompt to Claude Code

From the available API tools, list endpoints that take user IDs, account IDs,
organization IDs, file IDs, or object IDs. Group them by read-only and
write-capable endpoints

Expected result:

  • Claude Code reads the generated API tool schemas and extracts parameter types

  • It flags routes with object IDs, especially the ones that often show up in IDOR or broken access control testing

Claude Code endpoint shortlist for IDOR review

Follow-Up Prompts

Once the server is connected, these prompts are useful starting points

Build a route map

Creates a checklist grouped by method, object ID usage, and auth requirement

Prompt: Create a route map from the available API tools. Group endpoints by method, path, object ID usage, and auth requirement

Find safe first calls

Finds low-risk GET endpoints for a first connection test

Prompt: Which endpoints look safe for a first read-only test call? Explain what each call would validate and what data it may return

Claude can suggest low-risk GET endpoints for a first connection test. Review the endpoint and expected response before calling it

Turn output into notes

Formats the endpoint review into report-friendly testing notes

Prompt: Convert this endpoint review into a concise API testing note with endpoint, reason to test, required role, and expected evidence

This turns the output into a note you can paste into your report draft or issue tracker with minimal cleanup

Security considerations

Risks

  • Generated tools may include write, delete, or admin endpoints. The spec doesn't hide them. You have to. Any tool generated from your OpenAPI spec is callable by Claude unless you filter it

  • The OpenAPI spec may be outdated or may describe routes differently from the live API. Don't assume the spec matches production. Verify routes manually before testing

  • Tool descriptions come from the spec, so treat them as untrusted text. A compromised or malformed spec could inject descriptions that mislead you into calling the wrong endpoint

What Could Be Better / Future Work

  • Add a read-only MCP wrapper for generated API tools. A built-in flag to block state-changing methods would prevent a lot of accidental calls

  • Add role-based test profiles for normal user, admin, and anonymous access. Let the tester choose a token set without rebuilding the server

  • Add a small vulnerable API demo so readers can reproduce the setup safely: a buggy API spec and server that anyone can run locally

Final thoughts

FastMCP gives you a short path from an OpenAPI spec to usable MCP tools

Claude Code can then use those tools to build the first endpoint map and shortlist routes worth reviewing. That 3-hour manual mapping step drops to under 10 minutes. That time goes back to actual testing, not documentation parsing

Next post: AI-Assisted OpenAPI Pentest using Claude Code + FastMCP

Ready to apply AI to your Security Engineering?

Subscribe to Secengai Newsletter for weekly actionable content on AI for security engineers.

This content reflects personal views, experiments, and use cases in AI and security engineering. It does not represent any employer's positions, policies, or practices.

Keep Reading