Biolinky MCP & API

Manage your Biolinky with AI

Connect a compatible AI assistant or your own automation to Biolinky. You choose the page and permissions, and you can disconnect access at any time.

Streamable HTTP
https://biolinky.co/api/mcp

Compatible with:

CodexCodex
Claude CodeClaude Code
Hermes AgentHermes Agent
OpenClawOpenClaw

Connect in one prompt

Copy this and paste it into your agent

This tells your agent which endpoint, transport, and authentication header to configure. Replace the example key with a personal key from your Biolinky settings.

Ready-to-paste prompt
Set up Biolinky as a remote MCP server for this agent.

Server name: Biolinky
URL: https://biolinky.co/api/mcp
Transport: Streamable HTTP
Authentication header: Authorization: Bearer YOUR_BIOLINKY_API_KEY

Store the API key in this client's secure secret store, keychain, or an environment variable named BIOLINKY_API_KEY when supported. Never commit it to source control, write it to logs, or echo the full key back to me.

After setup, test the connection by listing the available Biolinky tools. Do not change my Biolinky page until I explicitly ask you to. If you cannot configure MCP servers directly, show me the exact secure command or configuration for this client instead.

The public example contains only a placeholder. Paste a completed prompt only into a trusted private agent, or use OAuth for hosted and third-party agents.

What an authorized assistant can do

Profile

Read and update your display name and bio without exposing account settings.

Links

Create, edit, reorder, archive, and restore links with conflict protection.

Socials

Manage social profile destinations while staying bound to your page.

Analytics

Read up to 30 days of analytics, with detail following your Biolinky plan.

Never exposed: billing, subscriptions, email, passwords, verification, plan controls, tracking pixels, or permanent deletion.

Recommended

Connect with OAuth

  1. 1. Add the MCP URL. Enter https://biolinky.co/api/mcp in a remote MCP client.
  2. 2. Sign in and review. Biolinky shows the client name, redirect destination, page, and requested permissions.
  3. 3. Approve only what you need. Read access is the default; management and analytics are opt-in.
  4. 4. Revoke anytime. Disconnect the client from your Biolinky settings to invalidate its sessions and refresh tokens.

Scripts and header-based clients

Use a personal API key

Create a page-bound key in your settings and send it only in the Authorization header. The full secret is shown once.

curl https://biolinky.co/api/v1/page \
  -H "Authorization: Bearer blky_live_…"

REST reference: OpenAPI 3.1 document

Safety by design

Access is narrow, visible, and reversible

  • OAuth 2.1 with PKCE and an explicit Biolinky consent screen
  • Page-bound credentials and object ownership checks on every operation
  • Read, write, and analytics permissions selected independently
  • One-time API-key display, expiry, rotation, and immediate revocation
  • Optimistic revisions to prevent an AI from overwriting newer edits
  • Archive and restore instead of permanent AI-initiated deletion
  • Tiered rate limits, request IDs, and metadata-only security auditing
Rate limits: Free accounts receive 30 requests/minute and 1,000/day. Pro accounts receive 120/minute and 10,000/day.