MCP integration

1. Endpoint

https://bioops.app/api/public/mcp

2. OAuth discovery

RFC 8414 metadata document:

GET /.well-known/oauth-authorization-server

The MCP endpoint also returns WWW-Authenticate: Bearer with a pointer to discovery when called without a token, so most clients negotiate automatically.

3. Tools exposed

• list_data_sources

  Connected sources and current sync status.

• get_recent_metrics

  Time-series samples for a given metric (HR, HRV, sleep, steps, VO₂max).

• list_blood_panels

  All uploaded blood test panels.

• get_panel_biomarkers

  All biomarkers within a specific panel.

• get_biomarker_trend

  Longitudinal history for a single biomarker.

4. Claude Desktop config

{
  "mcpServers": {
    "bioops": {
      "url": "https://bioops.app/api/public/mcp"
    }
  }
}

On first use, Claude pops the BioOps consent screen in your browser. After you approve, the MCP server gets a scoped, revocable bearer token tied to your account.

5. Mobile ingestion (for the React Native app)

The companion app authenticates with the same Supabase session and posts batches to:

POST /api/public/ingest/health-metrics
Authorization: Bearer <supabase-access-token>
Content-Type: application/json

{
  "source_kind": "apple_health",
  "device_name": "iPhone 16 Pro",
  "metrics": [
    { "source_kind":"apple_health", "metric_type":"heart_rate", "value":62, "unit":"bpm", "sampled_at":"2026-06-14T07:00:00Z" }
  ]
}

Blood test PDFs (after parsing client-side or server-side):

POST /api/public/ingest/blood-test
Authorization: Bearer <supabase-access-token>

{
  "provider": "LabCorp",
  "collected_at": "2026-06-01T00:00:00Z",
  "biomarkers": [
    { "name":"ApoB", "value":78, "unit":"mg/dL", "ref_low":40, "ref_high":90, "status":"optimal" }
  ]
}