OpenEtradeMcp

An MCP (Model Context Protocol) server that exposes ETRADE API operations as tools for AI agents. This allows AI assistants like Claude and GitHub Copilot to interact with ETRADE's trading platform.

NuGet Packages

Package	Version	Downloads
OpenEtradeMcp
OpenEtradeMcp.Server

Features

• OAuth 1.0a Authentication: Interactive OAuth flow designed to work seamlessly with AI agents
• E*TRADE API Tools: Auto-generated tools from E*TRADE's OpenAPI specification
• Order Confirmation Safety Gate: Optional MCP elicitation-based confirmation for order placement, cancellation, and modification — prevents unintended trades by requiring explicit user approval via a native client dialog that the LLM cannot bypass
• Sandbox Support: Test safely with E*TRADE's sandbox environment
• Global Tool: Install as a .NET global tool for easy access

Prerequisites

• .NET 8.0/9.0/10.0 SDK
• E*TRADE Developer Account with API access
• Consumer Key and Consumer Secret from E*TRADE Developer Portal

Installation

As a .NET Global Tool

dotnet tool install --global OpenEtradeMcp.Server

From Source

git clone https://github.com/kerryjiang/OpenEtradeMcp.git
cd OpenEtradeMcp
dotnet build

Configuration

Environment Variables

export ETRADE_ConsumerKey="your-consumer-key"
export ETRADE_ConsumerSecret="your-consumer-secret"
export ETRADE_UseSandbox="true"  # Optional: use sandbox environment

Command Line Arguments

etrade-mcp --ConsumerKey=your-key --ConsumerSecret=your-secret --UseSandbox=true

Running the Server

Using the Global Tool

etrade-mcp

From Source

cd src/OpenEtradeMcp.Server
dotnet run

MCP Client Configuration

Claude Desktop

Add to your Claude Desktop config file:

macOS: ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "etrade": {
      "command": "/Users/{YourUserName}/.dotnet/tools/etrade-mcp",
      "env": {
        "ETRADE_ConsumerKey": "your-consumer-key",
        "ETRADE_ConsumerSecret": "your-consumer-secret",
        "ETRADE_UseSandbox": "true"
      }
    }
  }
}

Windows: %APPDATA%\Claude\claude_desktop_config.json

{
  "mcpServers": {
    "etrade": {
      "command": "C:\\\\Users\\{YourUserName}\\.dotnet\\tools\\etrade-mcp",
      "env": {
        "ETRADE_ConsumerKey": "your-consumer-key",
        "ETRADE_ConsumerSecret": "your-consumer-secret",
        "ETRADE_UseSandbox": "true"
      }
    }
  }
}

VS Code with GitHub Copilot

Configure in your VS Code MCP settings to use the etrade-mcp command with appropriate environment variables.

OAuth Authentication Flow

The server provides interactive OAuth tools that allow an AI agent to guide users through authentication:

1. Start OAuth (etrade_oauth_start)

Begins the authentication process and returns an authorization URL.

Agent: "I'll start the E*TRADE authentication process."
[Calls etrade_oauth_start]
Agent: "Please click this link to authorize: https://us.etrade.com/e/t/etws/authorize?..."

2. Complete OAuth (etrade_oauth_complete)

After the user authorizes and receives the verifier code:

User: "I got the code: ABC123"
Agent: "Great, let me complete the authentication."
[Calls etrade_oauth_complete with verifierCode="ABC123"]
Agent: "Authentication successful! You can now use E*TRADE API tools."

3. Additional OAuth Tools

• etrade_oauth_status - Check authentication status
• etrade_oauth_renew - Renew access token (tokens expire at midnight Eastern)
• etrade_oauth_revoke - Log out and revoke access token

Available Tools

OAuth Tools

Tool	Description
etrade_oauth_start	Start OAuth authentication flow
etrade_oauth_complete	Complete OAuth with verifier code
etrade_oauth_status	Check authentication status
etrade_oauth_renew	Renew access token
etrade_oauth_revoke	Revoke access token

E*TRADE API Tools

Tools are auto-generated from the E*TRADE OpenAPI specification and include:

• Account Management - List accounts, view account details
• Portfolio - View positions and holdings
• Orders - Place, preview, and manage orders
• Market Data - Get quotes, option chains, and market information
• Alerts - Manage price and trading alerts

Project Structure

OpenEtradeMcp/
├── src/
│   ├── OpenEtradeMcp/              # Core library with E*TRADE API definitions
│   │   └── etrade-api.yaml        # E*TRADE OpenAPI specification
│   └── OpenEtradeMcp.Server/       # MCP server executable
├── Directory.Build.props          # Shared build properties
├── Directory.Packages.props       # Centralized package management
└── OpenEtradeMcp.sln              # Solution file

Order Confirmation Safety Gate

When AI agents interact with brokerage accounts, a critical safety concern is preventing unintended order execution. The server includes an optional order confirmation feature that gates dangerous operations behind explicit user confirmation.

Enabling Order Confirmation

export ETRADE_EnableOrderConfirmation="true"

Or in your MCP client configuration:

{
  "mcpServers": {
    "etrade": {
      "command": "etrade-mcp",
      "env": {
        "ETRADE_ConsumerKey": "your-key",
        "ETRADE_ConsumerSecret": "your-secret",
        "ETRADE_EnableOrderConfirmation": "true"
      }
    }
  }
}

How It Works

When enabled, the following tools require explicit user confirmation before execution:

• placeOrder - New order placement
• cancelOrder - Order cancellation
• placeChangeOrder - Order modification

With MCP elicitation support (Claude Code 2.1.76+, and other clients that support elicitation/create):

The server sends a native confirmation dialog directly to the client. The user sees a form with full order details (symbol, action, quantity, price, account) and must check a confirmation box before the order executes. This is a mechanical gate — the LLM cannot bypass, intercept, or auto-confirm it.

For cancelOrder, the server automatically fetches the order details from E*TRADE so the user can see exactly what they are canceling (symbol, action, quantity, status).

Account identifiers are resolved to human-friendly display format (masked account number + description).

Without MCP elicitation support (fallback):

For clients that do not support MCP elicitation, the server uses a token-based fallback. The tool returns order details and a confirmation token. The AI agent is instructed to present the details to the user and, if confirmed, re-call the tool with the token. Note: this fallback relies on the AI agent to present the confirmation, which is a weaker guarantee than native elicitation.

Configuration Options

Environment Variable	Default	Description
ETRADE_EnableOrderConfirmation	false	Enable order confirmation gate. When false, all tools execute without confirmation (existing behavior).
ETRADE_GuardedTools	placeOrder,cancelOrder,placeChangeOrder	Comma-separated list of tool names that require confirmation.
ETRADE_ConfirmationTimeoutSeconds	300	How long (seconds) a fallback confirmation token remains valid.

Example Dialog

══════════════════════════════════════════
  ORDER PLACEMENT — CONFIRMATION REQUIRED
══════════════════════════════════════════

  account: ****1234 - Individual - (My Trading Acct) - [MARGIN]
  orderType: EQ
  order:
    priceType: MARKET
    orderTerm: GOOD_FOR_DAY
    instrument:
      orderAction: SELL_SHORT
      quantity: 50
      symbol: CPT

══════════════════════════════════════════
  Review details above. Check confirm box.
══════════════════════════════════════════

  > confirm: [ ]
      I have reviewed the order details and approve execution

  Accept    Decline

Security Notes

• Never commit credentials - Use environment variables for your consumer key/secret
• Memory-only tokens - Access tokens are stored in memory and not persisted to disk
• Use sandbox first - Test with sandbox environment before using production credentials
• Enable order confirmation - Set ETRADE_EnableOrderConfirmation=true to prevent unintended order execution by AI agents. This is strongly recommended for production use.

Troubleshooting

"OpenAPI spec file not found"

Ensure the etrade-api.yaml file is in the output directory. Rebuild the project.

"E*TRADE API credentials not provided"

Set the ConsumerKey and ConsumerSecret environment variables.

Authentication fails

• Verify your credentials are correct
• Ensure sandbox credentials are used with UseSandbox=true
• Check that the verifier code is entered correctly (no extra spaces)

License

This project is licensed under the Apache License 2.0 - see the LICENSE file for details.

Contributing

Contributions are welcome! Please feel free to submit a Pull Request.

Author

Kerry Jiang - GitHub