How do I install Paypay?

Paypay is a local plugin. Install it using npm package: paypay-mcp and add the generated configuration snippet to your AI app's MCP config file. Then restart your AI app.

What credentials does Paypay need?

Paypay requires the following credentials or environment variables: PAYPAY_API_KEY, PAYPAY_API_SECRET, PAYPAY_MERCHANT_ID, PAYPAY_ENV, PAYPAY_ENABLE_REFUNDS, PAYPAY_ENABLE_CANCELS, MCP_TRANSPORT, MCP_HTTP_PORT, MCP_HTTP_HOST, MCP_AUTH_TOKEN, MCP_HTTP_ALLOWED_ORIGINS. You can find setup instructions on the server detail page.

What AI apps work with Paypay?

Paypay uses the Model Context Protocol (MCP) and works with any MCP-compatible AI app, including Claude, ChatGPT / Codex, Gemini, Copilot, Cursor, and more.

Back to Browse

Paypay MCP Server

by User

Developer ToolsUse Caution4.8LocalNew

Free

MCP for PayPay (Japan's QR wallet): QR codes, payments, refunds, cancels. Bilingual JP/EN.

About

MCP for PayPay (Japan's QR wallet): QR codes, payments, refunds, cancels. Bilingual JP/EN.

Security Report

4.8

Use Caution4.8High Risk

This is a well-structured PayPay payment MCP server with proper authentication, reasonable permission scope, and thoughtful safety constraints. HTTP transport requires bearer token authentication and timing-safe comparison. The main finding is that environment-variable-based credential storage is standard practice but worth documenting explicitly for users. Tool descriptions are bilingual and input validation is handled via Zod schemas. The server appropriately gates destructive operations (refunds, cancellations) behind feature flags. Supply chain analysis found 2 known vulnerabilities in dependencies (2 critical, 0 high severity). Package verification found 1 issue.

7 files analyzed · 7 issues found

Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.

Permissions Required

This plugin requests these system permissions. Most are normal for its category.

env_vars

Check that this permission is expected for this type of plugin.

HTTP Network Access

Connects to external APIs or services over the internet.

process_spawn

Check that this permission is expected for this type of plugin.

What You'll Need

Set these up before or after installing:

yesOptional

Environment variable: PAYPAY_API_KEY

yesOptional

Environment variable: PAYPAY_API_SECRET

yesOptional

Environment variable: PAYPAY_MERCHANT_ID

noOptional

Environment variable: PAYPAY_ENV

noOptional

Environment variable: PAYPAY_ENABLE_REFUNDS

noOptional

Environment variable: PAYPAY_ENABLE_CANCELS

noOptional

Environment variable: MCP_TRANSPORT

noOptional

Environment variable: MCP_HTTP_PORT

noOptional

Environment variable: MCP_HTTP_HOST

noOptional

Environment variable: MCP_AUTH_TOKEN

noOptional

Environment variable: MCP_HTTP_ALLOWED_ORIGINS

How to Install

Add this to your MCP configuration file:

{
  "mcpServers": {
    "io-github-mrslbt-paypay-mcp": {
      "env": {
        "PAYPAY_ENV": "your-paypay-env-here",
        "MCP_HTTP_HOST": "your-mcp-http-host-here",
        "MCP_HTTP_PORT": "your-mcp-http-port-here",
        "MCP_TRANSPORT": "your-mcp-transport-here",
        "MCP_AUTH_TOKEN": "your-mcp-auth-token-here",
        "PAYPAY_API_KEY": "your-paypay-api-key-here",
        "PAYPAY_API_SECRET": "your-paypay-api-secret-here",
        "PAYPAY_MERCHANT_ID": "your-paypay-merchant-id-here",
        "PAYPAY_ENABLE_CANCELS": "your-paypay-enable-cancels-here",
        "PAYPAY_ENABLE_REFUNDS": "your-paypay-enable-refunds-here",
        "MCP_HTTP_ALLOWED_ORIGINS": "your-mcp-http-allowed-origins-here"
      },
      "args": [
        "-y",
        "paypay-mcp"
      ],
      "command": "npx"
    }
  }
}

Documentation

View on GitHub

From the project's GitHub README.

paypay-mcp

Model Context Protocol server for the PayPay Open Payment API.

Works with Claude Desktop, Claude Code, Cursor, Windsurf, Zed, ChatGPT Apps SDK, and any other MCP-compatible client. Tool descriptions are provided in English and Japanese.

Status

v0.1.x — production-capable, not yet battle-tested at scale.

The server runs cleanly against PayPay's production Open Payment API once PAYPAY_ENV=production is set with approved merchant credentials. It has not yet processed meaningful real-world volume. If you are routing real payments through it, pin the version and review the source first.

Tools

Tool	Description
`create_qr_code`	Create a dynamic PayPay QR code. Returns the payment URL, deeplink, and a rendered PNG.
`get_payment_details`	Fetch the current status of a payment.
`wait_for_payment`	Poll until a payment reaches a terminal state.
`delete_qr_code`	Invalidate a QR code before payment.
`refund_payment`	Full or partial refund. Disabled unless `PAYPAY_ENABLE_REFUNDS=true`.
`cancel_payment`	Cancel a payment when its state is unclear (timeout or error). Disabled unless `PAYPAY_ENABLE_CANCELS=true`.

Prompts

accept_single_payment, refund_last_payment, debug_stuck_payment.

Resources

URI	Description
`paypay://docs/opa-reference`	Endpoint map, auth scheme, and status vocabulary for the PayPay OPA API.
`paypay://docs/payment-states`	Payment lifecycle and the cancel-vs-refund decision rule.
`paypay://config/current`	Non-secret view of the active config (env, merchantId, baseUrl, transport).

Install

One-click:

Or via npm:

npm install -g paypay-mcp

Configuration

Credentials come from the PayPay Developer Dashboard.

Variable	Required	Description
`PAYPAY_API_KEY`	yes	OPA API Key ID
`PAYPAY_API_SECRET`	yes	OPA API Key Secret
`PAYPAY_MERCHANT_ID`	yes	Merchant ID
`PAYPAY_ENV`	no	`sandbox` (default) or `production`
`PAYPAY_ENABLE_REFUNDS`	no	Set to `true` to expose `refund_payment`. Disabled by default.
`PAYPAY_ENABLE_CANCELS`	no	Set to `true` to expose `cancel_payment`. Disabled by default.
`MCP_TRANSPORT`	no	`stdio` (default) or `http`
`MCP_HTTP_PORT`	no	Port when `MCP_TRANSPORT=http`. Default `3000`.
`MCP_HTTP_HOST`	no	Bind address. Default `127.0.0.1`. Public binds require `MCP_AUTH_TOKEN`.
`MCP_AUTH_TOKEN`	no	Bearer token required on inbound HTTP requests when set. Mandatory for non-loopback binds.
`MCP_HTTP_ALLOWED_ORIGINS`	no	Comma-separated CORS allowlist. Default: none.

Claude Desktop

Edit ~/Library/Application Support/Claude/claude_desktop_config.json:

{
  "mcpServers": {
    "paypay": {
      "command": "npx",
      "args": ["-y", "paypay-mcp"],
      "env": {
        "PAYPAY_API_KEY": "a_...",
        "PAYPAY_API_SECRET": "...",
        "PAYPAY_MERCHANT_ID": "...",
        "PAYPAY_ENV": "sandbox"
      }
    }
  }
}

Claude Code

claude mcp add paypay -e PAYPAY_API_KEY=... -e PAYPAY_API_SECRET=... -e PAYPAY_MERCHANT_ID=... -- npx -y paypay-mcp

Cursor

Add to ~/.cursor/mcp.json with the same shape as Claude Desktop.

Remote hosting

Run in HTTP mode. Public binds require MCP_AUTH_TOKEN; the server refuses to start otherwise.

MCP_TRANSPORT=http \
  MCP_HTTP_HOST=0.0.0.0 \
  MCP_AUTH_TOKEN="$(openssl rand -hex 32)" \
  MCP_HTTP_ALLOWED_ORIGINS="https://claude.ai,https://your-app.example.com" \
  PAYPAY_ENV=sandbox \
  PAYPAY_API_KEY=... PAYPAY_API_SECRET=... PAYPAY_MERCHANT_ID=... \
  npx paypay-mcp

Endpoint: POST http(s)://<host>:3000/mcp (Streamable HTTP transport). Clients send Authorization: Bearer <MCP_AUTH_TOKEN>. CORS is closed by default.

For local testing the auth token can be omitted; the server binds to 127.0.0.1 and only accepts loopback connections.

Environments

Sandbox is the default. Production requires PayPay merchant onboarding (business verification and a contract) and must be enabled by explicitly setting PAYPAY_ENV=production.

Constraints

Amounts are integer JPY.
A payment can be canceled until 00:14:59 JST the day after the payment attempt. After that, use a refund.
A single order can receive multiple partial refunds, each with a unique merchantRefundId, up to the merchant-configured cap.
TLS 1.2+ required (Node 20+).

Development

git clone https://github.com/mrslbt/paypay-mcp.git
cd paypay-mcp
npm install
cp .env.example .env
npm run dev
npm test
npm run smoke
npm run build

Roadmap

v0.2: PreAuth + Capture, ContinuousPayments, DirectDebit, AccountLink QR, webhook signature verification, reconciliation tools.

v0.3: Native Payment (App Invoke + user JWT auth), Visa-partnership endpoints, OpenTelemetry tracing.

Safety

This server can move real money through the PayPay OPA API. Key safeguards:

Refund and cancel tools are disabled by default. refund_payment and cancel_payment are only registered when PAYPAY_ENABLE_REFUNDS=true or PAYPAY_ENABLE_CANCELS=true. Only enable them in trusted agent contexts where tool inputs cannot be influenced by untrusted content.
Sandbox is the default. Production requires an explicit PAYPAY_ENV=production, plus completed PayPay merchant onboarding. Always test against sandbox first.
Unique merchantPaymentId and merchantRefundId per call. PayPay deduplicates by these IDs, so reusing one will either fail or target an older payment. Generate a fresh ID for each new payment or refund.

Even with these gates on, review any money-moving request before approving the tool call. Treat tool inputs derived from model output as untrusted.

Disclaimer

This is an unofficial, community-built MCP server. Not affiliated with, endorsed by, or sponsored by PayPay Corporation. PayPay is a registered trademark of its respective owners. Use at your own risk. The author accepts no liability for funds lost through misuse, prompt injection, or bugs.