Configure Heed as an MCP (Model Context Protocol) server so that Claude Code, Cursor, and other MCP clients can request human approval natively. No custom code required — just a config entry.
| Requirement | Details |
|---|---|
| Heed API Key | Get one free at heed.run/signup — looks like hd_live_... or hd_test_... |
| Python | 3.10 or later |
| Claude Code | Latest version with MCP support enabled |
heed-mcp | Heed's MCP server: pip install heed-mcp |
The MCP server handles polling and webhooks for you — your agent just calls request_approval and gets back a decision.
pip install heed-mcp
Or run without installing: uvx heed-mcp (after publishing to PyPI).
export HEED_API_KEY="hd_live_your_key_here"
Open your Claude Code settings and add the heed server:
{
"mcpServers": {
"heed": {
"command": "heed-mcp",
"env": {
"HEED_API_KEY": "hd_live_your_key_here",
"HEED_BASE_URL": "https://heed.run"
}
}
}
}
curl -X POST https://heed.run/api/v1/hitl/policies \
-H "Content-Type: application/json" \
-H "X-API-Key: $HEED_API_KEY" \
-d '{
"name": "gate-destructive",
"description": "Require approval for destructive actions",
"rules": [
{
"action": "delete_record",
"requires_approval": true
},
{
"action": "send_email",
"requires_approval": true
}
],
"is_active": true
}'
Instruct Claude to request approval before consequential actions. It will call the request_approval tool automatically.
Edit your MCP settings file. The location depends on your OS:
~/.claude/claude_desktop_config.json~/.config/claude/claude_desktop_config.json{
"mcpServers": {
"heed": {
"command": "heed-mcp",
"env": {
"HEED_API_KEY": "hd_live_your_key_here",
"HEED_BASE_URL": "https://heed.run"
}
}
}
}
Open Cursor Settings → MCP → Add new server. Use the same config format, or edit .cursor/mcp.json in your project:
{
"mcpServers": {
"heed": {
"command": "heed-mcp",
"env": {
"HEED_API_KEY": "hd_live_your_key_here",
"HEED_BASE_URL": "https://heed.run"
}
}
}
}
Any MCP-compatible client that supports stdio transport can use Heed. The config format is the same — specify heed-mcp as the command and provide the HEED_API_KEY and HEED_BASE_URL environment variables.
{
"mcpServers": {
"heed": {
"command": "heed-mcp",
"args": [],
"env": {
"HEED_API_KEY": "hd_live_your_key_here",
"HEED_BASE_URL": "https://heed.run"
}
}
}
}
Heed exposes a single MCP tool:
request_approvalSubmits an approval request to Heed. If a policy gates the action, the server polls until a human decides. Returns the decision.
| Parameter | Type | Description |
|---|---|---|
action | string | The action being gated (e.g. "send_email", "delete_record") |
summary | string | Human-readable description of what the agent is about to do |
context | string | JSON string with relevant details (amounts, IDs, recipients, etc.) |
Returns: "approved" or "rejected"
Here's what it looks like when Claude Code uses Heed to gate a destructive action:
DELETE FROM records WHERE created_at < '2024-01-01'While the request is pending, the MCP server blocks the tool call. Claude will wait until a decision is made. Make sure a human is monitoring the dashboard or has notification webhooks set up.
Without a policy, all actions auto-approve. To gate actions, create a policy with rules that match:
curl -X POST https://heed.run/api/v1/hitl/policies \
-H "Content-Type: application/json" \
-H "X-API-Key: hd_live_your_key" \
-d '{
"name": "gate-destructive",
"description": "Require approval for destructive or external-facing actions",
"rules": [
{
"action": "delete_record",
"requires_approval": true
},
{
"action": "send_email",
"requires_approval": true
},
{
"action": "modify_schema",
"requires_approval": true
}
],
"is_active": true
}'
Manage policies from the Policies dashboard or via the API.
Add these instructions to your Claude Code system prompt or CLAUDE.md to ensure it always requests approval:
# Human-in-the-Loop Policy
Before executing any of the following actions, you MUST call the
`request_approval` tool and wait for the result:
- Deleting records from production databases
- Sending emails to external recipients
- Modifying database schema (migrations)
- Deploying to production
- Making payments or refunds
If `request_approval` returns "rejected", do NOT proceed.
Explain to the user that the action was not approved.
| Variable | Required | Default | Description |
|---|---|---|---|
HEED_API_KEY | Yes | — | Your Heed API key (hd_live_... or hd_test_...) |
HEED_BASE_URL | No | https://heed.run | Base URL of the Heed API (change for self-hosted) |
HEED_POLL_INTERVAL | No | 3 | Seconds between poll requests |
HEED_MAX_POLL_WAIT | No | 300 | Maximum seconds to wait for a decision |