Flux MCP

Live

OAUTH 2.1

IMAGE GENERATION

AI

Flux MCP gives agents authenticated access to FLUX image generation: render from text, batch variations, run virtual try-on, and track credits per user.

  • Per-user credentials: each call uses the actual user's token, never a shared bot.
  • Encrypted per-tenant vault: AES-256, resolved at request time, never in LLM context.
  • Scoped before every call: pre-call scope check, 90-day SIEM-exportable audit chain.
Flux MCP
agent · Acme Q3
Run
Generate 4 product shots of the ceramic mug on a linen background.
S
fluxmcp_generate_image
88ms
Flux agent
4 images submitted to FLUX in parallel. First render ready in 9s, seed 41022, 1024x1024. 2 free generations left in your pool.
Sources: 4 generations, 1 batch, rendered in parallel
fluxmcp
4 generations
18:29
Message Claude...

Tools your creative agent reaches for on Flux, scoped per user.

CALL ANY TOOL
Image generation end to end: submit renders, batch variations, dress subjects in reference garments, and track per-user credits.
fluxmcp_generate_image
Generate images
Submit one or more FLUX image generations from a text prompt, with optional reference images, and render up to 8 images in a parallel batch.
Parameters
Name
Type
Required
Description
requests
array
Required
List of image generation requests. Pass a single-item list for one image; pass multiple to generate a batch in one call (each entry is submitted to BFL in parallel and the iframe renders the results as a clickable grid). Cap is 8 entries per call.
fluxmcp_generate_variations
Generate variations
fluxmcp_vto
Virtual try-on
fluxmcp_get_history
Browse generation history
fluxmcp_get_credits
Check credits
fluxmcp_request_upload_url
Upload reference image
Build your Agent
Same auth pattern across LangChain, OpenAI, Anthropic, and Google ADK.
Python · LlamaIndex
import { ScalekitClient } from "@scalekit-sdk/node";
import { createReactAgent } from "@langchain/langgraph/prebuilt";

const sk = new ScalekitClient(env.SCALEKIT_ENV_URL, env.SCALEKIT_CLIENT_ID, env.SCALEKIT_CLIENT_SECRET);

// Flux tools scoped to this user
const { tools } = await sk.tools.listScopedTools("user_123", {
  filter: { connectionNames: ["fluxmcp"], toolNames: [
    "fluxmcp_generate_image",
    "fluxmcp_generate_variations",
    "fluxmcp_get_history"] },
  pageSize: 100,
});

const agent = createReactAgent({ llm, tools });
await agent.invoke({ messages: [{ role: "user", content: "Generate a hero image of a mountain cabin at dusk." }] });
import OpenAI from "openai";
import { ScalekitClient } from "@scalekit-sdk/node";

const sk = new ScalekitClient(env.SCALEKIT_ENV_URL, env.SCALEKIT_CLIENT_ID, env.SCALEKIT_CLIENT_SECRET);
const openai = new OpenAI();

const { tools } = await sk.tools.listScopedTools("user_123", {
  filter: { connectionNames: ["fluxmcp"] }, pageSize: 100,
});

const res = await openai.chat.completions.create({
  model: "gpt-5",
  messages: [{ role: "user", content: "Create 4 variations of my last generation." }],
  tools,
});

// Execute the tool call with the user's vaulted Flux credential
await sk.tools.executeTool(res.choices[0].message.tool_calls[0], "user_123");
import Anthropic from "@anthropic-ai/sdk";
import { ScalekitClient } from "@scalekit-sdk/node";

const sk = new ScalekitClient(env.SCALEKIT_ENV_URL, env.SCALEKIT_CLIENT_ID, env.SCALEKIT_CLIENT_SECRET);
const anthropic = new Anthropic();

const { tools } = await sk.tools.listScopedTools("user_123", {
  filter: { connectionNames: ["fluxmcp"] }, pageSize: 100,
});

const msg = await anthropic.messages.create({
  model: "claude-sonnet-5",
  max_tokens: 1024,
  messages: [{ role: "user", content: "Show my recent Flux generations." }],
  tools,
});

// Tool call runs with the user's vaulted Flux credential
await sk.tools.executeTool(msg.content, "user_123");
import { Agent } from "@google/adk/agents";
import { ScalekitClient } from "@scalekit-sdk/node";

const sk = new ScalekitClient(env.SCALEKIT_ENV_URL, env.SCALEKIT_CLIENT_ID, env.SCALEKIT_CLIENT_SECRET);

const { tools } = await sk.tools.listScopedTools("user_123", {
  filter: { connectionNames: ["fluxmcp"] }, pageSize: 100,
});

const agent = new Agent({
  name: "flux_image_agent",
  model: "gemini-2.5-pro",
  instruction: "Generate and manage Flux images for the signed-in user.",
  tools,
});

await agent.run("Generate a product shot on a plain white background.");
Try these prompts
Copy any prompt into your agent. Each maps directly to a Flux tool. Click to copy, paste into your agent, done.
Generate images
Copy the prompt
Copied
Generate a hero image of a mountain cabin at dusk, 16:9.
Copy the prompt
Copied
Create 4 product shots of the ceramic mug on linen, rendered in parallel.
Copy the prompt
Copied
Dress the model in image 1 in the denim jacket from image 2.
Iterate and vary
Copy the prompt
Copied
Give me 4 variations of my last generation, same direction.
Copy the prompt
Copied
Use my uploaded sketch as a reference for the next render.
Copy the prompt
Copied
Rerun the rooftop scene as a batch of 3 alternatives.
Library and credits
Copy the prompt
Copied
Show my recent generations as a grid.
Copy the prompt
Copied
How many free generations do I have left?
Copy the prompt
Copied
Pull up the prompt and seed for yesterday's renders.
SEE HOW AUTH WORKS
Your users connect once. Their Flux credentials stay vaulted, every call is scope-checked, and every action is logged.
1
Authorize
Your user connects
Flux MCP
once. We tie it to their identity and the meetings they approved — no shared bot account, no org-wide access
Who:
user ‘A’
when:
Once per user
access:
Limited to user
2
Store
Their
Flux MCP
token lives in a vault scoped to them. User A's meetings are never reachable by an agent acting for user B, even on the same connection
vault:
encrypted
scope:
per-user
tokens:
auto-refreshed
3
Resolve
When your agent calls a
Flux MCP
tool, we fetch the right token server-side. It never touches your agent, never appears in the LLM context, never shows up in your logs
speed:
~40ms
check:
before every call
seen by:
nobody
4
Audit
Every
Flux MCP
tool call is logged — who triggered it, which meeting was fetched, what came back. 90 days of history, tied to the user who authorized it
history:
90 days
export:
SIEM-ready
logged:
every call
Test other agents
See the same per-user auth pattern across other AI connectors.
No items found.
Why Scalekit
Secure your agent's access. Connectors ship in minutes
Other connector libraries treat auth as a demo afterthought. Scalekit starts with identity, scope enforcement, and audit. Connectors follow.
01.
Shared tokens break per-user analytics
A shared Flux token looks fine in a demo. In production every render bills one account, credits drain with no attribution, and you cannot tell who generated what. Scalekit resolves the credential of the actual user who triggered the agent, never a shared bot.
// shared token
audit → bot_service_account

// scalekit
audit → user_abc ✓
02.
Authentication is not authorization
03.
Multi-tenancy is architectural
04.
Flux today. Others tomorrow.
“Our agents act across Salesforce, Gong, Google Drive, and more, on behalf of every customer. Scalekit behind the scenes meant we can keep adding tools without ever rebuilding how credentials or tool calling work.”
Venu Madhav Kattagoni
Head of Engineering / Von
FAQs
Frequently Asked Questions
Does the agent access Flux as the user or through a shared key?
As the user. Scalekit resolves the credential of the person who triggered the agent at request time, so every generation, variation, and upload in your audit trail is attributed to a real user, not a shared service account.
Where is the Flux token stored?
In an AES-256 encrypted vault with per-tenant namespacing. Tokens are resolved at request time, never enter LLM context, refresh automatically, and can be revoked from one dashboard.
Can I limit what the agent does in Flux?
Yes. Filter by tool name in listScopedTools to expose only what you want, for example generation and history without uploads or virtual try-on. Scalekit also enforces scope checks before every API call.
What happens when a user revokes access?
The credential is invalidated at the next tool call. The call fails closed, other users' connections are unaffected, and the revocation is logged in the audit chain.
Who pays when an agent generates images, and how are credits tracked?
The connected user. Every generation runs on that user's own BFL balance: free welcome generations are consumed first, then paid credits. Because Scalekit resolves per-user credentials, one user's batch never drains a teammate's pool, and get_credits reports each balance separately.
Start in your coding agent
Up and running in one command
Install the Scalekit skill in your editor of choice. Connector, auth, tools, prompt, all wired up
Claude Code REPL
/plugin marketplace add scalekit-inc/claude-code-authstack
/plugin install agentkit@scalekit-auth-stack
Cursor Code REPL
# ~/.cursor/mcp.json
{
""mcpServers"": {
""fluxmcp"": {
""url"": ""https://mcp.scalekit.com/fluxmcp"",
""headers"": { ""Authorization"": ""Bearer $SCALEKIT_TOKEN"" }
}
}
}
Codex Code REPL
# ~/.codex/config.toml
[mcp_servers.fluxmcp]
url = ""https://mcp.scalekit.com/fluxmcp""
auth_env = ""SCALEKIT_TOKEN""
Copilot Code REPL
# .vscode/mcp.json
{
""servers"": {
""fluxmcp"": {
""url"": ""https://mcp.scalekit.com/fluxmcp"",
""type"": ""http""
}
}
}