Ameniti Logo

API Endpoint Ownership Verification

Overview

This document verifies that Ameniti owns or controls all API endpoints that the MCP Server connects to, as required by Anthropic's MCP compliance requirements (Requirement 25).

Owned Domains and Endpoints

Primary Domain: ameniti.ai

✅ Owned and Controlled by Ameniti

Domain Registration Details:

  • Domain: ameniti.ai
  • Registrant: Ameniti, Inc
  • Administrative Contact: contact@ameniti.ai

Associated Endpoints:

  • https://booking.ameniti.ai/* - Primary booking API endpoints
  • https://hotel.ameniti.ai/* - MCP server endpoints
  • https://guarantee.ameniti.ai/* - Guarantee processing frontend
  • https://mcp-docs.ameniti.ai/* - Documentation

Secondary Domain: ameniti.net

✅ Owned and Controlled by Ameniti

Domain Registration Details:

  • Domain: ameniti.net
  • Registrant: Ameniti Inc.
  • Purpose: URL shortening service and CDN
  • Administrative Contact: contact@ameniti.ai

Associated Endpoints:

  • https://ameniti.net/admin_shrink_url - URL shortening service
  • https://ameniti.net/* - Shortened URL redirects

API Endpoints Used by MCP Server

1. MCP Server Endpoint

Production URL: https://hotel.ameniti.ai/mcp

Protocol: HTTP POST with MCP JSON-RPC format

Purpose: Remote MCP server for AI assistant integration

Ownership Verification:

  • ✅ Hosted on Ameniti-owned subdomain (hotel.ameniti.ai)
  • ✅ Secured with Ameniti SSL certificates
  • ✅ Managed by Ameniti development team
  • ✅ OAuth 2.1 authentication required for all tools
  • ✅ OAuth metadata endpoint publicly accessible
  • ✅ Server code maintained in Ameniti repositories

2. Backend Booking API Endpoints

Production URL: https://booking.ameniti.ai/api/v1

Purpose: Backend services for booking operations

Endpoints:

  • GET /bookings/price - Retrieve room pricing
  • POST /bookings/setup - Create booking reservations
  • POST /bookings/customer - Create customer records
  • POST /bookings/cancel/{reservationId} - Cancel reservations

Ownership Verification:

  • ✅ Hosted on Ameniti-owned infrastructure
  • ✅ Secured with Ameniti SSL certificates
  • ✅ Managed by Ameniti development team
  • ✅ Access controlled through OAuth 2.1 authentication
  • ✅ Database and business logic fully controlled by Ameniti

3. Booking Guarantee Setup Frontend

Production URL: https://guarantee.ameniti.ai

Purpose: Stripe interface for booking guarantee setup

Ownership Verification:

  • ✅ Hosted on Ameniti-controlled infrastructure
  • ✅ Secured with Ameniti SSL certificates
  • ✅ Integrated with Ameniti's Stripe account
  • ✅ Code maintained in Ameniti repositories
  • ✅ Guarantee flows fully controlled by Ameniti

4. URL Shortening Service

Endpoint: https://ameniti.net/admin_shrink_url

Purpose: Generate shortened guarantee URLs for improved user experience

Ownership Verification:

  • ✅ Hosted on Ameniti-owned domain (ameniti.net)
  • ✅ Custom implementation by Ameniti development team
  • ✅ Access controlled through Ameniti security measures
  • ✅ Logs and monitoring controlled by Ameniti
  • ✅ CDN and URL routing fully managed by Ameniti

Third-Party Services Integration

Stripe Payment Processing

Service: Stripe, Inc.

Relationship: Authorized payment processor

Integration Type: Official Stripe SDK integration

Verification:

  • ✅ Official Stripe account registered to Ameniti
  • ✅ Valid Stripe merchant agreement
  • ✅ Proper API keys and webhooks configuration
  • ✅ PCI DSS compliance through Stripe

Contact for Verification

For Anthropic verification requests:

  • Email: support@ameniti.ai
  • Subject Line: "MCP Endpoint Ownership Verification"
  • Response Time: 48 hours for verification requests