SandboxAQ MCP Server

TM
TJ Mustard
Updated March 2026

In this article

  1. Overview
  2. What is the SandboxAQ MCP Server?
  3. How It Works
  4. Prerequisites
  5. Using the SandboxAQ MCP Server
  6. Available Tools
  7. Usage Examples
  8. Limits & Quotas
  9. Pricing
  10. Troubleshooting
  11. Permissions & Security
  12. Privacy & Data
  13. Support

Overview

The Model Context Protocol (MCP) allows SandboxAQ to connect securely with large language models (LLMs) and AI assistants, enabling scientists and engineers to run high-accuracy molecular calculations conversationally and receive structured, traceable scientific results.

The SandboxAQ MCP Server exposes SandboxAQ's proprietary scientific AI models as callable tools within Claude and other MCP-compatible clients. This enables R&D teams to integrate molecular simulation directly into their existing AI-driven workflows without managing compute infrastructure.

What is the SandboxAQ MCP Server?

The SandboxAQ MCP Server is a standardized, managed connection framework that lets AI chat applications securely invoke SandboxAQ's proprietary scientific tools.

Through the MCP, users and agents can:

  • Ask questions about molecular systems using natural language (e.g., "What is the most stable binding site for N₂ on a Co-Ni surface?").
  • Retrieve structured scientific results — binding energies and relaxed geometries — formatted for immediate use in LLM reasoning.
  • Run complex multi-step adsorption workflows without writing code or managing GPU infrastructure.
  • Integrate SandboxAQ model outputs with other data sources, notebooks, or agentic pipelines.

The SandboxAQ MCP Server enables all model access to happens under SandboxAQ's security, authentication, and audit controls. No model weights or proprietary data are exposed externally.

How It Works

When a user submits an actionable query for the applicable SandboxAQ model through an LLM connected to the SandboxAQ MCP Server (for example, "Calculate the adsorption energy of CO on a copper 111 surface"), the MCP:

  1. Parses the natural language input and maps it to the appropriate tool (aqcat).
  2. Validates the request parameters and verifies the user's OAuth session.
  3. Executes the calculation on SandboxAQ's managed GPU infrastructure using the AQCat Adsorption Spin model.
  4. Returns a structured JSON response — including binding energies, relaxed structures, and metadata — to the LLM.
  5. The LLM incorporates the scientific result into its response, answer, or downstream reasoning.

The entire compute lifecycle happens on SandboxAQ infrastructure. Customer molecular inputs are not stored after inference completes.

Prerequisites

To access the SandboxAQ MCP Server through a compatible client, the following must be in place:

  • An active SandboxAQ enterprise account with MCP access enabled.
  • SSO configured for your organization via your identity provider (OAuth 2.0).
  • A supported MCP client: Claude Desktop, Claude.ai (Pro or Enterprise), or any MCP-compatible application.

Note: Access is available to enterprise customers only. Contact mcp-prod@sandboxaq.com to begin onboarding. SandboxAQ will configure SSO for your organization.

Using the SandboxAQ MCP Server

The SandboxAQ MCP Server can be used by any AI agent or LLM that supports the Model Context Protocol. This enables researchers, developers, and enterprise teams to invoke SandboxAQ's scientific AI models directly within their existing AI workflows while maintaining security and IP protection.

Example Scenarios

  • LLM-Driven Research Assistant: Connect Claude to the SandboxAQ MCP Server to answer questions like "Which platinum surface facet binds hydrogen most weakly?" without any manual setup.
  • Internal Copilot Integration: Embed the SandboxAQ MCP Server into another internal agent to enable scientific planning and post-analysis of adsorption workflows.
  • Third-Party AI Platform: Integrate SandboxAQ model inference into another MCP-based AI platform under your organization's governance controls.

Setup Overview

  1. Request Access: The SandboxAQ MCP Server is available to enterprise customers. Contact mcp-prod@sandboxaq.com — SandboxAQ will configure SSO for your organization and provide your server URL.
  2. Configure Your MCP Client: Follow the client-specific instructions below to add your server URL.
  3. Enter Your MCP URL: Your tenant-specific server URL will be provided during onboarding and follows the pattern: https://mcp.{tenant}.aisim.sandboxaq.com
  4. Authenticate: Your MCP client will open a browser window to complete sign-in via your organization's SSO provider (OAuth 2.0). No API key or password is required.
  5. Verify Connection: Once connected, ask Claude: "What tools does the SandboxAQ MCP Server provide?" — Claude should list the available tools and their descriptions.
  6. Run Your First Query: Use any of the example prompts in the Usage Examples section below.

Claude.ai (Remote MCP)

Navigate to Settings → Connectors → Add Custom Connector and enter your tenant-specific server URL. Select OAuth as the authentication method and complete sign-in via your organization's SSO provider when prompted.

Availability in Other MCP Clients

The SandboxAQ MCP Server is compatible with any client that supports the Model Context Protocol over Streamable HTTP transport — including Claude Code, Gemini CLI, and other third-party MCP-compatible tools. Point your client at your tenant-specific server URL and authenticate via OAuth when prompted.

Available Tools

The SandboxAQ MCP Server currently exposes one tool — aqcat — a read-only inference operation that performs no writes, modifications, or external side effects. Full parameter reference and schemas are documented on the AQCat Adsorption Spin page.

Tool Description
aqcat Fully automated dense adsorption geometry optimization. Returns the lowest-energy relaxed structure and binding energy for a given bulk material, adsorbate, and crystal facet.

Usage Examples

The following examples show realistic prompts you can use when the SandboxAQ MCP Server is connected to Claude, along with expected outputs.

1
Find the most stable N₂ adsorption site on a Co-Ni alloy
User Prompt
“What is the lowest binding energy configuration for N₂ adsorbing on a cobalt-nickel 111 surface?”
What Claude Does

Calls aqcat with bulk_composition_contains: "Co-Ni", adsorbates: ["*N2"], facets: [[1,1,1]]. Evaluates 5 placements and returns the global minimum.

Expected Output
The most stable adsorption configuration for N₂ on the Co-Ni (111) surface has a binding energy of −16.43 eV (mp-30 bulk reference, 68 steps). Nitrogen binds in an atop site with the N-N axis perpendicular to the surface. The full relaxed XYZ geometry is included in the detailed results.
2
Screen CO adsorption on a copper 110 surface
User Prompt
“I'm studying CO oxidation catalysis. What is the most favorable adsorption geometry for CO on a copper 110 surface?”
What Claude Does

Calls aqcat with bulk_composition_contains: "Cu", adsorbates: ["*CO"], facets: [[1,1,0]]. Automatically selects the lowest-energy copper bulk from the internal database.

Expected Output
The bridge site between two Cu atoms is the most stable configuration on Cu(110), with a binding energy of −0.72 eV. 4 of 5 placements converged within 100 steps. The C-O bond is nearly perpendicular to the surface, consistent with experimental Cu(110) literature.
3
Compare hydrogen adsorption across iron surface facets
User Prompt
“For hydrogen evolution research, which iron surface — (100), (110), or (111) — binds atomic hydrogen most strongly? Run all three and compare.”
What Claude Does

Makes three sequential calls to aqcat, one per facet, each with bulk_composition_contains: "Fe" and adsorbates: ["*H"]. Compiles results into a comparison table.

Expected Output
AQCat Adsorption Spin H adsorption results for Fe:

Fe(100): −2.91 eV — hollow site (strongest binding)
Fe(110): −2.74 eV — quasi-threefold hollow
Fe(111): −2.58 eV — bridge site

Fe(100) shows the strongest H binding and is the most active candidate for hydrogen evolution. Recommend Fe(100) for further DFT validation via the Vertex AI container.

Limits & Quotas

The following limits apply to all requests on the MCP endpoint. These are enforced server-side.

Limit Value
Bulks per request 1
Adsorbates per request 1
Facets per request 1
Placements per call 5 (hard cap)
Max optimization steps 100 per placement / 500 total
Target latency <15s per call / <2 min total
Max response tokens 25,000

Pricing

The SandboxAQ MCP Server uses a per-Relaxation Unit (RU) billing model. One RU represents a single bulk–facet–adsorbate computation up to the maximum step limit.

Tool Billing Unit Notes
aqcat Per Relaxation Unit (RU) 1 RU = 1 bulk × 1 facet × 1 adsorbate, ≤500 total steps. Pricing on request.

Detailed usage logs (timestamp, organization, molecule count, compute duration) are available upon request for billing reconciliation.

For enterprise accounts and volume pricing, contact mcp-prod@sandboxaq.com.

Troubleshooting

Troubleshoot connection issues

If you're having trouble connecting to a service, try these steps:

  1. Check that you have a stable internet connection.
  2. Verify you have the right SandboxAQ-provided MCP URL.
  3. Review any permissions or account type requirements for the service.
  4. If authentication fails, try disconnecting and reconnecting from Settings → Connectors → Add Custom Connector.

If the issue persists, contact mcp-support@sandboxaq.com.

Permissions & Security

MCP queries run on behalf of the authenticated user, verified via SSO. All compute runs on SandboxAQ-managed infrastructure — model weights are not transmitted to or accessible by end users.

  • IP Protection: Model weights are encrypted and not exposed via the MCP interface. All inference occurs within SandboxAQ's secure compute environment.
  • SSO & OAuth 2.0: Authentication is handled entirely through your organization's identity provider. No API keys or passwords are issued or stored.
  • Organizational Isolation: Each organization's requests and usage data are isolated to prevent cross-organization data access.
  • Enterprise VPC: High-security enterprise clients may request deployment of the AQCat inference stack within their own VPC, providing zero-data-egress capabilities.
  • No AI Training: SandboxAQ does not use your molecular inputs, prompts, or results to train or fine-tune any model.

Privacy & Data

SandboxAQ does not store your specific inputs — composition strings and SMILES — after the inference call completes. The MCP server does not log any conversation context or LLM prompts.

SandboxAQ does collect anonymous telemetric metadata to improve customer experience. This includes aggregate statistics such as common element types queried and frequency of input validation failures.

See the SandboxAQ Privacy Policy and SandboxAQ MCP Server Data Processing Addendum for full details.

Support

SandboxAQ will use commercially reasonable efforts to meet or exceed an uptime of 99.9% for Hosted Services.

Support Hours

Support Type Hours
Application Support 8:00 a.m. – 8:00 p.m. Eastern Time, Monday through Friday, excluding SandboxAQ holidays
Technical Support 8:00 a.m. – 8:00 p.m. Eastern Time, Monday through Friday, excluding SandboxAQ holidays

Severity & First-Response Targets

Class Severity Description First-Response Target
A Emergency Software or Hosted Services completely inaccessible 4 hours
B Urgent Material degradation in performance 1 business day
C Non-urgent Non-critical degradation 12 business days

Response time is measured from the customer's first report of an identified performance issue to the provision of a plan for resolution by a SandboxAQ technical contact.

Updates

Bug fixes and point releases are included at no additional charge when generally made available to other customers.