Vaibhav

May 29, 2026

(1 votes)

Introducing the Optimizely MCP Server: AI That Speaks Commerce Part-II

— Part 2 · Build Update · B2B Commerce

From conversation to completed transaction.

Part 1 gave AI the ability to speak commerce. The latest release of the Optimizely MCP Server lets it complete commerce the entire B2B buyer journey, from first question to placed order, now runs inside a chat.

● 34 tools live 6 functional domains Claude · ChatGPT · Copilots Optimizely / Insite B2B Commerce

34 tools

Standardized commerce actions any AI can call

↑ from 8 in Part 1

~2,600 ops

Underlying Insite API operations reachable via meta-discovery

3 OpenAPI specs indexed

1 protocol

One MCP surface serves every AI assistant & copilot

No per-channel rebuild

Watch the Optimizely MCP Server in action — live demo with Microsoft-Copilot

— What changed

Eight tools became thirty-four. Browsing became buying.

The first release proved AI could understand a B2B catalog. This one closes the loop: authenticate the buyer, manage the cart, take payment, submit the order, track it afterward and even plug into the procurement systems enterprises already buy through.

Part 1 — May 2026

AI that speaks commerce

Catalog search & product detail
Pricing & inventory lookups
Read-only discovery
8 tools, browse-focused

→

Part 2 — This release

AI that acts within commerce

Full cart lifecycle & conversational checkout
Passwordless OTP login & BillTo / ShipTo switching
Order submission, status & history
PunchOut procurement + meta-discovery over 2,600 ops

— The buyer journey, end-to-end

Every step a buyer takes — now a tool the AI can call.

A single request like “order ten cases of SKU-9988 and check out with my saved card” fans out into this sequence. Each stop carries real business value.

01 Discover search_insite_products Fewer clicks to find. Contract pricing, stock & images surface in chat.	02 Build cart add_insite_product_to_cart No lost context. Cart persists across turns automatically.	03 Authenticate verify_insite_otp_login Passwordless & safe. Email OTP — the AI never sees a password.
04 Pay set_payment Out of PCI scope. No card number.	05 Submit submit_insite_order Order in seconds. Validated, placed, order number read back.	06 Track get_insite_order_status Fewer support calls. Status & tracking on demand.

— The tool catalog

Six domains. One job each. Real value behind every group.

Tools are grouped by what a buyer is trying to do, and every group can be switched on or off individually through an admin allow-list, so exposure expands only as fast as trust does.

🔎

META · 8

API Discovery & Introspection

The agent's table of contents over ~2,600 operations.

list_apislist_tagssearch_endpointsdescribe_endpointcall_endpointmcp_diagnosediscover_live_openapiresolve_commerce_endpoint

VALUE Future-proof. Anything the curated tools don't cover stays reachable, including custom storefront endpoints discovered live, with no redeploy.

🗂️	CATALOG + CHATGPT · 4

Product Search & Detail

Native B2B-rich tools + ChatGPT-shaped aliases.

search_insite_productsget_insite_product_detailssearchfetch

VALUE Works with any AI. The same search logic ships in OpenAI's data-app shape and the native MCP shape, Claude, ChatGPT, or a custom copilot, no rebuild.

🛒

CART · 8

Full Shopping-Cart Lifecycle

Add, update, remove, clear, inspect promotions.

view_insite_cartadd_insite_product_to_cartupdate_insite_cartdelete_insite_cart_lineclear_insite_cartinspect_insite_promotionsview_cartadd_to_cart

VALUE Anonymous to check out. Buyers build a cart with zero friction; the agent only asks for login when an order is actually placed.

✅

ORDER · 4

Checkout, Status & History

Two-step pay-and-submit, plus tracking after.

set_credit_card_paymentsubmit_insite_orderget_insite_order_statusview_insite_order_history

VALUE Hours to seconds. Reorders, status checks, and history that used to mean a support ticket now resolve inside the conversation.

🔐	AUTH / SESSION · 6

Secure B2B Identity

OTP login, token management, account switching.

request_insite_login_otpverify_insite_otp_loginlogout_insite_userchange_insite_customerget_oauth_tokenrequest_insite_oauth_token

VALUE Built for real B2B. Passwordless login by design, and one buyer can switch between multiple BillTo / ShipTo accounts mid-conversation.

🔗	PUNCHOUT · 4

Procurement-System Buyer Flow

cXML PunchOut into the systems buyers already use.

start_insite_punchout_sessionview_insite_punchout_sessionsubmit_insite_punchout_requisitioncancel_insite_punchout

VALUE Meet enterprise where it buys. Ariba, Coupa, JAGGAER & Oracle buyers punch out, build a requisition by chat, and return it pre-populated.

— Spotlight · New in this release

Passwordless login the AI can't abuse.

Letting an assistant place orders means letting it act as the buyer, so authentication had to be safe by construction. The new OTP backend makes the AI a courier for a code, never a holder of a password.

📧

STEP 01

Request

The AI calls request_insite_login_otp. A one-time code is emailed straight to the buyer.

📨

STEP 02

Buyer receives

The code lands in the buyer's inbox — out of band. The assistant never sees it generated.

🔑

STEP 03

Verify

Buyer reads the code back; verify_insite_otp_login exchanges it for a session token.

🔒

STEP 04

Act as buyer

Every later tool call runs as the authenticated user — with their pricing, history & permissions.

● No password grant exposed

The password-login path exists in code but is deliberately never registered — an assistant cannot prompt for or transmit a raw password.

● Per-session isolation

Every MCP client gets its own cookie jar & token cache, keyed by an opaque session GUID. Login state never leaks between users.

● No raw card data

Payment accepts a Spreedly token only. The agent never receives a primary account number — keeping it out of PCI scope.

The future of B2B commerce isn't a better checkout. It's no checkout screen at all, just intent, understood, and executed.

— Multi-channel reach

Build it once. Every assistant can use it.

Because the agent speaks one open standard, JSON-RPC 2.0 over MCP, the same backend serves every host on the market. ChatGPT connectors even get tools shaped to OpenAI's exact contract, with no separate codebase.

◆

Claude

Desktop / claude.ai

◇

ChatGPT

search · fetch · cart

◈

Copilots

Enterprise bots

▣

Spire SSR

Storefront agent

⬡

Procurement

PunchOut buyers

— Under the hood

Five clean layers, one job each.

AI hosts on the left, the live Optimizely / Insite backend on the right — and a thin, isolated agent in between that never stores customer payment data itself.

MCP Agent high-level architecture diagram — MCP clients, transport and protocol layer, 34-tool catalog, services and specs, and the Optimizely / Insite B2B commerce backend

Fig. 1 — MCP Agent high-level architecture: clients → transport & protocol → 34-tool catalog → services & specs → Optimizely / Insite backend.

— Why it matters

The business case, in four lines.

Faster time-to-order

The catalog, cart and checkout that already power the website become AI-callable on day one, no rebuild, no rip-and-replace.

Fewer support escalations

Order status, reorders, and history resolve in conversation instead of routing to a human rep.

Multi-channel by default

One MCP surface reaches Claude, ChatGPT, internal copilots, and procurement systems engineering effort is spent once.

Controlled, low-risk rollout

An admin allow-list governs exactly which tools are live; new tools default to off, so trust is earned domain by domain.

Bring transaction-grade AI to your commerce stack.

Connect Optimizely to Claude, ChatGPT and your own copilots in minutes. One protocol, 34 tools, the full B2B journey no custom integration required.

Read Part 1