Model Context Protocol

Your workspace, as an MCP server.

Point Claude, Cursor, or VS Code at your tenant host. Sign in once, grant consent, and call tools that respect the same permissions you have in the app.

Shipped on supported plans · OAuth 2.1 · tenant-scoped

Tool modules

Native tools appear in tools/list. The long tail lives in the catalog: search_tools then execute_tool. Module scope can be narrowed per tenant.

Core

whoami, search_tools, execute_tool, apply_pending_action

Projects

list_projects, get_project_overview, statuses, custom fields, sprints, releases

Tasks

search, CRUD, comments, dependencies, bulk status, assign

Meetings & chat

list_meetings, get_meeting, search_messages

Documents & search

search_documents, semantic_search, catalog insights

Workforce & ops

my_work, leave balance, workspace_health, usage_report

Notifications

list, unread count, mark read (tenant-scoped)

Connect in four steps

  1. 01

    Open your workspace

    Sign in on your tenant host (subdomain or vanity slug). MCP is scoped to that organization.

  2. 02

    Copy the MCP URL

    Tenant → AI Agents shows https://{your-host}/mcp. Add it as a remote MCP server in Claude, Cursor, or VS Code.

  3. 03

    Sign in via OAuth

    The client opens your browser for OAuth 2.1. You pick which scopes to grant (read, and write if enabled).

  4. 04

    Call whoami first

    Ground the session: user, tenant, plan, remaining monthly tool budget, and whether writes are enabled.

What we enforce

Tenant isolation

Every tool call runs with your workspace tenant_id from the verified token. Cross-tenant IDs read as not_found.

Project permissions

Project-scoped tools reuse the same permission templates as the REST API. If you cannot edit a task in the UI, the agent cannot either.

Read by default

OAuth scope mcp:read is enough for native read tools. Writes are off until an owner enables mcp_write_enabled and you grant mcp:write.

Destructive preview

Archive, bulk status, delete comment, and similar tools return a preview token first. apply_pending_action executes after confirmation.

Consent & audit

Each MCP client gets an explicit consent row. Tool calls are metered and auditable from Tenant → AI Agents.

Plan gated

mcpAccess is an entitlement on supported plans. Caps (monthly tool calls, write rate) come from your subscription, not hardcoded in the UI.

Honest limits

We would rather under-promise than ship marketing fiction.

  • No public anonymous MCP endpoint: you need a workspace membership.
  • Writes are not enabled by default: tenant admins must opt in.
  • Headless service accounts ship in Phase 2 docs; check your plan and changelog for availability.
  • Every tool call is tenant-scoped, permission-checked, and metered against your plan.