MCP Integrations

mcp (model context protocol) integrations connect the assistant to external systems such as oauth providers or your own custom mcp servers after connecting an integration, you configure which of its tools are enabled and whether the assistant must request approval before running any of them connected integrations the connected integrations section lists all integrations you have already configured for each integration, you can see its display name, whether it is scoped privately to your account or shared across the workspace, and its current connection status a status of error indicates the integration requires attention use the validate button to re test the connection, or the menu to edit or remove the integration if you see a reconnect required status , the integration’s authorization has expired and needs to be refreshed click the validate or reconnect option to re authenticate available integrations the available integrations section lists pre built connectors you can activate click connect next to any provider to begin the connection flow connecting a custom mcp server to connect an mcp server that is not listed among the available providers, click connect custom server in the top right corner this opens the connect custom mcp server dialog where you configure the following integration name a friendly label for the integration mcp server url the publicly accessible endpoint for your mcp server this field is only required when connecting a custom server; for managed oauth providers, it is pre filled headers (optional) additional http headers to be sent with every mcp request use this for api key or token based authentication, tenant or workspace routing, or any other custom metadata the server requires private when enabled, only you can use the integration when disabled, it is shared across the workspace keep integrations private for personal credentials, testing environments, or dev and staging connections, and share them when they are organization managed and intended for the whole team enable integration the master on/off switch for the integration disable it during incidents, provider outages, security reviews, or when you want to deprecate the integration without permanently deleting it agent access select which agents are permitted to use this integration you must choose at least one the available options are kloudmate assistant , kloudmate builder , and kloudmate investigator narrow the scope for sensitive or high impact integrations where only specific agents should have access after completing the form, click connect to save the integration tool level settings after connecting an integration, you can configure each of its individual tools for every tool exposed by the integration, you can control two things enabled determines whether the assistant is allowed to call the tool at all disable individual tools you do not need to reduce the assistant’s scope of action approval mode determines whether the assistant must ask for confirmation before running the tool setting it to default uses the platform’s built in behavior setting it to ask before run requires the assistant to confirm with you every time it wants to invoke the tool setting it to auto approve allows the tool to run without any confirmation prompt tools may also carry labels that hint at their behavior a read label indicates the tool is intended to be read only and carries lower risk a write label indicates the tool may perform destructive or state changing actions and should be used with care when deciding on approval mode, it is advisable to apply stricter settings such as ask before run for write tools and for any tool with access to sensitive or production systems