Skip to main content
The Integrate.io MCP server exposes a Model Context Protocol (MCP) endpoint that AI assistants such as Claude, ChatGPT, OpenAI Codex, or the MCP Inspector can call to inspect and act on your account. Assistants connect over JSON-RPC 2.0 and use a curated set of tools to list workspaces, list packages, inspect runs, search resources, validate pipelines, preview database data, and (with explicit mutating tools) clone packages, edit components, manage schedules, and run jobs. Credentials, TLS certificates, and SSL keys are never returned.

Verified clients

These are the clients we have set up and verified, with step-by-step instructions below. They are not the only ones that work: any MCP-capable client can connect (see Any other MCP client).
ClientTransportAuth methodBridge required?
Claude Desktopstdio (via mcp-remote)Bearer tokenYes - mcp-remote
Claude CodeStreamable HTTP (native)OAuth (browser sign-in) or Bearer tokenNo
Claude.ai webStreamable HTTP (native)OAuth (browser sign-in)No
ChatGPT (custom connector)Streamable HTTP (native)OAuth (browser sign-in)No
OpenAI Codexstdio (via mcp-remote)Bearer tokenYes - mcp-remote
Cursorstdio (via mcp-remote)Bearer tokenYes - mcp-remote
MCP Inspector (debugging tool)Streamable HTTP (native)Bearer tokenNo
MCP Inspector is not an AI assistant. It is a debugging tool from the MCP project team (npx @modelcontextprotocol/inspector) that opens a local UI for listing and calling tools directly. Use it to confirm the endpoint works before wiring up a real assistant.
Claude.ai web supports custom connectors: go to Settings → Connectors, click Add custom connector, enter the endpoint URL, and authorize with OAuth. It is available on the free, Pro, Max, Team, and Enterprise plans (free accounts are limited to one custom connector). Like every Claude client, claude.ai connects from Anthropic’s cloud rather than from your device, so the endpoint must be reachable over the public internet (the production URL is).
Two ways to authenticate. Clients that support OAuth (such as Claude Code, claude.ai web, or a ChatGPT custom connector) can connect with browser sign-in - no token to copy or paste. See Connecting with OAuth. For clients that need a static bearer token (Claude Desktop’s manual config, OpenAI Codex, the MCP Inspector, curl), create a Personal Access Token instead - see Step 1.

Endpoint

All you need to connect a client is the full URL, with your account id filled in: https://api.xplenty.com/YOUR_ACCOUNT_ID/api/mcp
You don’t have to assemble this URL by hand. Open Settings → Developer Settings → Connected Applications in your dashboard and copy the MCP server URL shown at the top of the page, your account id is already filled in.
Why api.xplenty.com instead of integrate.io? The Integrate.io API still runs at api.xplenty.com - this is expected and normal. The domain predates the Integrate.io rebrand. Your dashboard URL (dashboard.xplenty.com) and the API URL both work correctly.
The endpoint accepts a single JSON-RPC 2.0 message per request. Batch requests are not supported. Authentication uses a bearer token in the Authorization header. The token must belong to a user with access to the account named in the URL. Cross-account requests return 403 Forbidden.

Prerequisites

  • Reach out to the Integrate.io team to enable this for your account.
  • A way to authenticate. You have two options:
    • OAuth browser sign-in (easiest) - supported clients like Claude Code authenticate interactively, no token to manage. See Connecting with OAuth.
    • A Personal Access Token (PAT) - a long-lived bearer token for clients that need a static credential (Claude Desktop manual config, MCP Inspector, curl). The recommended way to mint one is Connected Applications in the dashboard (see Step 1).
  • An MCP-capable client. The setup below covers Claude Desktop 0.7.0 or later (0.10 or later for the one-click extension), Claude Code, and the MCP Inspector.

Connecting with OAuth (browser sign-in)

The easiest way to connect a client that supports OAuth (such as Claude Code or a ChatGPT custom connector) is to skip the token entirely and authenticate in your browser. The client registers itself, sends you to a consent screen, and stores the resulting credentials for you. There is nothing to copy or paste. The steps below show Claude Code. For ChatGPT, the same browser sign-in happens inside ChatGPT’s connector setup, see ChatGPT (custom connector) under Step 2.
1

Add the MCP server without a token

Point your client at the endpoint with no Authorization header. For Claude Code:
claude mcp add --transport http integrateio \
  https://api.xplenty.com/YOUR_ACCOUNT_ID/api/mcp
Replace YOUR_ACCOUNT_ID with your account subdomain or numeric id (the value in your dashboard URL).
2

Start authentication

Run /mcp in Claude Code and choose Authenticate for the integrateio server. Claude Code opens your browser to the Integrate.io consent screen. Sign in if you aren’t already.
3

Authorize access

You’ll see an Authorize access screen naming the client and the account it’s connecting to:
Claude Code is requesting access to your Integrate.io account your-account via the MCP server. This will let it read and manage your pipelines, connections, and jobs in this account.
Click Authorize. The browser hands the client back its credentials and you can close the tab. Skip ahead to Step 3: Verify the connection.
The consent screen is locked to the account subdomain the client connected to, so a client can only ever be granted access to that one account.

What OAuth grants

  • Access is account-wide with the same permissions as the signed-in user - identical in scope to a Personal Access Token.
  • Tokens are short-lived and refreshed automatically by the client, so you won’t be prompted again every couple of hours during normal use.
  • The connection appears in Settings → Developer Settings → Connected Applications under the client’s name (e.g. “Claude Code”), alongside any Personal Access Tokens, so you can audit and revoke it in one place.

Revoking and re-authenticating

  • Revoke: open Connected Applications, find the client, and click Revoke. Access stops immediately and the client must authorize again to reconnect.
  • Re-authenticate: if you authorize the same client again, the new session replaces the previous one for that client name, so you won’t accumulate duplicate entries in Connected Applications. The consent screen still appears each time; that approval is the security checkpoint and is expected on every authorization.
Integrate.io uses the OAuth 2.1 Authorization Code flow with PKCE (S256), the same standard used by major SaaS MCP connectors. After you click Authorize, your browser returns to the client’s local callback (e.g. http://localhost:…/callback) and shows a brief “Authentication Successful” page rendered by the client; that page comes from the MCP client, not from Integrate.io.

Step 1: Get a Personal Access Token

If your client supports OAuth (e.g. Claude Code), you don’t need a token at all - use Connecting with OAuth instead. Personal Access Tokens are for clients that need a static bearer credential: Claude Desktop’s manual config, the MCP Inspector, curl, and scripts.
The simplest way to get a token is from the Connected Applications page in your Integrate.io dashboard - no curl, no password grant, no token expiry to manage.
  1. Sign in to your dashboard and navigate to Settings → Developer Settings → Connected Applications. (Direct URL: https://dashboard.xplenty.com/<your-account>/settings/developer/connected_applications) If you don’t see the Connected Applications link in the sidebar, contact Integrate.io support to request access.
  2. Click + Create new connection.
  3. Give it a recognizable name (e.g. “Claude Desktop on Macbook”) and click Create token.
  4. The token is displayed once in a reveal modal. Click Copy before closing the modal. Integrate.io does not store the plaintext token and cannot show it again. If you lose it, revoke the connection and create a new one.
The reveal modal also includes ready-to-paste configuration snippets for Claude Desktop, Claude Code, the MCP Inspector, and curl. You can skip ahead to Step 3 and paste the Claude Desktop snippet directly into your config file.
The Connected Applications page also has a Quick install for Claude Desktop card with a one-click .mcpb extension download. If Claude Desktop is your client, use that path - see Step 2: Claude Desktop (one-click extension) below.
Why Connected Applications instead of an OAuth grant request?Connected Applications mint long-lived Personal Access Tokens (PATs) tied to a specific named integration. You don’t need to keep re-running an OAuth password-grant call every two hours, and you can revoke a token from the same page without affecting your dashboard session. Each connection appears in the list with its name, scope, and creation date, making it easy to audit which agent is connected to your account.A connection can be revoked at any time from the same page. The bearer token stops working immediately everywhere it’s pasted.
PAT scope and security notes:
  • PATs are account-wide and carry the same permissions as the user who created them.
  • There is currently no option to create a read-only PAT or restrict a PAT to a subset of MCP tools. Contact Integrate.io support if you need scoped access.
  • PATs have a 10-year lifetime by default. Treat them like passwords: store in a secrets manager, not in plain text.
  • Token rotation: revoke the existing connection in Connected Applications and create a new one. Update your MCP client config with the new token.

Alternative: OAuth password grant (legacy)

If you can’t use Connected Applications (e.g., automation that must mint tokens programmatically without a logged-in user), you can still use the OAuth Resource Owner Password Credentials grant. These tokens expire after two hours, so you’ll need to refresh them regularly.
curl -X POST 'https://api.xplenty.com/oauth/token' \
  -H 'Content-Type: application/json' \
  -d '{
    "grant_type": "password",
    "email": "you@your-org.com",
    "password": "your-password"
  }'
The response includes the access_token:
{
  "access_token": "ABC123...",
  "token_type": "Bearer",
  "expires_in": 7200,
  "created_at": 1234567890
}
For interactive use with Claude Desktop or MCP Inspector, prefer Connected Applications. The 10-year PAT lifetime means you set it up once and forget it.

Step 2: Configure your MCP client

Claude Desktop (one-click extension)

The fastest way to connect Claude Desktop is to install the Integrate.io extension (.mcpb). The extension prompts you for your account subdomain and Personal Access Token at install time, so you never touch claude_desktop_config.json by hand. Requires Claude Desktop 0.10 or later on macOS or Windows.
  1. In the Integrate.io dashboard, go to Settings → Developer Settings → Connected Applications.
  2. In the Quick install for Claude Desktop card, click Download Claude Desktop extension. The browser downloads integrate-io-mcp.mcpb.
  3. Open Claude Desktop and go to Settings → Extensions. Drag the downloaded .mcpb file onto that page. Claude Desktop opens the extension install dialog.
  4. When prompted:
    • Account Subdomain - your Integrate.io account subdomain or numeric id (the value in your dashboard URL).
    • Personal Access Token - a PAT from Step 1. If you haven’t minted one yet, click + Create new connection on the Connected Applications page first.
  5. Click Install, then restart Claude Desktop (fully quit and reopen).
In Claude Desktop’s MCP picker you should now see integrateio with the full tool list. Skip to Step 3 to verify.
On a staging Integrate.io account the same card serves integrate-io-mcp.staging.mcpb and displays a Staging build badge. The staging extension only talks to api-staging.xplenty.com - it won’t work with a production PAT. Both extensions can be installed side by side - Claude Desktop treats them as separate integrations (integrate-io-mcp and integrate-io-mcp-staging).
Migrating from the manual claude_desktop_config.json entry? Remove the old xplenty (or whatever you named it) entry from mcpServers in your config file before installing the extension. If both an extension and a manual entry point at the same backend, the install dialog may silently no-op because Claude Desktop sees the integration as already configured. Restart Claude Desktop after removing the stale entry, then drag the .mcpb in.

Updating or removing the extension

  • Update: download the latest .mcpb from the Connected Applications page and drag it onto Settings → Extensions again. The version field in the bundle increments on each release, so Claude Desktop treats it as an update rather than a duplicate. Your subdomain + token entered at first install are preserved.
  • Remove: go to Settings → Extensions in Claude Desktop, find Integrate.io in the list, and click the remove/uninstall control. Optionally revoke the underlying Personal Access Token from Connected Applications in the Integrate.io dashboard.

Claude Desktop (manual config)

If you can’t install the extension - corporate policy, an older Claude Desktop, or you’d rather hand-edit the config - edit your Claude Desktop configuration file directly:
  • macOS: ~/Library/Application Support/Claude/claude_desktop_config.json
  • Windows: %APPDATA%\Claude\claude_desktop_config.json
Add an entry under mcpServers. Claude Desktop speaks MCP over stdio only, so the snippet uses mcp-remote as a thin bridge to the remote HTTP endpoint:
{
  "mcpServers": {
    "integrateio": {
      "command": "npx",
      "args": [
        "-y",
        "mcp-remote",
        "https://api.xplenty.com/YOUR_ACCOUNT_ID/api/mcp",
        "--header",
        "Authorization: Bearer YOUR_ACCESS_TOKEN"
      ]
    }
  }
}
Replace YOUR_ACCOUNT_ID with your account subdomain or numeric id and YOUR_ACCESS_TOKEN with the value from Step 1, then restart Claude Desktop (Cmd+Q on macOS - fully quit and reopen; reloading the window isn’t enough).
The Connected Applications reveal modal generates this snippet for you with the URL and token already filled in. Click Copy under the Claude Desktop tab, paste into your config, restart Claude.

Claude Code

Claude Code has native HTTP MCP support, so no bridge is needed. Run:
claude mcp add --transport http integrateio \
  https://api.xplenty.com/YOUR_ACCOUNT_ID/api/mcp \
  --header "Authorization: Bearer YOUR_ACCESS_TOKEN"

MCP Inspector

The MCP Inspector has a native UI for ad-hoc debugging. Launch it:
npx @modelcontextprotocol/inspector
Then in the UI:
  • Transport: Streamable HTTP
  • URL: https://api.xplenty.com/YOUR_ACCOUNT_ID/api/mcp
  • Headers: Authorization: Bearer YOUR_ACCESS_TOKEN
The Inspector lets you call tools/list and tools/call directly and view the JSON-RPC response.

Cursor

Cursor uses the same stdio-only MCP transport as Claude Desktop. Use the same mcp-remote bridge - edit ~/.cursor/mcp.json (or per-workspace .cursor/mcp.json) with the JSON snippet above.

ChatGPT (custom connector)

ChatGPT connects to the MCP server natively over OAuth, so there is no token to paste and no bridge to install. You add the endpoint as a custom connector and approve access in your browser.
Custom MCP connectors are available on ChatGPT plans that expose connectors / developer mode (for example Plus, Pro, Business, and Enterprise). If you don’t see the option to add a custom connector, your plan or workspace admin settings may not have it enabled yet.
1

Open the custom connector dialog

In ChatGPT, go to Settings → Connectors and choose to add a custom connector. On some plans this lives under Settings → Connectors → Advanced → Developer mode.
2

Enter the endpoint

Give the connector a recognizable name (e.g. “Integrate.io”) and set the MCP server URL to:
https://api.xplenty.com/YOUR_ACCOUNT_ID/api/mcp
Replace YOUR_ACCOUNT_ID with your account subdomain or numeric id (the value in your dashboard URL).
3

Choose OAuth and authorize

For authentication, select OAuth. ChatGPT registers itself and opens the Integrate.io consent screen. Sign in if you aren’t already, then click Authorize. ChatGPT stores the resulting credentials and refreshes them automatically.
4

Use the connector

Enable the connector in a chat and ask a read-only prompt to confirm it works, for example: “List the workspaces in my Integrate.io account.” See What you can do with it for more.
This uses the same OAuth 2.1 Authorization Code flow with PKCE described in Connecting with OAuth. The connection appears in Settings → Developer Settings → Connected Applications in your Integrate.io dashboard, where you can audit or revoke it.

OpenAI Codex

Codex speaks MCP over stdio, the same as Claude Desktop and Cursor, so it uses the mcp-remote bridge to reach the remote HTTP endpoint. Add the server to ~/.codex/config.toml:
[mcp_servers.integrateio]
command = "npx"
args = [
  "-y",
  "mcp-remote",
  "https://api.xplenty.com/YOUR_ACCOUNT_ID/api/mcp",
  "--header",
  "Authorization: Bearer YOUR_ACCESS_TOKEN"
]
Replace YOUR_ACCOUNT_ID with your account subdomain or numeric id and YOUR_ACCESS_TOKEN with a Personal Access Token from Step 1, then restart Codex.
If you omit the --header line, mcp-remote falls back to OAuth browser sign-in instead of a static token, the same flow Claude Code uses. A Personal Access Token is the simpler choice for an always-on CLI because it does not expire after a couple of hours.

Any other MCP client

MCP is an open standard, so the sections above (Claude, ChatGPT, Codex, Cursor) are just specific cases of the same thing. Any MCP-compatible client or agent, on any LLM provider, connects to the same endpoint:
https://api.xplenty.com/YOUR_ACCOUNT_ID/api/mcp
To connect a client not listed above, answer two questions about it: 1. Does it support remote MCP servers natively, or only local (stdio) ones?
  • Native remote (Streamable HTTP) support: point the client straight at the endpoint URL. No bridge needed.
  • Local / stdio only: run the mcp-remote bridge in front of the URL, exactly as the Claude Desktop, Cursor, and Codex examples above do. mcp-remote turns the remote HTTP endpoint into the local stdio server these clients expect.
2. How does it authenticate?
  • Supports OAuth: add the server with no credentials and let the client run browser sign-in. It self-registers and stores its own tokens, see Connecting with OAuth. This is the same flow Claude Code and ChatGPT use.
  • Needs a static credential: create a Personal Access Token (see Step 1) and send it as an Authorization: Bearer YOUR_ACCESS_TOKEN header. For stdio clients, pass it through mcp-remote with --header as shown in the Codex snippet.
Once connected, every client sees the identical set of tools and obeys the same per-account permissions, regardless of which client or model is calling. If your client supports the Streamable HTTP MCP transport but still won’t connect, the Troubleshooting table at the end of this page covers the common causes.

Step 3: Verify the connection

In Claude Desktop, type /mcp in the chat input. You should see integrateio listed with all 33 tools available. Try a prompt such as:
List the workspaces in my Integrate.io account.
Claude invokes tools/call with list_workspaces and returns the response payload.

What you can do with it

These are real prompts you can type into Claude (or any connected AI assistant) once the MCP server is configured:
Natural-language promptTools invoked
”My Salesforce sync just failed - what broke?”explain_job_failure
”Show me all packages that haven’t run successfully this week”list_runs with status filter
”Clone the Salesforce to Snowflake package into a new workspace for testing”clone_package
”Which schedules are currently disabled?”list_schedules with enabled: false
”Preview the first 20 rows of the orders table on our production DB connection”preview_data
”Show me what the clean_orders Select transform outputs before I wire up the destination”preview_transformation

Available tools

The server registers 33 tools, grouped by what they do. Read-only tools inspect account state without side effects. Mutating tools create, modify, or run packages and jobs - flagged below. For a deep dive on the package-authoring tools (create_package, list_component_types, describe_component_type, add_package_components, update_package_components, update_package_edges, remove_package_components, rename_package, manage_package_variables, delete_package), see Creating packages with MCP tools.

Account inventory (read-only)

ToolDescription
list_workspacesLists workspaces in the account with package_count, last_failed_jobs_count, and last_completed_jobs_count. Recommended starting point for AI assistants.
list_packagesLists packages (ETL pipeline definitions). Filterable by flow_type (dataflow or workflow), status (active or archived), and workspace_id. Includes last_run_status.
get_packageReturns a single package by package_id with a curated data flow graph summary (component count, edge count, component-type tally, variables count). Set include_full_graph: true to return the full data_flow_json blob. Inline secrets in the full graph (REST URL api_key query params, Authorization: Bearer/Basic headers, basic-auth passwords, and values under secret-named keys) are masked as [REDACTED] before the response leaves the server. See Inline secret redaction in get_package.
list_connectionsLists database and cloud-storage connections. Returns id, name, type, and status only. Optional connection_type_filter.
get_connectionReturns details for a single connection by connection_id. Includes non-credential identifying fields such as host, port, database, and tunnel_type, plus suggested_components mapping the connection’s vendor to the right source/destination component type (e.g. a Snowflake connection suggests snowflake_destination_component rather than the generic database one).
list_clustersLists compute clusters with status, type, nodes, region, lifecycle timestamps, and terminate_on_idle. Filter by status.
search_allFree-text search across connections, packages, clusters, and workspaces, backed by Elasticsearch. Narrow with types and cap per-type hits with per_type_limit (default 10, max 50).
list_component_typesLists every component registered in the platform catalog (sources, transformations, destinations). Each entry includes the internal name, category, class_name, header docstring, and the wrapper_key plus specific_component_type needed to build a valid data_flow_json. Optional category filter.
describe_component_typeReturns property-level detail for one component type: writable attributes (properties), presence-validated attributes (required), header docstring, optional fixture example, and a wrapper_example showing the exact JSON shape. Pair with list_component_types.

Run inspection (read-only)

ToolDescription
list_runsLists recent job runs with status, started_at, completed_at, runtime_in_seconds, cluster_id, package_id, and last_error for failed runs. Filter by package_id or status. Excludes child retries by default.
get_runReturns a single run by run_id plus a redacted log tail. Use log_tail_lines to control how many trailing lines to return (default 20, max 200).
explain_job_failureReturns the run’s primary error, a redacted log tail, programmatic error-pattern detection (FATAL, ERROR, exception, auth, connection, schema), and heuristic next-step suggestions. Use log_tail_lines to control tail size (default 50, max 200).

Schedule inspection (read-only)

ToolDescription
list_schedulesLists schedules in the account with name, package_id, cron, next_run_at, and enabled. Filter by package_id or enabled.
get_scheduleReturns one schedule by schedule_id with its full cron expression, variables, and timing metadata.

Pipeline diagnostics (read-only)

ToolDescription
validate_packageRuns the same synchronous validation the web UI does: structural check plus a JMS script validation. Returns a per-component error list. Each call creates a JobValidation record and typically takes ~5 seconds.
discover_schemaLists tables available through a database connection. Optional schema_name, limit, offset, and search arguments. Only works for database connection types.
discover_file_schemaDetects the columns of a delimited file (CSV, TSV, and similar) on a cloud-storage or SFTP connection. Use this to learn a file’s columns before wiring a Select component or destination. Required connection_id and path; optional delimiter, header_row, record_type, record_delimiter, char_encoding, bucket, lines, quote, escape. Returns field_count, column_names, and the importer’s raw fields for direct use in a source component’s schema.fields.
preview_dataReturns column metadata plus a small sample of rows from a database table. Optional schema_name, row_count (default 20, max 200), and where_clause (single fragment; semicolons and SQL comment markers are rejected).
preview_transformationPreviews what a single component inside a package produces on sample data — mid-build, with no destination required. Required package_id and component_name (the inner name of the target component); optional variables overrides for parameterized sources. Returns component_name, columns, and a sample of rows computed by running the source-through-target chain on roughly 20 rows of real source data. Use this before a pipeline is wired to a destination; validate_package requires a complete graph, this does not. v1 supports database-backed sources only; components fed by SaaS, REST, or file sources return a clear “not yet supported” error. Targets with no upstream return a guidance error pointing you at preview_data for raw source rows.
test_connectionActively pings a connection’s upstream system. Returns success: true/false with an error_message on failure. Optional connection_type disambiguates when the same id exists in both the database and cloud-storage connection tables.

Pipeline mutations (write - agent edits the package itself)

ToolDescription
create_packageCreates a new package atomically from a full data_flow_json spec. Requires name, flow_type, components, edges. Optional workspace_id (defaults to unassigned), description, flow_version (defaults to 2.0.0). Component and edge ids are auto-generated when omitted. Returns the new package_id.
clone_packageDuplicates an existing package by package_id into a new package with optional name and workspace_id overrides. Returns the new package_id.
update_package_componentsEdits specific components within a package’s data_flow_json. Each entry is { component_name, updates }; nested hashes are deep-merged. All-or-nothing semantics: if any component_name isn’t found, no writes happen. Bumps the package version via PaperTrail; reversible via the existing UI history.
update_package_edgesReplaces a package’s edges array wholesale. Pre-validates that every edge’s source and target resolves to a component id in the current package; any unknown reference rejects the whole call with no partial writes. Bumps the package version via PaperTrail.
remove_package_componentsRemoves one or more components from a package’s flow by name. All-or-nothing: if any name is not found, the whole call is rejected. Edges incident to a removed component are dropped at the same time so the package never carries dangling edges. Row-locked, version-bumped via PaperTrail.
rename_packageUpdates a package’s name and optional description. Metadata-only. data_flow_json is left untouched. Recorded in the package version history.
manage_package_variablesDefines, updates, or removes a package’s public variables (the named defaults a package exposes). Accepts set (a hash of { name => default } to add or update) and/or remove (an array of variable names to delete). Row-locked partial update; secret variables stay UI-only.
delete_packageArchives a package (soft delete). Mirrors the dashboard’s Archive action: the Job row is preserved with status archived and remains queryable via list_packages(status: 'archived'). Rejected if an active schedule still references the package.

Schedule mutations (write)

ToolDescription
toggle_scheduleEnables or disables a schedule by schedule_id. Set enabled: true or enabled: false.

Execution + recovery (write)

ToolDescription
run_packageSubmits a package for execution and returns the run_id immediately (doesn’t wait for completion). Poll status via get_run. Optional cluster_id, variables, and dynamic_variables.
cancel_jobCancels a currently-running job by run_id. Idempotent - calling on an already-finished job returns the current status without erroring.
retry_jobRetries a failed job by run_id, optionally on a different cluster_id. Creates a new run; the original run is preserved for history.
All tools are scoped to the authenticated account. None return credentials or other sensitive material. Tools that hit external services (validate_package, discover_schema, preview_data, preview_transformation, test_connection, run_package) cause real network calls to JMS, the schema-importer, the previewer, or your upstream systems. Use them sparingly.

Safety, audit, and read-only mode

Mutating tools (create_package, clone_package, update_package_components, update_package_edges, add_package_components, remove_package_components, rename_package, manage_package_variables, delete_package, toggle_schedule, run_package, cancel_job, retry_job) modify your live account, including production pipelines. There is no sandbox mode. Changes take effect immediately.
Audit trail: All writes made through the MCP server are captured in your account’s audit history via PaperTrail. Changes made by update_package_components are versioned and reversible through the existing package version history UI. Running in read-only posture: If you want to connect an AI assistant with no write access, limit your prompts to the read-only tools (list_*, get_*, search_all, explain_job_failure, validate_package, discover_schema, discover_file_schema, preview_data, preview_transformation, test_connection). There is currently no server-side mechanism to restrict a token to read-only tools. This is a client-side discipline for now. Contact Integrate.io support if you need a scoped token. Procurement checklist:
  • All MCP-driven changes appear in the PaperTrail audit log.
  • Tokens can be revoked instantly from Settings → Developer Settings → Connected Applications.
  • No credentials, TLS certificates, or SSL keys are ever returned by any tool.

Inline secret redaction in get_package

get_package(include_full_graph: true) returns a package’s full data_flow_json so an agent can clone or modify a pipeline by example. If component properties contain user-typed secrets — for example a REST source URL with ?api_key=..., an Authorization: Bearer ... header, a basic-auth password, or credentials embedded in a bash component body — those values are masked before the response leaves the server. The redaction is applied to the full-graph payload only. The summary returned by a default get_package call (counts and component-type tally) contains no secret-bearing fields and is unaffected. What gets masked
  • Values under keys whose name matches a secret pattern (password, token, api_key, client_secret, authorization, and similar).
  • The value side of { name, value } header pairs when the name side names a credential header (Authorization, X-API-Key, apikey, and similar). Non-credential headers like Content-Type are preserved.
  • URL userinfo credentials (https://user:pass@host).
  • URL query-string secret parameters (?api_key=..., &token=..., and similar).
  • Bearer and Basic tokens of 8 or more characters found anywhere in a string value.
Each masked value is replaced with the literal string [REDACTED]. Structure is preserved: component types, names, ids, positions, schema fields, edges, and non-secret properties (such as username) come through unchanged, so the canvas still renders and the agent can still reason about pipeline shape. Example A REST source with an api_key in the URL and an Authorization header comes back like this:
{
  "url": "https://api.example.com/export?api_key=[REDACTED]",
  "username": "demo_user",
  "password": "[REDACTED]",
  "headers": [
    { "name": "Authorization", "value": "[REDACTED]" },
    { "name": "Content-Type", "value": "application/json" }
  ]
}
What this is and is not Redaction is a best-effort defense in depth for inline secrets that users sometimes paste directly into component properties. It is not a substitute for storing credentials in connections or in secret variables, which are encrypted at rest and never returned by any MCP tool. Use connections and secret variables for any real credential. Use these prompts to explore your account and test the integration. They use read-only tools only, so they are safe for production accounts.
GoalPrompt to type
Orient yourself”List the workspaces in my Integrate.io account and summarize the health of each one.”
Find recent failures”Show me all jobs that failed in the last 24 hours and summarize the most common errors.”
Diagnose a specific failure”Explain why run ID 123456 failed and suggest how to fix it.”
Audit active schedules”List all enabled schedules and tell me which packages run most frequently.”
Explore a connection”What tables are available on the production-postgres connection?”
list_workspaces is the best starting point for AI assistants. It gives a snapshot of package counts and recent failure rates across all workspaces before diving into details.

Example: Calling a tool with curl

You can also call the endpoint directly. The body is a JSON-RPC 2.0 request.
curl -X POST 'https://api.xplenty.com/YOUR_ACCOUNT_ID/api/mcp' \
  -H 'Authorization: Bearer YOUR_ACCESS_TOKEN' \
  -H 'Content-Type: application/json' \
  -d '{
    "jsonrpc": "2.0",
    "id": 1,
    "method": "tools/call",
    "params": {
      "name": "list_packages",
      "arguments": { "status": "active", "limit": 10 }
    }
  }'
To diagnose a failed run, call explain_job_failure with the run id:
curl -X POST 'https://api.xplenty.com/YOUR_ACCOUNT_ID/api/mcp' \
  -H 'Authorization: Bearer YOUR_ACCESS_TOKEN' \
  -H 'Content-Type: application/json' \
  -d '{
    "jsonrpc": "2.0",
    "id": 2,
    "method": "tools/call",
    "params": {
      "name": "explain_job_failure",
      "arguments": { "run_id": 123456, "log_tail_lines": 100 }
    }
  }'
To preview source data before designing a transformation:
curl -X POST 'https://api.xplenty.com/YOUR_ACCOUNT_ID/api/mcp' \
  -H 'Authorization: Bearer YOUR_ACCESS_TOKEN' \
  -H 'Content-Type: application/json' \
  -d '{
    "jsonrpc": "2.0",
    "id": 3,
    "method": "tools/call",
    "params": {
      "name": "preview_data",
      "arguments": {
        "connection_id": 42,
        "table": "orders",
        "row_count": 20,
        "where_clause": "amount > 1000"
      }
    }
  }'
To preview a single component’s output mid-build, before a destination is wired:
curl -X POST 'https://api.xplenty.com/YOUR_ACCOUNT_ID/api/mcp' \
  -H 'Authorization: Bearer YOUR_ACCESS_TOKEN' \
  -H 'Content-Type: application/json' \
  -d '{
    "jsonrpc": "2.0",
    "id": 4,
    "method": "tools/call",
    "params": {
      "name": "preview_transformation",
      "arguments": {
        "package_id": 12345,
        "component_name": "clean_orders"
      }
    }
  }'

Troubleshooting

SymptomCauseFix
401 UnauthorizedMissing or expired tokenMint a new token in Step 1. If you’re using an OAuth password-grant token, remember those expire after 2 hours. Switch to a Connected Application PAT for a long-lived token.
OAuth sign-in never opens a browser, or SDK auth failed: HTTP 500 trying to load OAuth metadataThe MCP feature isn’t enabled for your account, or the client cached a failed discovery attemptConfirm the feature is enabled (contact Integrate.io support). Then remove and re-add the server (claude mcp remove integrateio then re-add), and run /mcpAuthenticate again.
After authorizing, the browser shows a localhost “Authentication Successful” pageExpected - that page is served by your MCP client’s local callback, not by Integrate.ioNothing to fix. Close the tab and return to your client.
401 Unauthorized after revoking a Connected ApplicationThe connection was deleted from Settings → Developer Settings → Connected ApplicationsCreate a new connection from that page and update your client config. Revocation takes effect immediately.
403 PTP MCP server is not enabled for this accountFeature is off for your accountContact Integrate.io support to enable the feature.
403 ForbiddenToken belongs to a user without access to the account in the URLUse a token for a user who is a member of the target account.
404 Not FoundWrong account id in URLUse the account id or subdomain from your Integrate.io dashboard URL.
{"error":{"code":-32600,...}}Malformed JSON-RPC bodyVerify the request body matches the JSON-RPC 2.0 shape.
{"error":"connection not found, or not a database connection"}Called discover_schema or preview_data against a cloud-storage or SaaS connectionThese tools support database connections only. Use get_connection to confirm the type.
Dragging the .mcpb onto Claude Desktop does nothing - no install dialog appearsA previous manualmcpServers entry in claude_desktop_config.json targets the same backend, so Claude Desktop sees the integration as already configured and silently no-opsQuit Claude Desktop, remove the old mcpServers entry from claude_desktop_config.json (location in the manual-config section above), reopen, then drag the .mcpb again.
Dragging the .mcpb opens the install dialog, but installation appears to do nothingOlder Claude Desktop versions (< 0.10) don’t render .mcpb install dialogs reliablyUpdate Claude Desktop to 0.10 or later (Settings → About → Check for Updates), then retry.
Extension installs but the integrateio integration isn’t visible in the MCP pickerRestart was skipped, or Claude Desktop is using a cached MCP picker stateFully quit Claude Desktop (Cmd+Q on macOS, not just window-close), wait 3 seconds, reopen. The integration should now appear.
Extension installs but every tool call returns 401 UnauthorizedWrong Personal Access Token entered at install time, or the PAT was revoked since installOpen Settings → Extensions → Integrate.io in Claude Desktop and re-enter the token. If you don’t have one, mint a fresh PAT from Connected Applications in the dashboard first.
Staging build extension can’t reach the production accountThe staging extension only talks to api-staging.xplenty.comInstall the production extension instead (downloaded from the production dashboard at https://dashboard.xplenty.com/...). The two extensions can coexist on the same machine.
Last modified on June 29, 2026