> ## Documentation Index
> Fetch the complete documentation index at: https://docs.clarityq.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# MCP Connectors

> Add and manage MCP (Model Context Protocol) connectors for your organization so ClarityQ's agent can use external tools.

MCP connectors let ClarityQ's agent use tools from external services — pulling data from another product, searching a connected knowledge base, calling an internal API, and so on. An admin adds a connector once under **Organization Settings → MCP**; it then shows up for your team as an **App** (see [Using Apps](/integrations/mcp/using-mcp-servers)).

## Two kinds of connectors

A connector authenticates one of two ways. ClarityQ picks the type from what you enter — **add a header and it's token-based; leave headers empty and it's OAuth.**

<CardGroup cols={2}>
  <Card title="Token-based" icon="key">
    You paste one API token. It's sent as a header on every request and shared by the **whole team** — no personal sign-in. Teammates see it marked **Controlled by admin**.
  </Card>

  <Card title="OAuth" icon="user">
    You add the URL with **no headers**. Each teammate clicks **Connect** and signs in with their **own account**, so access follows their own permissions.
  </Card>
</CardGroup>

## Before you start

* Admin rights in your ClarityQ organization.
* The MCP server's URL (HTTP / streamable HTTP).
* For a token-based server, an API token issued by that service. (OAuth servers need nothing here — each teammate signs in themselves.)

## Add a connector

Open **Organization Settings → MCP** and click **Add Connector**.

<Steps>
  <Step title="Enter a name and the server URL">
    Give the connector a **Name** and paste the **Remote MCP server URL**.
  </Step>

  <Step title="Set up authentication">
    * **Token-based:** under **Headers**, add the header the server expects — for example an `Authorization` header with value `Bearer <your-token>`, or `X-API-Key`. Use **Add header** for more rows.
    * **OAuth:** leave **Headers** empty. Teammates connect their own account later.
  </Step>

  <Step title="Click Add">
    ClarityQ validates the connection against the server. For token-based servers, a rejected token surfaces the error right in the dialog so you can fix it before saving — no silently broken connectors.
  </Step>
</Steps>

## Edit a connector

Open the **⋯** menu on a connector and choose **Edit**. You can change the name, URL, or headers.

Saved secret header values show **masked** (`••••••`). Leave one masked to keep the stored value; click the edit icon to type a **new** value to replace it (the eye icon reveals what you type). Click **Save** — the connection is re-validated.

## Enable, disable, or remove

* Each connector has an **enable/disable toggle**. Turn it **off** to stop teammates using it without deleting it; **on** to make it available again.
* To remove one entirely, open **⋯ → Delete → Remove**. It's removed for everyone on your team. Past chats that referenced its content stay readable, but the connector can't be used going forward.

<Note>
  Header values (tokens) are stored encrypted in a secrets manager — never in the database in plain text, and only ever shown masked in the UI. A token-based connector inherits the permissions of the account that issued the token, so scope it to what your team needs.
</Note>
