Model Context Protocol

Bring Pact to any AI client.

Pact ships a native MCP server: Claude, Cursor, or any Model Context Protocol client can query your accounts, contacts, deals, and pipeline — and fire Pact's AI agents — with your tenant's consent rules, encryption keys, audit trail, and cost meter enforced on every single call.

https://api.pact.place/mcp/Streamable HTTP · OAuth 2.0 or scoped API key

Try it live — no signup Connect your workspace Get the SDKs

Why this matters

Model Context Protocol is the open standard — introduced by Anthropic in late 2024 and since adopted across the AI industry — that lets an AI assistant call tools on systems it doesn't own. It is rapidly becoming how AI reaches business software: the major enterprise suites, Adobe's analytics stack among them, are shipping MCP servers for exactly this reason.

The catch: handing an external agent a database connection or a raw API key gives it everything. What MCP needs from a CRM is not just an endpoint — it's an endpoint that enforces the same consent, encryption, and audit guarantees the product itself does.

That's what Pact's MCP server is. It runs in-process with the platform, so an external agent's call passes through the identical consent gate, key policy, and audit trail as a click in the app. Your AI assistant gets real reach into your CRM; your DPO gets a complete record of it.

Consent filtering, visibly

A query that touches suppressed subjects tells the agent what it didn't get:

{
  "items": [ ... ],
  "returned": 1,
  "consent_filtered": 1,
  "note": "1 record(s) hidden by consent (suppressed/withdrawn subjects)."
}

Four guarantees, enforced in-process.

Not a proxy in front of an API — the server is mounted inside the platform, so these are the same code paths the product runs.

Consent-native filtering

Every record an external agent reads passes the same consent gate the product enforces. Suppressed, withdrawn, or erased subjects are filtered out — and the response reports how many were hidden, so nothing disappears silently.

BYOK-respecting

Contact PII is read through your tenant's encryption keys. Plaintext is never reconstructed outside that path — the MCP server gets exactly the access your key policy allows.

An audit row per call

Every invocation writes one audit record: tool, tenant, user, client, argument digest, latency, result count, and how many records the consent gate hid. Full provenance of every external agent's reach into your data.

Cost-attributed and rate-limited

AI tool calls attribute spend to your tenant's usage ledger, and the per-call cost is echoed back in the response. Per-tenant and per-tool rate limits guard against runaway agent loops.

Nine tools, live today.

This is the actual roster the server exposes — not a roadmap. Read tools are read-only; fire_agent runs an agent and is consent-gated per target.

query_accountsread-only
Search CRM accounts. Consent-suppressed domains are filtered out — and counted.
scope: read:accounts
query_contactsread-only
Search people. PII is decrypted through your tenant key, consent-filtered by email.
scope: read:contacts
query_dealsread-only
Search pipeline deals, consent-filtered by the linked account.
scope: read:deals
query_pipeline_healthread-only
Aggregate pipeline metrics — open value, weighted value, win rate, by stage — with top-deal citations.
scope: read:deals
get_metric_explanationread-only
Ask why a KPI moved. Runs the metric-explainer agent on aggregates only — no PII.
scope: read:deals
ask_workspaceread-only
A natural-language question across the workspace. Grounded, cited answer.
scope: read:accounts
list_agentsread-only
Discover the Pact AI agent roster — id, purpose, and whether each agent reads PII.
scope: read:workflows
fire_agentruns agents
Run any roster agent, optionally against a target record. A PII-reading agent is refused on a consent-withdrawn subject.
scope: read:workflows
read_briefingread-only
The calling user's daily briefing — pipeline snapshot, recent deal activity, grounded narrative.
scope: read:accounts

On the roadmap: consent-gated write tools, and each prebuilt agent orchestration exposed as its own tool. Today the server is read-mostly by design.

Connect in minutes.

Two credential paths: sign in with OAuth — the server publishes standard discovery metadata and supports Dynamic Client Registration, so MCP-native clients connect without a pre-shared key — or mint a scoped pact_live_* API key in Settings → API Keys. Either way, every call is scoped to your tenant and your permissions.

Claude (native connector)

1. Open Settings → Connectors → Add custom connector.
2.Enter https://api.pact.place/mcp/.
3. Sign in to Pact when prompted and approve the read scopes. Done — OAuth discovery handles the rest.

Or: claude_desktop_config.json via mcp-remote

{
  "mcpServers": {
    "pact": {
      "command": "npx",
      "args": [
        "-y", "mcp-remote",
        "https://api.pact.place/mcp/",
        "--header", "Authorization: Bearer pact_live_xxx"
      ]
    }
  }
}

Cursor

~/.cursor/mcp.json

{
  "mcpServers": {
    "pact": {
      "url": "https://api.pact.place/mcp/",
      "headers": { "Authorization": "Bearer pact_live_xxx" }
    }
  }
}

Custom clients (Python)

official mcp SDK

from mcp.client.session import ClientSession
from mcp.client.streamable_http import streamablehttp_client

URL = "https://api.pact.place/mcp/"
HEADERS = {"Authorization": "Bearer pact_live_xxx"}

async with streamablehttp_client(URL, headers=HEADERS) as (read, write, _):
    async with ClientSession(read, write) as session:
        await session.initialize()
        tools = await session.list_tools()
        result = await session.call_tool("query_pipeline_health", {})

Keep the trailing slash. A request to /mcp redirects to /mcp/, and most HTTP clients drop the Authorization header across a redirect — which reads as a mysterious 401.

Your CRM, on the open AI standard.

Start free, mint a token, and ask your own pipeline a question from the AI client you already use.

Start free Browse all integrations