Skip to content
Draft
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion product/admin/ai-clients.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@
{/* Editor Refresh: 2026-05-08 */}

<Note>
**Activation required.** AI access management must be enabled for your tenant before you can use it. To get started, [contact the C1 support team](mailto:support@c1.ai) for a walkthrough.

Check warning on line 11 in product/admin/ai-clients.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/ai-clients.mdx#L11

Did you really mean 'walkthrough'?
</Note>

An **AI client** is any registered AI agent that talks to C1 MCP — Claude Desktop, Claude Code, Cursor, ChatGPT, Copilot, custom agents, and so on. This page covers how clients are registered, the lifecycle states they move through, the controls you have over them, and the tenant policy that governs which client types are allowed in your tenant.
Expand Down Expand Up @@ -41,7 +41,7 @@
| **Owner** | C1 user the client is bound to |
| **State** | Active / hidden / closed / deleted (see lifecycle below) |
| **Last used** | Timestamp of the last tool call |
| **Toolsets** | Toolsets currently accessible to the client (via the user's access profiles) |

Check warning on line 44 in product/admin/ai-clients.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/ai-clients.mdx#L44

Did you really mean 'Toolsets'?

Check warning on line 44 in product/admin/ai-clients.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/ai-clients.mdx#L44

Did you really mean 'Toolsets'?

You can filter by any column. Click a client to open its detail panel.

Expand Down Expand Up @@ -73,7 +73,7 @@

<Steps>
<Step>
Go to **Settings > AI Connections**.
Go to **AI > C1 Gateway > Settings**.
</Step>
<Step>
Edit **Allowed client types**.
Expand Down
6 changes: 3 additions & 3 deletions product/admin/c1-mcp.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -38,10 +38,10 @@

<Steps>
<Step>
Navigate to **Settings** > **AI connections**.
Navigate to **AI** > **C1 Gateway** and open the **Settings** tab.
</Step>
<Step>
At the top of the **AI connections** page, click **Edit** and toggle **Enable AI connections** to on.
Find **AI connections**, click **Edit**, and toggle **Enable AI connections** to on.
</Step>
<Step>
Click **Save**.
Expand Down Expand Up @@ -78,7 +78,7 @@
</Steps>

<Note>
If you configure IP restrictions, AI assistants will only work from the specified IP ranges. This is useful for restricting usage to corporate networks or VPNs.

Check warning on line 81 in product/admin/c1-mcp.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/c1-mcp.mdx#L81

Did you really mean 'VPNs'?
</Note>

## Connect an AI assistant
Expand Down Expand Up @@ -110,7 +110,7 @@
4. Save and restart Claude Desktop.
</Tab>
<Tab title="Claude Code">
1. From your terminal, add the C1 MCP server using the `claude mcp add` command:

Check warning on line 113 in product/admin/c1-mcp.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/c1-mcp.mdx#L113

Did you really mean 'mcp'?

```bash
claude mcp add --transport http c1 https://<your-tenant>-mcp.conductor.one/v1
Expand All @@ -126,7 +126,7 @@
</Tip>
</Tab>
<Tab title="Codex">
1. From your terminal, add the C1 MCP server using the `codex mcp add` command:

Check warning on line 129 in product/admin/c1-mcp.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/c1-mcp.mdx#L129

Did you really mean 'mcp'?

```bash
codex mcp add c1 --url https://<your-tenant>-mcp.conductor.one/v1
Expand Down Expand Up @@ -186,7 +186,7 @@
| `describe_object_filters` | Get filterable fields for an object type |
| `get_object_schema` | Get the JSON schema for an object type |

## Queryable objects

Check warning on line 189 in product/admin/c1-mcp.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/c1-mcp.mdx#L189

Did you really mean 'Queryable'?

AI assistants can query 20 different object types across your C1 tenant.

Expand Down Expand Up @@ -229,7 +229,7 @@

| Object | Description |
| :--- | :--- |
| `RequestCatalog` | Collections of requestable entitlements in an Access Profile |

Check warning on line 232 in product/admin/c1-mcp.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/c1-mcp.mdx#L232

Did you really mean 'requestable'?
| `Webhook` | Event notification configurations |
| `Directory` | Account sync configurations |
| `ProfileType` | Attribute mapping configurations |
Expand Down Expand Up @@ -304,7 +304,7 @@

### Admin management

Super Admins can navigate to **Settings** > **AI connections** to view and revoke all connections across the tenant.
Super Admins can navigate to **AI** > **C1 Gateway** > **Connected clients** to view and revoke all connections across the tenant.

## System log events

Expand Down Expand Up @@ -395,7 +395,7 @@
</Accordion>

<Accordion title="How do I restrict where AI connections can be used?">
Administrators can configure IP allow lists in **Settings** > **IP Allowlist** > **AI connections** to restrict access to specific IP ranges. This is useful for limiting usage to corporate networks or VPNs.

Check warning on line 398 in product/admin/c1-mcp.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/c1-mcp.mdx#L398

Did you really mean 'VPNs'?
</Accordion>

<Accordion title="Can I see what queries the AI is making?">
Expand Down
10 changes: 5 additions & 5 deletions product/admin/enable-ai-access-management.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@
{/* Editor Refresh: 2026-05-08 */}

<Note>
**Activation required.** AI access management must be enabled for your tenant before you can use it. To get started, [contact the C1 support team](mailto:support@c1.ai) for a walkthrough.

Check warning on line 11 in product/admin/enable-ai-access-management.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/enable-ai-access-management.mdx#L11

Did you really mean 'walkthrough'?
</Note>

AIAM lets you govern which AI clients can call which tools on your behalf, and which end users are allowed to use them. This page walks a Super Admin through turning AIAM on for the tenant and setting the tenant-wide defaults that apply to every MCP server, tool, and AI client you register afterward.
Expand All @@ -17,14 +17,14 @@

## Enable AIAM for your tenant

Enabling AIAM exposes the AIAM surfaces (MCP servers, tools, AI clients, AIAM audit log) to admins. It does **not** automatically grant any end user access to any tool — every tool still has to be approved, added to a toolset, and bound to an access profile before it becomes requestable.

Check warning on line 20 in product/admin/enable-ai-access-management.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/enable-ai-access-management.mdx#L20

Did you really mean 'toolset'?

Check warning on line 20 in product/admin/enable-ai-access-management.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/enable-ai-access-management.mdx#L20

Did you really mean 'requestable'?

<Steps>
<Step>
Log in to your C1 tenant as a Super Admin.
</Step>
<Step>
Navigate to **Settings > AI Connections**.
Navigate to **AI > C1 Gateway** and open the **Settings** tab.
</Step>
<Step>
Click **Edit AI Connections**.
Expand Down Expand Up @@ -58,7 +58,7 @@

<Steps>
<Step>
In **Settings > AI Connections**, find **Allowed client types**.
In **AI > C1 Gateway > Settings**, find **Allowed client types**.
</Step>
<Step>
Check the boxes for the types you want to permit.
Expand All @@ -74,7 +74,7 @@

### Default tool classification

When C1 discovers a new tool on a registered MCP server, it assigns the tool this initial state. Until an admin reviews and approves the tool, it cannot be added to a toolset and end users cannot request it.

Check warning on line 77 in product/admin/enable-ai-access-management.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/enable-ai-access-management.mdx#L77

Did you really mean 'toolset'?

- **State**: Pending Review / Unset (recommended — keeps every newly-discovered tool out of end-user reach until you've reviewed it)
- **Classification**: Unclassified (recommended)
Expand All @@ -83,7 +83,7 @@

<Steps>
<Step>
In **Settings > AI Connections**, find **Default tool classification**.
In **AI > MCP > Settings**, find **Default tool classification**.
</Step>
<Step>
Select the state and classification to apply to newly-discovered tools.
Expand All @@ -95,13 +95,13 @@

### Require tool approval

When on, every newly-discovered tool starts in **Pending Review** and must be approved by an admin before it can be added to a toolset. When off, tools become available to be added to toolsets immediately on discovery.

Check warning on line 98 in product/admin/enable-ai-access-management.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/enable-ai-access-management.mdx#L98

Did you really mean 'toolset'?

Check warning on line 98 in product/admin/enable-ai-access-management.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/enable-ai-access-management.mdx#L98

Did you really mean 'toolsets'?

- **Default**: On
- **Recommended**: On for production tenants. Off is appropriate only for sandbox tenants where you're testing the end-to-end flow.

<Note>
Turning this off does not bypass access profile approval — end users still go through the access profile's approval policy when they request a toolset.

Check warning on line 104 in product/admin/enable-ai-access-management.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/enable-ai-access-management.mdx#L104

Did you really mean 'toolset'?
</Note>

### Client lifecycle inactivity policy
Expand All @@ -118,7 +118,7 @@

<Steps>
<Step>
In **Settings > AI Connections**, find **Client lifecycle**.
In **AI > C1 Gateway > Settings**, find **Client lifecycle**.
</Step>
<Step>
Set the inactivity threshold for each state.
Expand All @@ -141,7 +141,7 @@

<Steps>
<Step>
In **Settings > AI Connections**, find **Emergency kill switch**.
In **Settings > System management**, find **Emergency kill switch**.
</Step>
<Step>
Click **Disable all AI access**.
Expand Down
2 changes: 1 addition & 1 deletion product/admin/mcp-server/apollo.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@
{/* Editor Refresh: 2026-06-11 */}

<Note>
**Activation required.** AI access management must be enabled for your tenant before you can use it. To get started, [contact the C1 support team](mailto:support@c1.ai) for a walkthrough.

Check warning on line 12 in product/admin/mcp-server/apollo.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/apollo.mdx#L12

Did you really mean 'walkthrough'?
</Note>

The Apollo MCP server lets you govern access to Apollo — contacts, accounts, and other sales data — as tools your AI clients can call through C1.
Expand Down Expand Up @@ -73,9 +73,9 @@

After you register the server, C1 runs tool discovery against Apollo. Discovered tools appear on the server's **Tools** tab.

Each tool starts as either **Pending review** or automatically **Approved**, depending on the option chosen when the server was set up or your tenant's default tool settings in **Settings** > **AI Connections**. See [Require tool approval](/product/admin/enable-ai-access-management#require-tool-approval) and [Default tool classification](/product/admin/enable-ai-access-management#default-tool-classification).
Each tool starts as either **Pending review** or automatically **Approved**, depending on the option chosen when the server was set up or your tenant's default tool settings in **AI** > **MCP** > **Settings**. See [Require tool approval](/product/admin/enable-ai-access-management#require-tool-approval) and [Default tool classification](/product/admin/enable-ai-access-management#default-tool-classification).

Before anyone can call an Apollo tool, it must be approved, added to a toolset, and bound to an access profile. Continue to [Govern tools and toolsets](/product/admin/tools-and-toolsets) to set this up.

Check warning on line 78 in product/admin/mcp-server/apollo.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/apollo.mdx#L78

Did you really mean 'toolset'?

<Note>
Tool discovery runs even if your credentials are incorrect, so seeing discovered tools doesn't confirm that authentication is working. You confirm your Apollo credentials when an approved user successfully calls an Apollo tool from their AI client.
Expand Down
2 changes: 1 addition & 1 deletion product/admin/mcp-server/auth0.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@
{/* Editor Refresh: 2026-06-11 */}

<Note>
**Activation required.** AI access management must be enabled for your tenant before you can use it. To get started, [contact the C1 support team](mailto:support@c1.ai) for a walkthrough.

Check warning on line 12 in product/admin/mcp-server/auth0.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/auth0.mdx#L12

Did you really mean 'walkthrough'?
</Note>

The Auth0 MCP server lets you govern access to Auth0 — users, connections, applications, roles, and other tenant data managed through the Auth0 Management API — as tools your AI clients can call through C1.
Expand Down Expand Up @@ -78,9 +78,9 @@

After you register the server, C1 runs tool discovery against Auth0. Discovered tools appear on the server's **Tools** tab.

Each tool starts as either **Pending review** or automatically **Approved**, depending on the option chosen when the server was set up or your tenant's default tool settings in **Settings** > **AI Connections**. See [Require tool approval](/product/admin/enable-ai-access-management#require-tool-approval) and [Default tool classification](/product/admin/enable-ai-access-management#default-tool-classification).
Each tool starts as either **Pending review** or automatically **Approved**, depending on the option chosen when the server was set up or your tenant's default tool settings in **AI** > **MCP** > **Settings**. See [Require tool approval](/product/admin/enable-ai-access-management#require-tool-approval) and [Default tool classification](/product/admin/enable-ai-access-management#default-tool-classification).

Before anyone can call an Auth0 tool, it must be approved, added to a toolset, and bound to an access profile. Continue to [Govern tools and toolsets](/product/admin/tools-and-toolsets) to set this up.

Check warning on line 83 in product/admin/mcp-server/auth0.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/auth0.mdx#L83

Did you really mean 'toolset'?

<Note>
Tool discovery runs even if your credentials are incorrect, so seeing discovered tools doesn't confirm that authentication is working. You confirm your Auth0 credentials when an approved user successfully calls an Auth0 tool from their AI client.
Expand Down
2 changes: 1 addition & 1 deletion product/admin/mcp-server/azure-devops.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
title: Set up the Azure DevOps MCP server
description: Connect Azure DevOps to C1 with a personal access token or a Microsoft Entra token, then register the MCP server and govern its tools.
og:title: Set up the Azure DevOps MCP server
og:description: Connect Azure DevOps to C1 with a personal access token or a Microsoft Entra token, then register the MCP server and govern its tools.

Check warning on line 5 in product/admin/mcp-server/azure-devops.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/azure-devops.mdx#L5

Did you really mean 'Entra'?
sidebarTitle: Azure DevOps
---

Expand Down Expand Up @@ -87,27 +87,27 @@
</Step>
</Steps>

## Option 2: Use a Microsoft Entra token

Check warning on line 90 in product/admin/mcp-server/azure-devops.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/azure-devops.mdx#L90

Did you really mean 'Entra'?

A Microsoft Entra access token authenticates every user as one shared identity. Use this when your organization standardizes on Microsoft Entra ID for access to Azure DevOps.

Check warning on line 92 in product/admin/mcp-server/azure-devops.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/azure-devops.mdx#L92

Did you really mean 'Entra'?

Check warning on line 92 in product/admin/mcp-server/azure-devops.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/azure-devops.mdx#L92

Did you really mean 'Entra'?

### Obtain a Microsoft Entra token

Check warning on line 94 in product/admin/mcp-server/azure-devops.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/azure-devops.mdx#L94

Did you really mean 'Entra'?

<Steps>
<Step>
[Register an application in Microsoft Entra ID](https://learn.microsoft.com/en-us/entra/identity-platform/quickstart-register-app), or use an existing one.

Check warning on line 98 in product/admin/mcp-server/azure-devops.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/azure-devops.mdx#L98

Did you really mean 'Entra'?
</Step>
<Step>
Grant the application access to the Azure DevOps resource (`499b84ac-1321-427f-aa17-267ca6975798`) and obtain an access token issued for that resource.
</Step>
<Step>
Copy the access token. Treat it as a high-value credential. Microsoft Entra access tokens are short-lived.

Check warning on line 104 in product/admin/mcp-server/azure-devops.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/azure-devops.mdx#L104

Did you really mean 'Entra'?
</Step>
</Steps>

### Register the server with a Microsoft Entra token

Check warning on line 108 in product/admin/mcp-server/azure-devops.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/azure-devops.mdx#L108

Did you really mean 'Entra'?

With your Microsoft Entra access token ready, register the server and provide your credentials.

Check warning on line 110 in product/admin/mcp-server/azure-devops.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/azure-devops.mdx#L110

Did you really mean 'Entra'?

<Steps>
<Step>
Expand All @@ -117,7 +117,7 @@
Enter your **organization** slug when prompted.
</Step>
<Step>
When you [configure authentication](/product/admin/mcp-servers#configure-authentication), choose **Bearer token** and paste your Microsoft Entra access token.

Check warning on line 120 in product/admin/mcp-server/azure-devops.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/azure-devops.mdx#L120

Did you really mean 'Entra'?
</Step>
<Step>
Save your changes. C1 starts a sync that discovers the tools the Azure DevOps server exposes.
Expand All @@ -134,9 +134,9 @@

After you register the server, C1 runs tool discovery against Azure DevOps. Discovered tools appear on the server's **Tools** tab.

Each tool starts as either **Pending review** or automatically **Approved**, depending on the option chosen when the server was set up or your tenant's default tool settings in **Settings** > **AI Connections**. See [Require tool approval](/product/admin/enable-ai-access-management#require-tool-approval) and [Default tool classification](/product/admin/enable-ai-access-management#default-tool-classification).
Each tool starts as either **Pending review** or automatically **Approved**, depending on the option chosen when the server was set up or your tenant's default tool settings in **AI** > **MCP** > **Settings**. See [Require tool approval](/product/admin/enable-ai-access-management#require-tool-approval) and [Default tool classification](/product/admin/enable-ai-access-management#default-tool-classification).

Before anyone can call an Azure DevOps tool, it must be approved, added to a toolset, and bound to an access profile. Continue to [Govern tools and toolsets](/product/admin/tools-and-toolsets) to set this up.

Check warning on line 139 in product/admin/mcp-server/azure-devops.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/azure-devops.mdx#L139

Did you really mean 'toolset'?

<Note>
Tool discovery runs even if your credentials are incorrect, so seeing discovered tools doesn't confirm that authentication is working. You confirm your Azure DevOps credentials when an approved user successfully calls an Azure DevOps tool from their AI client.
Expand All @@ -145,5 +145,5 @@
## Manage your Azure DevOps credentials

- **Rotate a personal access token** by creating a new token in Azure DevOps under **User settings** > **Personal access tokens** and updating it in C1, then revoking the old token. Set an expiration so it rotates on a schedule.
- **Refresh a Microsoft Entra token** before it expires by obtaining a new access token for the Azure DevOps resource and updating it in C1.

Check warning on line 148 in product/admin/mcp-server/azure-devops.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/azure-devops.mdx#L148

Did you really mean 'Entra'?
- **Adjust access** by editing the token's scopes in Azure DevOps or the application's permissions in Microsoft Entra ID.

Check warning on line 149 in product/admin/mcp-server/azure-devops.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/azure-devops.mdx#L149

Did you really mean 'Entra'?
2 changes: 1 addition & 1 deletion product/admin/mcp-server/bitbucket.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@
{/* Editor Refresh: 2026-06-11 */}

<Note>
**Activation required.** AI access management must be enabled for your tenant before you can use it. To get started, [contact the C1 support team](mailto:support@c1.ai) for a walkthrough.

Check warning on line 12 in product/admin/mcp-server/bitbucket.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/bitbucket.mdx#L12

Did you really mean 'walkthrough'?
</Note>

The Bitbucket MCP server lets you govern access to Bitbucket Cloud — repositories, pull requests, issues, pipelines, projects, and workspace data — as tools your AI clients can call through C1.
Expand Down Expand Up @@ -124,11 +124,11 @@

### Create an API token

Create an API token in your Atlassian account so C1 can authenticate to the Bitbucket API.

Check warning on line 127 in product/admin/mcp-server/bitbucket.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/bitbucket.mdx#L127

Did you really mean 'Atlassian'?

<Steps>
<Step>
In your Atlassian account settings, create an **API token** scoped for Bitbucket access. For details, see Bitbucket's [API tokens](https://support.atlassian.com/bitbucket-cloud/docs/api-tokens/) documentation.

Check warning on line 131 in product/admin/mcp-server/bitbucket.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/bitbucket.mdx#L131

Did you really mean 'Atlassian'?
</Step>
<Step>
Copy the generated token. Treat it as a high-value credential.
Expand Down Expand Up @@ -166,9 +166,9 @@

After you register the server, C1 runs tool discovery against Bitbucket. Discovered tools appear on the server's **Tools** tab.

Each tool starts as either **Pending review** or automatically **Approved**, depending on the option chosen when the server was set up or your tenant's default tool settings in **Settings** > **AI Connections**. See [Require tool approval](/product/admin/enable-ai-access-management#require-tool-approval) and [Default tool classification](/product/admin/enable-ai-access-management#default-tool-classification).
Each tool starts as either **Pending review** or automatically **Approved**, depending on the option chosen when the server was set up or your tenant's default tool settings in **AI** > **MCP** > **Settings**. See [Require tool approval](/product/admin/enable-ai-access-management#require-tool-approval) and [Default tool classification](/product/admin/enable-ai-access-management#default-tool-classification).

Before anyone can call a Bitbucket tool, it must be approved, added to a toolset, and bound to an access profile. Continue to [Govern tools and toolsets](/product/admin/tools-and-toolsets) to set this up.

Check warning on line 171 in product/admin/mcp-server/bitbucket.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/bitbucket.mdx#L171

Did you really mean 'toolset'?

<Note>
Tool discovery runs even if your credentials are incorrect, so seeing discovered tools doesn't confirm that authentication is working. You confirm your Bitbucket credentials when an approved user successfully calls a Bitbucket tool from their AI client.
Expand Down
2 changes: 1 addition & 1 deletion product/admin/mcp-server/box.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@
{/* Editor Refresh: 2026-06-11 */}

<Note>
**Activation required.** AI access management must be enabled for your tenant before you can use it. To get started, [contact the C1 support team](mailto:support@c1.ai) for a walkthrough.

Check warning on line 12 in product/admin/mcp-server/box.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/box.mdx#L12

Did you really mean 'walkthrough'?
</Note>

The Box MCP server lets you govern access to Box — files, folders, users, groups, and other content data — as tools your AI clients can call through C1.
Expand Down Expand Up @@ -100,9 +100,9 @@

After you register the server, C1 runs tool discovery against Box. Discovered tools appear on the server's **Tools** tab.

Each tool starts as either **Pending review** or automatically **Approved**, depending on the option chosen when the server was set up or your tenant's default tool settings in **Settings** > **AI Connections**. See [Require tool approval](/product/admin/enable-ai-access-management#require-tool-approval) and [Default tool classification](/product/admin/enable-ai-access-management#default-tool-classification).
Each tool starts as either **Pending review** or automatically **Approved**, depending on the option chosen when the server was set up or your tenant's default tool settings in **AI** > **MCP** > **Settings**. See [Require tool approval](/product/admin/enable-ai-access-management#require-tool-approval) and [Default tool classification](/product/admin/enable-ai-access-management#default-tool-classification).

Before anyone can call a Box tool, it must be approved, added to a toolset, and bound to an access profile. Continue to [Govern tools and toolsets](/product/admin/tools-and-toolsets) to set this up.

Check warning on line 105 in product/admin/mcp-server/box.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/box.mdx#L105

Did you really mean 'toolset'?

<Note>
Tool discovery runs even if your credentials are incorrect, so seeing discovered tools doesn't confirm that authentication is working. You confirm your Box credentials when an approved user successfully calls a Box tool from their AI client.
Expand Down
2 changes: 1 addition & 1 deletion product/admin/mcp-server/buildkite.mdx
Original file line number Diff line number Diff line change
@@ -1,43 +1,43 @@
---
title: Set up the Buildkite MCP server
description: Create a Buildkite API access token, then register the Buildkite MCP server in C1 and govern the tools it exposes.
og:title: Set up the Buildkite MCP server

Check warning on line 4 in product/admin/mcp-server/buildkite.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/buildkite.mdx#L4

Did you really mean 'Buildkite'?
og:description: Create a Buildkite API access token, then register the Buildkite MCP server in C1 and govern the tools it exposes.

Check warning on line 5 in product/admin/mcp-server/buildkite.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/buildkite.mdx#L5

Did you really mean 'Buildkite'?
sidebarTitle: Buildkite
---

{/* Editor Refresh: 2026-06-11 */}

<Note>
**Activation required.** AI access management must be enabled for your tenant before you can use it. To get started, [contact the C1 support team](mailto:support@c1.ai) for a walkthrough.

Check warning on line 12 in product/admin/mcp-server/buildkite.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/buildkite.mdx#L12

Did you really mean 'walkthrough'?
</Note>

The Buildkite MCP server lets you govern access to Buildkite — organizations, pipelines, builds, jobs, agents, and clusters — as tools your AI clients can call through C1.

Check warning on line 15 in product/admin/mcp-server/buildkite.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/buildkite.mdx#L15

Did you really mean 'Buildkite'?

Check warning on line 15 in product/admin/mcp-server/buildkite.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/buildkite.mdx#L15

Did you really mean 'Buildkite'?

Buildkite authenticates with an API access token. A single token authenticates everyone, so all tool calls reach Buildkite as one shared identity.

Check warning on line 17 in product/admin/mcp-server/buildkite.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/buildkite.mdx#L17

Did you really mean 'Buildkite'?

Check warning on line 17 in product/admin/mcp-server/buildkite.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/buildkite.mdx#L17

Did you really mean 'Buildkite'?

## How C1 connects to Buildkite

Check warning on line 19 in product/admin/mcp-server/buildkite.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/buildkite.mdx#L19

Did you really mean 'Buildkite'?

C1 hosts the Buildkite MCP server, so your users' AI clients only ever see MCP tools — they never call Buildkite directly. When an AI client calls one of these tools, C1 makes the matching request to the Buildkite API using the credentials you configure here, then returns the result to the AI client.

Check warning on line 21 in product/admin/mcp-server/buildkite.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/buildkite.mdx#L21

Did you really mean 'Buildkite'?

Check warning on line 21 in product/admin/mcp-server/buildkite.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/buildkite.mdx#L21

Did you really mean 'Buildkite'?

Check warning on line 21 in product/admin/mcp-server/buildkite.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/buildkite.mdx#L21

Did you really mean 'Buildkite'?

The credentials you set up below are what C1 uses to call Buildkite on your users' behalf.

Check warning on line 23 in product/admin/mcp-server/buildkite.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/buildkite.mdx#L23

Did you really mean 'Buildkite'?

## Before you begin

- AI access management must be enabled for your tenant. See [Enable AI access management](/product/admin/enable-ai-access-management).
- A Buildkite account that can create an API access token with access to the organizations you want to govern.

Check warning on line 28 in product/admin/mcp-server/buildkite.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/buildkite.mdx#L28

Did you really mean 'Buildkite'?

<Note>
If you don't see **Buildkite** in your MCP server catalog, [contact the C1 support team](mailto:support@c1.ai) to enable it for your tenant.
</Note>

## Create a Buildkite API access token

Check warning on line 34 in product/admin/mcp-server/buildkite.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/buildkite.mdx#L34

Did you really mean 'Buildkite'?

Create an API access token in Buildkite so C1 can authenticate to the Buildkite API.

Check warning on line 36 in product/admin/mcp-server/buildkite.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/buildkite.mdx#L36

Did you really mean 'Buildkite'?

Check warning on line 36 in product/admin/mcp-server/buildkite.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/buildkite.mdx#L36

Did you really mean 'Buildkite'?

<Steps>
<Step>
Sign in to Buildkite and open **Personal Settings** > **API Access Tokens**. For details, see Buildkite's [Managing API access tokens](https://buildkite.com/docs/apis/managing-api-tokens) documentation.

Check warning on line 40 in product/admin/mcp-server/buildkite.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/buildkite.mdx#L40

Did you really mean 'Buildkite'?

Check warning on line 40 in product/admin/mcp-server/buildkite.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/buildkite.mdx#L40

Did you really mean 'Buildkite's'?
</Step>
<Step>
Select **New API Access Token**.
Expand All @@ -49,19 +49,19 @@
Select the **REST API scopes** the token needs for the operations you plan to govern, such as reading builds, pipelines, and agents.
</Step>
<Step>
Create the token and copy it. Buildkite shows the token only once.

Check warning on line 52 in product/admin/mcp-server/buildkite.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/buildkite.mdx#L52

Did you really mean 'Buildkite'?
</Step>
</Steps>

For a shared production setup, create the token from a dedicated service account so activity is attributable to C1 rather than a person.

## How Buildkite credentials are shared

Check warning on line 58 in product/admin/mcp-server/buildkite.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/buildkite.mdx#L58

Did you really mean 'Buildkite'?

Every user's tool calls use the one API access token you provided, so Buildkite sees a single shared identity. C1 still attributes each call to the individual user in the [AI tool usage audit log](/product/admin/audit-ai-tool-usage). For a shared setup, use a dedicated service account so activity is attributable to C1 rather than a person.

Check warning on line 60 in product/admin/mcp-server/buildkite.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/buildkite.mdx#L60

Did you really mean 'Buildkite'?

For how shared and per-user credentials work across MCP servers, see [Configure authentication](/product/admin/mcp-servers#configure-authentication).

## Register the Buildkite MCP server in C1

Check warning on line 64 in product/admin/mcp-server/buildkite.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/buildkite.mdx#L64

Did you really mean 'Buildkite'?

With your API access token ready, register the server and provide your credentials.

Expand All @@ -73,23 +73,23 @@
When you [configure authentication](/product/admin/mcp-servers#configure-authentication), choose **Bearer token** and paste your API access token.
</Step>
<Step>
Save your changes. C1 starts a sync that discovers the tools the Buildkite server exposes.

Check warning on line 76 in product/admin/mcp-server/buildkite.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/buildkite.mdx#L76

Did you really mean 'Buildkite'?
</Step>
</Steps>

## Discover and govern tools

After you register the server, C1 runs tool discovery against Buildkite. Discovered tools appear on the server's **Tools** tab.

Check warning on line 82 in product/admin/mcp-server/buildkite.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/buildkite.mdx#L82

Did you really mean 'Buildkite'?

Each tool starts as either **Pending review** or automatically **Approved**, depending on the option chosen when the server was set up or your tenant's default tool settings in **Settings** > **AI Connections**. See [Require tool approval](/product/admin/enable-ai-access-management#require-tool-approval) and [Default tool classification](/product/admin/enable-ai-access-management#default-tool-classification).
Each tool starts as either **Pending review** or automatically **Approved**, depending on the option chosen when the server was set up or your tenant's default tool settings in **AI** > **MCP** > **Settings**. See [Require tool approval](/product/admin/enable-ai-access-management#require-tool-approval) and [Default tool classification](/product/admin/enable-ai-access-management#default-tool-classification).

Before anyone can call a Buildkite tool, it must be approved, added to a toolset, and bound to an access profile. Continue to [Govern tools and toolsets](/product/admin/tools-and-toolsets) to set this up.

Check warning on line 86 in product/admin/mcp-server/buildkite.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/buildkite.mdx#L86

Did you really mean 'Buildkite'?

Check warning on line 86 in product/admin/mcp-server/buildkite.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/buildkite.mdx#L86

Did you really mean 'toolset'?

<Note>
Tool discovery runs even if your credentials are incorrect, so seeing discovered tools doesn't confirm that authentication is working. You confirm your Buildkite credentials when an approved user successfully calls a Buildkite tool from their AI client.

Check warning on line 89 in product/admin/mcp-server/buildkite.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/buildkite.mdx#L89

Did you really mean 'Buildkite'?

Check warning on line 89 in product/admin/mcp-server/buildkite.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/buildkite.mdx#L89

Did you really mean 'Buildkite'?
</Note>

## Manage your Buildkite credentials

Check warning on line 92 in product/admin/mcp-server/buildkite.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/buildkite.mdx#L92

Did you really mean 'Buildkite'?

- **Rotate the API access token** by creating a new token on your Buildkite **API access tokens** page and updating it in C1, then revoking the old token.

Check warning on line 94 in product/admin/mcp-server/buildkite.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/buildkite.mdx#L94

Did you really mean 'Buildkite'?
- **Adjust access** by editing the token's organizations and REST API scopes in Buildkite.

Check warning on line 95 in product/admin/mcp-server/buildkite.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/buildkite.mdx#L95

Did you really mean 'Buildkite'?
2 changes: 1 addition & 1 deletion product/admin/mcp-server/confluence.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -9,12 +9,12 @@
{/* Editor Refresh: 2026-06-11 */}

<Note>
**Activation required.** AI access management must be enabled for your tenant before you can use it. To get started, [contact the C1 support team](mailto:support@c1.ai) for a walkthrough.

Check warning on line 12 in product/admin/mcp-server/confluence.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/confluence.mdx#L12

Did you really mean 'walkthrough'?
</Note>

The Confluence MCP server lets you govern access to Confluence Cloud — pages, blog posts, spaces, comments, attachments, whiteboards, groups, and users — as tools your AI clients can call through C1.

Confluence uses per-user OAuth, which is recommended: each person authorizes with their own Atlassian account, so every tool call runs under that user's identity and permissions.

Check warning on line 17 in product/admin/mcp-server/confluence.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/confluence.mdx#L17

Did you really mean 'Atlassian'?

## How C1 connects to Confluence

Expand All @@ -25,19 +25,19 @@
## Before you begin

- AI access management must be enabled for your tenant. See [Enable AI access management](/product/admin/enable-ai-access-management).
- An Atlassian account that can create an OAuth 2.0 integration. See Atlassian's [OAuth 2.0 (3LO) apps guide](https://developer.atlassian.com/cloud/confluence/oauth-2-3lo-apps/).

Check warning on line 28 in product/admin/mcp-server/confluence.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/confluence.mdx#L28

Did you really mean 'Atlassian'?

Check warning on line 28 in product/admin/mcp-server/confluence.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/confluence.mdx#L28

Did you really mean 'Atlassian's'?

<Note>
If you don't see **Confluence** in your MCP server catalog, [contact the C1 support team](mailto:support@c1.ai) to enable it for your tenant.
</Note>

## Create an Atlassian OAuth 2.0 integration

Check warning on line 34 in product/admin/mcp-server/confluence.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/confluence.mdx#L34

Did you really mean 'Atlassian'?

With per-user OAuth, you register one Atlassian OAuth 2.0 (3LO) integration and each user authorizes individually. This keeps every action attributable to the user who took it, with only the access that user already has in Confluence.

Check warning on line 36 in product/admin/mcp-server/confluence.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/confluence.mdx#L36

Did you really mean 'Atlassian'?

<Steps>
<Step>
Sign in to the Atlassian Developer Console with your Atlassian account. For the full walkthrough, see Atlassian's [OAuth 2.0 (3LO) apps guide](https://developer.atlassian.com/cloud/confluence/oauth-2-3lo-apps/).

Check warning on line 40 in product/admin/mcp-server/confluence.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/confluence.mdx#L40

Did you really mean 'Atlassian'?

Check warning on line 40 in product/admin/mcp-server/confluence.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/confluence.mdx#L40

Did you really mean 'Atlassian'?

Check warning on line 40 in product/admin/mcp-server/confluence.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/confluence.mdx#L40

Did you really mean 'walkthrough'?

Check warning on line 40 in product/admin/mcp-server/confluence.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/confluence.mdx#L40

Did you really mean 'Atlassian's'?
</Step>
<Step>
Select **Create** > **OAuth 2.0 integration**, enter a recognizable name such as `C1`, then select **Create**.
Expand All @@ -61,7 +61,7 @@

## How Confluence credentials are shared

With per-user OAuth, each user authorizes with their own Atlassian account, so tool calls run under that user's Confluence identity and inherit only the access they already have. Atlassian attributes each action to the individual user.

Check warning on line 64 in product/admin/mcp-server/confluence.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/confluence.mdx#L64

Did you really mean 'Atlassian'?

Check warning on line 64 in product/admin/mcp-server/confluence.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/confluence.mdx#L64

Did you really mean 'Atlassian'?

For how shared and per-user credentials work across MCP servers, see [Configure authentication](/product/admin/mcp-servers#configure-authentication).

Expand All @@ -77,7 +77,7 @@
When you [configure authentication](/product/admin/mcp-servers#configure-authentication), choose per-user OAuth and enter your integration's **client ID** and **client secret**.
</Step>
<Step>
Save your changes. The first time a user calls a Confluence tool from their AI client, they're prompted to connect their Atlassian account.

Check warning on line 80 in product/admin/mcp-server/confluence.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/confluence.mdx#L80

Did you really mean 'Atlassian'?
</Step>
</Steps>

Expand All @@ -85,9 +85,9 @@

After you register the server, C1 runs tool discovery against Confluence. Discovered tools appear on the server's **Tools** tab.

Each tool starts as either **Pending review** or automatically **Approved**, depending on the option chosen when the server was set up or your tenant's default tool settings in **Settings** > **AI Connections**. See [Require tool approval](/product/admin/enable-ai-access-management#require-tool-approval) and [Default tool classification](/product/admin/enable-ai-access-management#default-tool-classification).
Each tool starts as either **Pending review** or automatically **Approved**, depending on the option chosen when the server was set up or your tenant's default tool settings in **AI** > **MCP** > **Settings**. See [Require tool approval](/product/admin/enable-ai-access-management#require-tool-approval) and [Default tool classification](/product/admin/enable-ai-access-management#default-tool-classification).

Before anyone can call a Confluence tool, it must be approved, added to a toolset, and bound to an access profile. Continue to [Govern tools and toolsets](/product/admin/tools-and-toolsets) to set this up.

Check warning on line 90 in product/admin/mcp-server/confluence.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/confluence.mdx#L90

Did you really mean 'toolset'?

<Note>
Tool discovery runs even if your credentials are incorrect, so seeing discovered tools doesn't confirm that authentication is working. You confirm your Confluence credentials when an approved user successfully calls a Confluence tool from their AI client.
Expand All @@ -95,5 +95,5 @@

## Manage your Confluence credentials

- **Rotate the OAuth client secret** in the Atlassian Developer Console under your integration's **Settings** tab, then update the secret on the server's authentication settings in C1.

Check warning on line 98 in product/admin/mcp-server/confluence.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/confluence.mdx#L98

Did you really mean 'Atlassian'?
- **Adjust access** by editing the integration's Confluence scopes on the **Permissions** tab in the Atlassian Developer Console.

Check warning on line 99 in product/admin/mcp-server/confluence.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/confluence.mdx#L99

Did you really mean 'Atlassian'?
2 changes: 1 addition & 1 deletion product/admin/mcp-server/crowdstrike.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -85,9 +85,9 @@

After you register the server, C1 runs tool discovery against CrowdStrike. Discovered tools appear on the server's **Tools** tab.

Each tool starts as either **Pending review** or automatically **Approved**, depending on the option chosen when the server was set up or your tenant's default tool settings in **Settings** > **AI Connections**. See [Require tool approval](/product/admin/enable-ai-access-management#require-tool-approval) and [Default tool classification](/product/admin/enable-ai-access-management#default-tool-classification).
Each tool starts as either **Pending review** or automatically **Approved**, depending on the option chosen when the server was set up or your tenant's default tool settings in **AI** > **MCP** > **Settings**. See [Require tool approval](/product/admin/enable-ai-access-management#require-tool-approval) and [Default tool classification](/product/admin/enable-ai-access-management#default-tool-classification).

Before anyone can call a CrowdStrike tool, it must be approved, added to a toolset, and bound to an access profile. Continue to [Govern tools and toolsets](/product/admin/tools-and-toolsets) to set this up.

Check warning on line 90 in product/admin/mcp-server/crowdstrike.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/crowdstrike.mdx#L90

Did you really mean 'toolset'?

<Note>
Tool discovery runs even if your credentials are incorrect, so seeing discovered tools doesn't confirm that authentication is working. You confirm your CrowdStrike credentials when an approved user successfully calls a CrowdStrike tool from their AI client.
Expand Down
2 changes: 1 addition & 1 deletion product/admin/mcp-server/datadog.mdx
Original file line number Diff line number Diff line change
@@ -1,41 +1,41 @@
---
title: Set up the Datadog MCP server
description: Create your Datadog API and application keys, then register the Datadog MCP server with C1 and configure authentication.
og:title: Set up the Datadog MCP server

Check warning on line 4 in product/admin/mcp-server/datadog.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/datadog.mdx#L4

Did you really mean 'Datadog'?
og:description: Create your Datadog API and application keys, then register the Datadog MCP server with C1 and configure authentication.

Check warning on line 5 in product/admin/mcp-server/datadog.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/datadog.mdx#L5

Did you really mean 'Datadog'?
sidebarTitle: Datadog
---

{/* Editor Refresh: 2026-06-11 */}

<Note>
**Activation required.** AI access management must be enabled for your tenant before you can use it. To get started, [contact the C1 support team](mailto:support@c1.ai) for a walkthrough.

Check warning on line 12 in product/admin/mcp-server/datadog.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/datadog.mdx#L12

Did you really mean 'walkthrough'?
</Note>

The Datadog MCP server lets you govern access to the Datadog observability platform — metrics, monitors, dashboards, logs, security signals, incidents, and more — as tools your AI clients can call through C1.

Check warning on line 15 in product/admin/mcp-server/datadog.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/datadog.mdx#L15

Did you really mean 'Datadog'?

Check warning on line 15 in product/admin/mcp-server/datadog.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/datadog.mdx#L15

Did you really mean 'Datadog'?

Datadog authenticates with two credentials that work together:

Check warning on line 17 in product/admin/mcp-server/datadog.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/datadog.mdx#L17

Did you really mean 'Datadog'?

- An **API key** identifies your organization to Datadog.

Check warning on line 19 in product/admin/mcp-server/datadog.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/datadog.mdx#L19

Did you really mean 'Datadog'?
- An **application key** authorizes a user or role to read and write data.

Most Datadog endpoints need both, so you'll create each one in Datadog and then provide them to C1 when you register the server.

Check warning on line 22 in product/admin/mcp-server/datadog.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/datadog.mdx#L22

Did you really mean 'Datadog'?

Check warning on line 22 in product/admin/mcp-server/datadog.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/datadog.mdx#L22

Did you really mean 'Datadog'?

## How C1 connects to Datadog

Check warning on line 24 in product/admin/mcp-server/datadog.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/datadog.mdx#L24

Did you really mean 'Datadog'?

C1 hosts the Datadog MCP server, so your users' AI clients only ever see MCP tools — they never call Datadog directly. When an AI client calls one of these tools, C1 makes the matching request to the Datadog REST API using the credentials you configure here, then returns the result to the AI client.

Check warning on line 26 in product/admin/mcp-server/datadog.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/datadog.mdx#L26

Did you really mean 'Datadog'?

Check warning on line 26 in product/admin/mcp-server/datadog.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/datadog.mdx#L26

Did you really mean 'Datadog'?

Check warning on line 26 in product/admin/mcp-server/datadog.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/datadog.mdx#L26

Did you really mean 'Datadog'?

The credentials you set up below are what C1 uses to call Datadog on your users' behalf.

Check warning on line 28 in product/admin/mcp-server/datadog.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/datadog.mdx#L28

Did you really mean 'Datadog'?

## Before you begin

- AI access management must be enabled for your tenant. See [Enable AI access management](/product/admin/enable-ai-access-management).
- You need a Datadog user with permission to manage keys, typically the **Datadog Admin** role.

Check warning on line 33 in product/admin/mcp-server/datadog.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/datadog.mdx#L33

Did you really mean 'Datadog'?

Check warning on line 33 in product/admin/mcp-server/datadog.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/datadog.mdx#L33

Did you really mean 'Datadog'?
- Know which Datadog site your organization uses. See [Find your Datadog site](#find-your-datadog-site).

Check warning on line 34 in product/admin/mcp-server/datadog.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/datadog.mdx#L34

Did you really mean 'Datadog'?

## Find your Datadog site

Check warning on line 36 in product/admin/mcp-server/datadog.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/datadog.mdx#L36

Did you really mean 'Datadog'?

Datadog hosts each organization on a regional site with its own API host. You'll select this site when you register the server in C1. To find yours, match the host in your browser's address bar while you're signed in to Datadog.

Check warning on line 38 in product/admin/mcp-server/datadog.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/datadog.mdx#L38

Did you really mean 'Datadog'?

Check warning on line 38 in product/admin/mcp-server/datadog.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/datadog.mdx#L38

Did you really mean 'Datadog'?

| Site | Web host | API host |
| :--- | :--- | :--- |
Expand All @@ -48,15 +48,15 @@
| US1-FED | `app.ddog-gov.com` | `api.ddog-gov.com` |
| US2-FED | `us2.ddog-gov.com` | `api.us2.ddog-gov.com` |

For more detail, see Datadog's [Getting Started with Datadog sites](https://docs.datadoghq.com/getting_started/site/).

Check warning on line 51 in product/admin/mcp-server/datadog.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/datadog.mdx#L51

Did you really mean 'Datadog's'?

## Create a Datadog API key

Check warning on line 53 in product/admin/mcp-server/datadog.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/datadog.mdx#L53

Did you really mean 'Datadog'?

Create an API key in your Datadog organization to identify it to C1.

Check warning on line 55 in product/admin/mcp-server/datadog.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/datadog.mdx#L55

Did you really mean 'Datadog'?

<Steps>
<Step>
Sign in to Datadog as a user who can manage API keys.

Check warning on line 59 in product/admin/mcp-server/datadog.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/datadog.mdx#L59

Did you really mean 'Datadog'?
</Step>
<Step>
Go to **Organization Settings** > **API Keys**.
Expand All @@ -71,9 +71,9 @@

API keys are organization-level. They don't expire by default and aren't tied to a specific user.

## Create a Datadog application key

Check warning on line 74 in product/admin/mcp-server/datadog.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/datadog.mdx#L74

Did you really mean 'Datadog'?

Create an application key to authorize C1 to call the Datadog API.

Check warning on line 76 in product/admin/mcp-server/datadog.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/datadog.mdx#L76

Did you really mean 'Datadog'?

<Steps>
<Step>
Expand All @@ -83,26 +83,26 @@
Select **New Key** and give it a recognizable name such as `C1`.
</Step>
<Step>
**Optional.** Under **Authorization Scopes**, select **Limit Authorization Scopes** and grant only the scopes your tools need. The right scopes depend on which Datadog tools you plan to expose — read-only tools need scopes like `dashboards_read` and `monitors_read`, while tools that take action (such as creating monitors or updating incidents) need the corresponding write scopes. For a full list of available scopes, see Datadog's [API and application keys](https://docs.datadoghq.com/account_management/api-app-keys/) reference. If you don't limit scopes, the application key inherits all of the creating user's permissions.

Check warning on line 86 in product/admin/mcp-server/datadog.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/datadog.mdx#L86

Did you really mean 'Datadog'?

Check warning on line 86 in product/admin/mcp-server/datadog.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/datadog.mdx#L86

Did you really mean 'Datadog's'?
</Step>
<Step>
Select **Create Application Key** and copy the key.
</Step>
</Steps>

Application keys are tied to the user who creates them. They inherit that user's permissions and are revoked if the user is deactivated. For a durable setup, create the application key from a dedicated service-account user — a Datadog user object not tied to a specific person that won't be deactivated when employees leave. Create the service account in Datadog first, then repeat these steps while signed in as that account.

Check warning on line 93 in product/admin/mcp-server/datadog.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/datadog.mdx#L93

Did you really mean 'Datadog'?

Check warning on line 93 in product/admin/mcp-server/datadog.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/datadog.mdx#L93

Did you really mean 'Datadog'?

For more detail on both key types, see Datadog's [API and application keys](https://docs.datadoghq.com/account_management/api-app-keys/) reference.

Check warning on line 95 in product/admin/mcp-server/datadog.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/datadog.mdx#L95

Did you really mean 'Datadog's'?

## How Datadog credentials are shared

Check warning on line 97 in product/admin/mcp-server/datadog.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/datadog.mdx#L97

Did you really mean 'Datadog'?

The Datadog MCP server uses a single shared credential. The API key and application key you provide are used for every user's tool calls, so Datadog sees all activity as one identity — the user or service account that owns the application key. C1 still attributes each call to the individual user who made it in the [AI tool usage audit log](/product/admin/audit-ai-tool-usage).

Check warning on line 99 in product/admin/mcp-server/datadog.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/datadog.mdx#L99

Did you really mean 'Datadog'?

Check warning on line 99 in product/admin/mcp-server/datadog.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/datadog.mdx#L99

Did you really mean 'Datadog'?

To keep that shared identity attributable to C1 rather than a person, create the application key from a dedicated service-account user, as described in [Create a Datadog application key](#create-a-datadog-application-key).

For how shared and per-user credentials work across MCP servers, see [Configure authentication](/product/admin/mcp-servers#configure-authentication).

## Register the Datadog MCP server in C1

Check warning on line 105 in product/admin/mcp-server/datadog.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/datadog.mdx#L105

Did you really mean 'Datadog'?

With both keys ready, register the server and provide your credentials.

Expand All @@ -111,33 +111,33 @@
Follow [Register an MCP server](/product/admin/mcp-servers#register-an-mcp-server) and select **Datadog** from the catalog.
</Step>
<Step>
When you [configure authentication](/product/admin/mcp-servers#configure-authentication), provide the credentials Datadog needs:

Check warning on line 114 in product/admin/mcp-server/datadog.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/datadog.mdx#L114

Did you really mean 'Datadog'?

- Your Datadog **site** from [Find your Datadog site](#find-your-datadog-site)

Check warning on line 116 in product/admin/mcp-server/datadog.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/datadog.mdx#L116

Did you really mean 'Datadog'?
- Your **API key**
- Your **application key**
</Step>
<Step>
Save your changes. C1 starts a sync that discovers the tools the Datadog server exposes.

Check warning on line 121 in product/admin/mcp-server/datadog.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/datadog.mdx#L121

Did you really mean 'Datadog'?
</Step>
</Steps>

## Discover and govern tools

After you register the server, C1 runs tool discovery against Datadog. Discovered tools appear on the server's **Tools** tab.

Check warning on line 127 in product/admin/mcp-server/datadog.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/datadog.mdx#L127

Did you really mean 'Datadog'?

Each tool starts as either **Pending review** or automatically **Approved**, depending on the option chosen when the server was set up or your tenant's default tool settings in **Settings** > **AI Connections**. See [Require tool approval](/product/admin/enable-ai-access-management#require-tool-approval) and [Default tool classification](/product/admin/enable-ai-access-management#default-tool-classification) for details.
Each tool starts as either **Pending review** or automatically **Approved**, depending on the option chosen when the server was set up or your tenant's default tool settings in **AI** > **MCP** > **Settings**. See [Require tool approval](/product/admin/enable-ai-access-management#require-tool-approval) and [Default tool classification](/product/admin/enable-ai-access-management#default-tool-classification) for details.

Before anyone can call a Datadog tool, it must be approved, added to a toolset, and bound to an access profile. Continue to [Govern tools and toolsets](/product/admin/tools-and-toolsets) to complete this setup.

Check warning on line 131 in product/admin/mcp-server/datadog.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/datadog.mdx#L131

Did you really mean 'Datadog'?

Check warning on line 131 in product/admin/mcp-server/datadog.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/datadog.mdx#L131

Did you really mean 'toolset'?

<Note>
Tool discovery runs even if your credentials are incorrect, so seeing discovered tools doesn't confirm that authentication is working. You confirm your Datadog credentials when an approved user successfully calls a Datadog tool from their AI client.

Check warning on line 134 in product/admin/mcp-server/datadog.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/datadog.mdx#L134

Did you really mean 'Datadog'?

Check warning on line 134 in product/admin/mcp-server/datadog.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/datadog.mdx#L134

Did you really mean 'Datadog'?
</Note>

## Manage your Datadog credentials

Check warning on line 137 in product/admin/mcp-server/datadog.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/datadog.mdx#L137

Did you really mean 'Datadog'?

You can rotate either key or adjust the application key's scopes at any time without re-registering the server.

- **Rotate the API key** in **Organization Settings** > **API Keys** in Datadog, then update the credential on the server's authentication settings in C1.

Check warning on line 141 in product/admin/mcp-server/datadog.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/datadog.mdx#L141

Did you really mean 'Datadog'?
- **Rotate the application key** the same way under **Application Keys**. If you used a service-account user, keep that account active so the key stays valid.
- **Adjust scopes** at any time by editing the application key's authorization scopes in Datadog.

Check warning on line 143 in product/admin/mcp-server/datadog.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/datadog.mdx#L143

Did you really mean 'Datadog'?
2 changes: 1 addition & 1 deletion product/admin/mcp-server/freshdesk.mdx
Original file line number Diff line number Diff line change
@@ -1,58 +1,58 @@
---
title: Set up the Freshdesk MCP server
description: Create Freshdesk basic auth credentials and register the Freshdesk MCP server in C1 so AI clients can call governed Freshdesk tools.
og:title: Set up the Freshdesk MCP server

Check warning on line 4 in product/admin/mcp-server/freshdesk.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/freshdesk.mdx#L4

Did you really mean 'Freshdesk'?
og:description: Create Freshdesk basic auth credentials and register the Freshdesk MCP server in C1 so AI clients can call governed Freshdesk tools.

Check warning on line 5 in product/admin/mcp-server/freshdesk.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/freshdesk.mdx#L5

Did you really mean 'Freshdesk'?
sidebarTitle: Freshdesk
---

{/* Editor Refresh: 2026-06-11 */}

<Note>
**Activation required.** AI access management must be enabled for your tenant before you can use it. To get started, [contact the C1 support team](mailto:support@c1.ai) for a walkthrough.

Check warning on line 12 in product/admin/mcp-server/freshdesk.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/freshdesk.mdx#L12

Did you really mean 'walkthrough'?
</Note>

The Freshdesk MCP server lets you govern access to Freshdesk — tickets, contacts, companies, and other support data — as tools your AI clients can call through C1.

Check warning on line 15 in product/admin/mcp-server/freshdesk.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/freshdesk.mdx#L15

Did you really mean 'Freshdesk'?

Check warning on line 15 in product/admin/mcp-server/freshdesk.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/freshdesk.mdx#L15

Did you really mean 'Freshdesk'?

Freshdesk authenticates with basic auth, using a Freshdesk API key as the username. A single credential authenticates everyone, so all tool calls reach Freshdesk as one shared identity. Create the API key from a dedicated service-account agent so activity is attributable to C1 rather than a person.

Check warning on line 17 in product/admin/mcp-server/freshdesk.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/freshdesk.mdx#L17

Did you really mean 'Freshdesk'?

Check warning on line 17 in product/admin/mcp-server/freshdesk.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/freshdesk.mdx#L17

Did you really mean 'Freshdesk'?

Check warning on line 17 in product/admin/mcp-server/freshdesk.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/freshdesk.mdx#L17

Did you really mean 'Freshdesk'?

## How C1 connects to Freshdesk

Check warning on line 19 in product/admin/mcp-server/freshdesk.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/freshdesk.mdx#L19

Did you really mean 'Freshdesk'?

C1 hosts the Freshdesk MCP server, so your users' AI clients only ever see MCP tools — they never call Freshdesk directly. When an AI client calls one of these tools, C1 makes the matching request to the Freshdesk API using the credentials you configure here, then returns the result to the AI client.

Check warning on line 21 in product/admin/mcp-server/freshdesk.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/freshdesk.mdx#L21

Did you really mean 'Freshdesk'?

Check warning on line 21 in product/admin/mcp-server/freshdesk.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/freshdesk.mdx#L21

Did you really mean 'Freshdesk'?

Check warning on line 21 in product/admin/mcp-server/freshdesk.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/freshdesk.mdx#L21

Did you really mean 'Freshdesk'?

The credentials you set up below are what C1 uses to call Freshdesk on your users' behalf.

Check warning on line 23 in product/admin/mcp-server/freshdesk.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/freshdesk.mdx#L23

Did you really mean 'Freshdesk'?

## Before you begin

- AI access management must be enabled for your tenant. See [Enable AI access management](/product/admin/enable-ai-access-management).
- A Freshdesk agent account with the API access and role needed for the tools you plan to govern.

Check warning on line 28 in product/admin/mcp-server/freshdesk.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/freshdesk.mdx#L28

Did you really mean 'Freshdesk'?

<Note>
If you don't see **Freshdesk** in your MCP server catalog, [contact the C1 support team](mailto:support@c1.ai) to enable it for your tenant.
</Note>

## Find your Freshdesk API key

Check warning on line 34 in product/admin/mcp-server/freshdesk.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/freshdesk.mdx#L34

Did you really mean 'Freshdesk'?

Copy the API key from your Freshdesk agent profile so C1 can authenticate as that agent.

Check warning on line 36 in product/admin/mcp-server/freshdesk.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/freshdesk.mdx#L36

Did you really mean 'Freshdesk'?

<Steps>
<Step>
Sign in to Freshdesk as the agent whose access the credential should carry.

Check warning on line 40 in product/admin/mcp-server/freshdesk.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/freshdesk.mdx#L40

Did you really mean 'Freshdesk'?
</Step>
<Step>
Open your profile settings and locate **Your API key**, then copy it. Treat the key like a password. See Freshdesk's [How To Find Your API Key](https://support.freshdesk.com/support/solutions/articles/215517-how-to-find-your-api-key) docs for the exact steps.

Check warning on line 43 in product/admin/mcp-server/freshdesk.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/freshdesk.mdx#L43

Did you really mean 'Freshdesk's'?
</Step>
</Steps>

Freshdesk basic auth uses your API key as the username. Freshdesk ignores the password when an API key is used, so enter any placeholder such as `X` — it just can't be empty. For more information, see Freshdesk's [API authentication](https://developers.freshdesk.com/api/#authentication) documentation.

Check warning on line 47 in product/admin/mcp-server/freshdesk.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/freshdesk.mdx#L47

Did you really mean 'Freshdesk'?

Check warning on line 47 in product/admin/mcp-server/freshdesk.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/freshdesk.mdx#L47

Did you really mean 'Freshdesk'?

Check warning on line 47 in product/admin/mcp-server/freshdesk.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/freshdesk.mdx#L47

Did you really mean 'Freshdesk's'?

## How Freshdesk credentials are shared

Check warning on line 49 in product/admin/mcp-server/freshdesk.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/freshdesk.mdx#L49

Did you really mean 'Freshdesk'?

Every user's tool calls use the one API key you provided, so Freshdesk sees a single shared identity. C1 still attributes each call to the individual user in the [AI tool usage audit log](/product/admin/audit-ai-tool-usage). For a shared production setup, create the API key from a dedicated service-account agent so activity is attributable to C1 rather than a person.

Check warning on line 51 in product/admin/mcp-server/freshdesk.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/freshdesk.mdx#L51

Did you really mean 'Freshdesk'?

For how shared and per-user credentials work across MCP servers, see [Configure authentication](/product/admin/mcp-servers#configure-authentication).

## Register the Freshdesk MCP server in C1

Check warning on line 55 in product/admin/mcp-server/freshdesk.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/freshdesk.mdx#L55

Did you really mean 'Freshdesk'?

With your API key ready, register the server and provide your credentials.

Expand All @@ -61,26 +61,26 @@
Follow [Register an MCP server](/product/admin/mcp-servers#register-an-mcp-server) and select **Freshdesk** from the catalog.
</Step>
<Step>
When you [configure authentication](/product/admin/mcp-servers#configure-authentication), choose **Basic auth**, enter your Freshdesk API key as the username, and enter any placeholder such as `X` as the password.

Check warning on line 64 in product/admin/mcp-server/freshdesk.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/freshdesk.mdx#L64

Did you really mean 'Freshdesk'?
</Step>
<Step>
Save your changes. C1 starts a sync that discovers the tools the Freshdesk server exposes.

Check warning on line 67 in product/admin/mcp-server/freshdesk.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/freshdesk.mdx#L67

Did you really mean 'Freshdesk'?
</Step>
</Steps>

## Discover and govern tools

After you register the server, C1 runs tool discovery against Freshdesk. Discovered tools appear on the server's **Tools** tab.

Check warning on line 73 in product/admin/mcp-server/freshdesk.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/freshdesk.mdx#L73

Did you really mean 'Freshdesk'?

Each tool starts as either **Pending review** or automatically **Approved**, depending on the option chosen when the server was set up or your tenant's default tool settings in **Settings** > **AI Connections**. See [Require tool approval](/product/admin/enable-ai-access-management#require-tool-approval) and [Default tool classification](/product/admin/enable-ai-access-management#default-tool-classification).
Each tool starts as either **Pending review** or automatically **Approved**, depending on the option chosen when the server was set up or your tenant's default tool settings in **AI** > **MCP** > **Settings**. See [Require tool approval](/product/admin/enable-ai-access-management#require-tool-approval) and [Default tool classification](/product/admin/enable-ai-access-management#default-tool-classification).

Before anyone can call a Freshdesk tool, it must be approved, added to a toolset, and bound to an access profile. Continue to [Govern tools and toolsets](/product/admin/tools-and-toolsets) to set this up.

Check warning on line 77 in product/admin/mcp-server/freshdesk.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/freshdesk.mdx#L77

Did you really mean 'Freshdesk'?

Check warning on line 77 in product/admin/mcp-server/freshdesk.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/freshdesk.mdx#L77

Did you really mean 'toolset'?

<Note>
Tool discovery runs even if your credentials are incorrect, so seeing discovered tools doesn't confirm that authentication is working. You confirm your Freshdesk credentials when an approved user successfully calls a Freshdesk tool from their AI client.

Check warning on line 80 in product/admin/mcp-server/freshdesk.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/freshdesk.mdx#L80

Did you really mean 'Freshdesk'?

Check warning on line 80 in product/admin/mcp-server/freshdesk.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/freshdesk.mdx#L80

Did you really mean 'Freshdesk'?
</Note>

## Manage your Freshdesk credentials

Check warning on line 83 in product/admin/mcp-server/freshdesk.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/freshdesk.mdx#L83

Did you really mean 'Freshdesk'?

- **Rotate the API key** by resetting it in Freshdesk, then update the username on the server's authentication settings in C1.

Check warning on line 85 in product/admin/mcp-server/freshdesk.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/freshdesk.mdx#L85

Did you really mean 'Freshdesk'?
- **Adjust access** by changing the role of the agent whose API key you use.
2 changes: 1 addition & 1 deletion product/admin/mcp-server/github.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@
{/* Editor Refresh: 2026-06-11 */}

<Note>
**Activation required.** AI access management must be enabled for your tenant before you can use it. To get started, [contact the C1 support team](mailto:support@c1.ai) for a walkthrough.

Check warning on line 12 in product/admin/mcp-server/github.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/github.mdx#L12

Did you really mean 'walkthrough'?
</Note>

The GitHub MCP server lets you govern access to GitHub — repositories, pull requests, issues, Actions, and organization data — as tools your AI clients can call through C1.
Expand Down Expand Up @@ -43,7 +43,7 @@

### Create a GitHub OAuth app

Register an OAuth app in GitHub so C1 can prompt each user to authorize with their own account. For the full walkthrough, see GitHub's [latest guide to creating an OAuth app](https://docs.github.com/en/apps/oauth-apps/building-oauth-apps/creating-an-oauth-app).

Check warning on line 46 in product/admin/mcp-server/github.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/github.mdx#L46

Did you really mean 'walkthrough'?

<Steps>
<Step>
Expand Down Expand Up @@ -86,7 +86,7 @@

### Create a personal access token

Generate a fine-grained personal access token in GitHub for C1 to authenticate with. For the full walkthrough, see GitHub's [guide to managing personal access tokens](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens).

Check warning on line 89 in product/admin/mcp-server/github.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/github.mdx#L89

Did you really mean 'walkthrough'?

<Steps>
<Step>
Expand Down Expand Up @@ -134,9 +134,9 @@

After you register the server, C1 runs tool discovery against GitHub. Discovered tools appear on the server's **Tools** tab.

Each tool starts as either **Pending review** or automatically **Approved**, depending on the option chosen when the server was set up or your tenant's default tool settings in **Settings** > **AI Connections**. See [Require tool approval](/product/admin/enable-ai-access-management#require-tool-approval) and [Default tool classification](/product/admin/enable-ai-access-management#default-tool-classification).
Each tool starts as either **Pending review** or automatically **Approved**, depending on the option chosen when the server was set up or your tenant's default tool settings in **AI** > **MCP** > **Settings**. See [Require tool approval](/product/admin/enable-ai-access-management#require-tool-approval) and [Default tool classification](/product/admin/enable-ai-access-management#default-tool-classification).

Before anyone can call a GitHub tool, it must be approved, added to a toolset, and bound to an access profile. Continue to [Govern tools and toolsets](/product/admin/tools-and-toolsets) to set this up.

Check warning on line 139 in product/admin/mcp-server/github.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/github.mdx#L139

Did you really mean 'toolset'?

<Note>
Tool discovery runs even if your credentials are incorrect, so seeing discovered tools doesn't confirm that authentication is working. You confirm your GitHub credentials when an approved user successfully calls a GitHub tool from their AI client.
Expand Down
2 changes: 1 addition & 1 deletion product/admin/mcp-server/gong.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@
{/* Editor Refresh: 2026-06-11 */}

<Note>
**Activation required.** AI access management must be enabled for your tenant before you can use it. To get started, [contact the C1 support team](mailto:support@c1.ai) for a walkthrough.

Check warning on line 12 in product/admin/mcp-server/gong.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/gong.mdx#L12

Did you really mean 'walkthrough'?
</Note>

The Gong MCP server lets you govern access to Gong — calls, transcripts, users, scorecards, deals, sequences, and permission profiles — as tools your AI clients can call through C1.
Expand All @@ -33,7 +33,7 @@

## Generate Gong API credentials

Generate an Access Key and Access Key Secret in Gong so C1 can authenticate to the Gong API. For Gong's own walkthrough, see [Receive access to the API](https://help.gong.io/docs/receive-access-to-the-api).

Check warning on line 36 in product/admin/mcp-server/gong.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/gong.mdx#L36

Did you really mean 'walkthrough'?

<Steps>
<Step>
Expand Down Expand Up @@ -84,9 +84,9 @@

After you register the server, C1 runs tool discovery against Gong. Discovered tools appear on the server's **Tools** tab.

Each tool starts as either **Pending review** or automatically **Approved**, depending on the option chosen when the server was set up or your tenant's default tool settings in **Settings** > **AI Connections**. See [Require tool approval](/product/admin/enable-ai-access-management#require-tool-approval) and [Default tool classification](/product/admin/enable-ai-access-management#default-tool-classification).
Each tool starts as either **Pending review** or automatically **Approved**, depending on the option chosen when the server was set up or your tenant's default tool settings in **AI** > **MCP** > **Settings**. See [Require tool approval](/product/admin/enable-ai-access-management#require-tool-approval) and [Default tool classification](/product/admin/enable-ai-access-management#default-tool-classification).

Before anyone can call a Gong tool, it must be approved, added to a toolset, and bound to an access profile. Continue to [Govern tools and toolsets](/product/admin/tools-and-toolsets) to set this up.

Check warning on line 89 in product/admin/mcp-server/gong.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/gong.mdx#L89

Did you really mean 'toolset'?

<Note>
Tool discovery runs even if your credentials are incorrect, so seeing discovered tools doesn't confirm that authentication is working. You confirm your Gong credentials when an approved user successfully calls a Gong tool from their AI client.
Expand Down
2 changes: 1 addition & 1 deletion product/admin/mcp-server/google-analytics-admin.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@
{/* Editor Refresh: 2026-06-11 */}

<Note>
**Activation required.** AI access management must be enabled for your tenant before you can use it. To get started, [contact the C1 support team](mailto:support@c1.ai) for a walkthrough.

Check warning on line 12 in product/admin/mcp-server/google-analytics-admin.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/google-analytics-admin.mdx#L12

Did you really mean 'walkthrough'?
</Note>

The Google Analytics Admin MCP server lets you govern access to Google Analytics 4 configuration — accounts, properties, data streams, custom dimensions, conversions, and account-level user permissions — as tools your AI clients can call through C1.
Expand Down Expand Up @@ -137,9 +137,9 @@

After you register the server, C1 runs tool discovery against Google Analytics Admin. Discovered tools appear on the server's **Tools** tab.

Each tool starts as either **Pending review** or automatically **Approved**, depending on the option chosen when the server was set up or your tenant's default tool settings in **Settings** > **AI Connections**. See [Require tool approval](/product/admin/enable-ai-access-management#require-tool-approval) and [Default tool classification](/product/admin/enable-ai-access-management#default-tool-classification).
Each tool starts as either **Pending review** or automatically **Approved**, depending on the option chosen when the server was set up or your tenant's default tool settings in **AI** > **MCP** > **Settings**. See [Require tool approval](/product/admin/enable-ai-access-management#require-tool-approval) and [Default tool classification](/product/admin/enable-ai-access-management#default-tool-classification).

Before anyone can call a Google Analytics Admin tool, it must be approved, added to a toolset, and bound to an access profile. Continue to [Govern tools and toolsets](/product/admin/tools-and-toolsets) to set this up.

Check warning on line 142 in product/admin/mcp-server/google-analytics-admin.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/google-analytics-admin.mdx#L142

Did you really mean 'toolset'?

<Note>
Tool discovery runs even if your credentials are incorrect, so seeing discovered tools doesn't confirm that authentication is working. You confirm your Google Analytics Admin credentials when an approved user successfully calls a Google Analytics Admin tool from their AI client.
Expand Down
2 changes: 1 addition & 1 deletion product/admin/mcp-server/google-analytics.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -9,10 +9,10 @@
{/* Editor Refresh: 2026-06-11 */}

<Note>
**Activation required.** AI access management must be enabled for your tenant before you can use it. To get started, [contact the C1 support team](mailto:support@c1.ai) for a walkthrough.

Check warning on line 12 in product/admin/mcp-server/google-analytics.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/google-analytics.mdx#L12

Did you really mean 'walkthrough'?
</Note>

The Google Analytics MCP server lets you govern access to Google Analytics 4 report data — dimensions, metrics, realtime events, pivot reports, and audience exports — as tools your AI clients can call through C1.

Check warning on line 15 in product/admin/mcp-server/google-analytics.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/google-analytics.mdx#L15

Did you really mean 'realtime'?

Google Analytics supports two ways to authenticate, and you choose one when you register the server:

Expand Down Expand Up @@ -133,9 +133,9 @@

After you register the server, C1 runs tool discovery against Google Analytics. Discovered tools appear on the server's **Tools** tab.

Each tool starts as either **Pending review** or automatically **Approved**, depending on the option chosen when the server was set up or your tenant's default tool settings in **Settings** > **AI Connections**. See [Require tool approval](/product/admin/enable-ai-access-management#require-tool-approval) and [Default tool classification](/product/admin/enable-ai-access-management#default-tool-classification).
Each tool starts as either **Pending review** or automatically **Approved**, depending on the option chosen when the server was set up or your tenant's default tool settings in **AI** > **MCP** > **Settings**. See [Require tool approval](/product/admin/enable-ai-access-management#require-tool-approval) and [Default tool classification](/product/admin/enable-ai-access-management#default-tool-classification).

Before anyone can call a Google Analytics tool, it must be approved, added to a toolset, and bound to an access profile. Continue to [Govern tools and toolsets](/product/admin/tools-and-toolsets) to set this up.

Check warning on line 138 in product/admin/mcp-server/google-analytics.mdx

View check run for this annotation

Mintlify / Mintlify Validation (conductorone) - vale-spellcheck

product/admin/mcp-server/google-analytics.mdx#L138

Did you really mean 'toolset'?

<Note>
Tool discovery runs even if your credentials are incorrect, so seeing discovered tools doesn't confirm that authentication is working. You confirm your Google Analytics credentials when an approved user successfully calls a Google Analytics tool from their AI client.
Expand Down
Loading