Skip to main content
Connectivity

You shouldn't need a sprint to connect an agent.

Teams burn days wiring OAuth, rotating credentials, debugging MCP configs. Civic gives you 1 URL. Your agent talks to every tool through it. 10 minutes, start to finish.

Read the docsSee how it works
~/project
$ cat .env
OAUTH_CLIENT_ID=sk-proj-abc123def456...
OAUTH_CLIENT_SECRET=sk-secret-xyz789...
OAUTH_REDIRECT_URI=https://app.example.com/callback
TOKEN_REFRESH_INTERVAL=3600
MCP_SERVER_URL=https://mcp.internal:4100
MCP_AUTH_TOKEN=mcp-tok-9f8e7d6c5b...
GOOGLE_SERVICE_ACCOUNT_KEY=./keys/sa.json
 
$ node oauth-setup.js
[ERR] Token expired for gmail-integration
[ERR] Refresh failed: invalid_grant
[WARN] Falling back to re-authentication...
[ERR] OAuth callback timeout after 30s
[ERR] MCP handshake failed: ECONNREFUSED
[WARN] Retrying in 5s... (attempt 3/5)
 
$ cat mcp-config.json
{
"mcpServers": {
"gmail": {
"command": "npx",
"args": ["-y", "@google/mcp-gmail"],
"env": {
"GOOGLE_CLIENT_ID": "...",
"GOOGLE_CLIENT_SECRET": "..."
}
},
"postgres": {
"command": "npx",
"args": ["-y", "@pg/mcp-server"],
"env": { "DATABASE_URL": "..." }
}
}
}
~/project
$ claude mcp add --transport http \
civic https://app.civic.com/hub/mcp
✓ MCP server added: civic
 
$ claude
[civic] Authorization required.
→ https://app.civic.com/auth/...
Open this link in your browser.
 
[civic] ✓ Authorized
 
> What tools do I have via Civic?
 
✓ gmail · list emails
✓ gmail · create draft
✓ google_drive · list files
✓ postgres · query
 
0 credentials in code. 0 tokens to babysit.

Three steps. That's it.

Agent

Add Gmail, Drive, and Postgres.

Restrict Gmail to read-only —

no send, delete, or forward.

Done. 3 tools connected:

✓ Gmail — read-only

✓ Google Drive — read-only

✓ Postgres — query-only

Your MCP URL is ready to copy.

nearly 100 connectors

One URL. Every tool your agent needs.

Communication

Gmail
Slack
Microsoft 365
IMAP Email
Postmark
Bluesky
X (Twitter)

Productivity

Google Calendar
Google Docs
Google Sheets
Google Slides
Notion
Canva
Asana
ClickUp
Monday.com
Trello
Webflow

Storage

Google Drive
Dropbox
Box

Databases

PostgreSQL
MongoDB
MySQL
MS-SQL
Redshift
Elasticsearch

CRM & Sales

HubSpot
Pipedrive
ActiveCampaign

Payments & Finance

Stripe
Square
QuickBooks
Bill.com
Shopify
AWS Billing
CardPointe

Marketing & Analytics

Google Analytics
Meta Ads
PostHog
Hunter.io
Findymail
Tavily

Dev & Infrastructure

GitHub
Atlassian
Linear
Sentry
Cloudflare
Grafana
n8n
Socket Security

Research & Automation

Apify
Firecrawl
Context7
DeepWiki
CoinGecko

Field Ops

ServiceTitan
Home Assistant
Insperity

The control you actually want

Scoped access

Scope access at multiple levels: tool, user, organization. Access your personal data safely through the tools you already use, via ephemeral, single-tenant MCP servers.

Credential isolation

Secrets live in Civic. Your agent never sees raw tokens, environment variables, or API keys. Built on 10+ years of securely managing credentials without a breach.

Tool-level revocation

Revoke access tool by tool when something goes wrong. Keep precise control over what an agent can access without shutting everything down.

Access defined at every level

Control exactly who can do what, at every level of your stack.

Tool

Define what actions an agent can perform and add guardrails to prevent abuse.

User

All OAuth credentials remain scoped to the user who granted them.

Organization

Escalate access to the organization level when the whole team needs them.

Toolkits

Tools are always grouped in toolkits, and toolkits belong to accounts. Every account starts with one. Create more when you need clean separation: different tools, different scopes, different environments.

Default toolkitMulti-toolkitAccount-scoped

Credentials

OAuth credentials are always user-level. They cannot be shared or promoted. Non-OAuth credentials like API keys and service accounts can be elevated to toolkit or organization level when the whole team needs them.

User-level OAuthOrg API keysToolkit-scoped

Organizations

Every sign-in creates a personal account automatically. Organization accounts are separate. You create them explicitly in Civic. Both can have their own toolkits. Admins control org membership and credentials; End Users can join without an invite.

AdminMemberEnd User

Ten minutes. One URL.

That's all it takes to connect your first agent.

Read the docsSee the architecture