What is an MCP?
Model Context Protocol (MCP) is a standard for connecting AI clients (like Notion AI or Claude Desktop) to external tools and data sources (“MCP servers”).
When you connect to Specter MCP from your AI client, you’re granting Specter MCP permission to act on your behalf within the scope you approve.
Just trying to connect? See the setup guide →
Glossary (who you’ll see during sign-in)
AI client: The app you’re using (for example, Notion AI or Claude Desktop) where you click Connect.
Specter MCP: The MCP server you’re connecting to.
Identity Provider (IdP) / SSO: Your organization’s sign-in system (for example, Okta, Microsoft Entra ID/Azure AD, Google Workspace).
Clerk: The authorization/consent screen provider used by Specter MCP for OAuth 2.0 / OpenID Connect (OIDC).
High-level: what happens when you click “Connect”
When you connect Specter MCP, an OAuth 2.0 / OpenID Connect (OIDC) sign-in flow is initiated.
At a high level:
You start the connection from your AI client.
You’re redirected to Specter MCP to begin authentication.
Specter MCP redirects you to your Identity Provider (IdP) to sign in (Single Sign-On).
You review and approve consent.
You’re redirected back to the AI client, and the connection is established.
Step-by-step authentication flow
1) Start in the AI client
You initiate the connection in your AI client (for example, by selecting Specter MCP from a list of connectors and clicking Connect).
Screenshot of how it looks on Claude
2) Redirect to Specter MCP (authorization request)
After you click Connect, the AI client redirects your browser to Specter MCP’s authorization endpoint. This begins the OAuth/OIDC flow.
At this point Specter MCP:
receives the authorization request from the AI client
determines which identity provider (SSO) to use
starts the sign-in process
After clicking connect, user is redirected to the MCP authentication screen. This is the beginning of the SSO flow.
3) Sign in with SSO (Identity Provider)
Specter MCP then redirects you to Specter’s login page if you haven’t logged in already. From here, select your organization’s Identity Provider (IdP) to continue with Single Sign-On.
Depending on your organization’s configuration, you may be prompted to sign in and/or complete an additional verification step (for example, MFA).
Note: MFA is not enforced by Specter MCP itself; MFA behavior is controlled by your organization’s IdP policies.
4) Consent screen (Clerk)
After a successful SSO sign-in, you’re shown a consent screen (hosted by Clerk) to approve the requested scopes.
After that, user is redirected to Clerk’s consent screen
Specter MCP uses least-privileged access. The consent request requires only the following OIDC scopes:
openid: required for OIDC sign-inoffline_access(sometimes displayed as “offline access”): required to obtain a refresh token so the connection can remain authorized without repeatedly prompting you
5) Redirect back to the AI client (authorization code)
After you approve consent, Clerk redirects you back to the AI client with an authorization code.
The AI client exchanges this code for tokens (server-to-server), and the connection becomes active.
Tokens and sessions
Specter MCP uses standard OAuth 2.0 / OIDC tokens:
Access token: short-lived token used by the AI client to call Specter MCP tools.
Refresh token (enabled by
offline_access): longer-lived token used to obtain new access tokens without asking you to sign in again.Sessions have a bounded maximum lifetime. After that, you must re-authenticate.
At rest, client tokens and OAuth state are stored encrypted using industry-standard symmetric encryption. Token storage keys are kept separate from JWT signing keys.
What Specter MCP can do after connecting
Specter MCP can only act as the signed-in user.
Specter MCP can only act within the scopes you approved.
Actions are performed when your AI client requests them (for example, when you invoke a Specter tool).
Security and privacy notes
Your password is never shared with Specter MCP. You authenticate directly with your organization’s Identity Provider (SSO).
MFA, if enabled, is enforced by your organization’s IdP policies.
Tokens are used only to maintain the authorized connection and to authenticate requests to Specter MCP.
Specter MCP is isolated from the main Specter API: MCP tokens are not valid for the main API, and main Specter API tokens are not valid for MCP.
Every MCP tool call is bound to the authenticated user’s existing Specter permissions (org-level access controls). The MCP surface cannot exceed what the user can already do in the Specter product.
Audit logging and rate limiting
Every MCP tool invocation (and error) is captured in our observability platform with user context (user ID, organization ID, email).
We apply per-user and per-organization rate limits to help mitigate abuse and provide additional signal for anomalous usage patterns.
Today, audit-log exports are available on request (not self-serve).
PKCE and client security
Specter MCP’s OIDC proxy supports PKCE for public clients.
For the current integration, the authorization code exchange happens server-to-server (Specter MCP holds the client credentials and exchanges the code on behalf of the AI client). The code is never exchanged from a public client.
Redirect URIs are strictly validated, and consent screens are used to prevent confused deputy attacks.
How session revocation is handled
You can revoke Specter MCP’s access at any time. Once revoked, Specter MCP can no longer obtain new access tokens and previously issued access tokens will expire.
Common revocation mechanisms include:
disconnecting/removing Specter MCP in your AI client
revoking access from your organization’s IdP (if your organization manages application sessions centrally)
If your organization disables a user account or removes access at the IdP, new token issuance will stop and the connection will cease to function once existing access tokens expire.
Troubleshooting
I’m being redirected in a loop: Your browser may be blocking third-party cookies or your organization may be enforcing additional sign-in requirements. Try an incognito/private window or confirm IdP access with your admin.
I approved consent but the AI client still shows disconnected: Return to the AI client and retry the connection. If it persists, your organization may require admin approval for new OAuth applications.
MFA didn’t prompt: MFA is controlled by your organization’s IdP policy; Specter MCP does not force MFA.
Why is “offline access” requested? It allows the connection to stay authorized without asking you to sign in again for each session.
SSO flow diagram
A typical flow is:
AI Client → Specter MCP → IdP (SSO) → Clerk Consent → AI Client
Questions? Get in Touch