Developers
Connect Claude, Cursor, and any MCP client to Planoda. Typed tools, scoped tokens, and propose/approve guardrails on anything destructive.
The server speaks the 2025-11-25 Model Context Protocol over streamable HTTP at `/api/mcp/streamable-http` — a single endpoint that handles requests and streams notifications, so there is no stdio bridge or long-lived socket to babysit. Point any compliant client at the URL and it negotiates capabilities automatically.
Connect with a static API key — `Authorization: Bearer <key>` — for Claude Code, Cursor, and scripts. Or use Clerk OAuth 2.1 with Dynamic Client Registration and `.well-known` discovery (`/.well-known/oauth-protected-resource/mcp`) for Claude Web, Claude Desktop, and ChatGPT, where the client registers itself and there is no key to copy.
The tool surface is auto-derived from Planoda's tRPC API, so it tracks the app — hundreds of tools across issues, projects, comments, cycles, and the rest of the schema, not a fixed handful. Token-budget clients narrow it with a query param: `?profile=core` for the essentials or `?ns=issues,projects` to scope to specific namespaces.
Planoda is both an MCP server you connect a client to, and an MCP host: its in-app agents are clients that can call out to the servers you register. So context flows both ways — your tools enrich Planoda's agents, and Planoda's surface is available to yours.
Issues, boards, and projects are exposed as MCP resources an agent can read; the full tRPC operation set — create-issue, triage, search, and hundreds more — is exposed as tools it can call. Prompts pinned to your team's conventions ship alongside, so the agent inherits your house style instead of guessing it.
Agents act through typed MCP tools — the same operations the app exposes, validated against the same Zod schemas, governed by the same per-workspace permission model. Whether the session authenticated with an API key or OAuth, it is scoped and revocable, so an agent never holds more access than you grant it.
Deletes, bulk archives, and bulk updates route through propose/approve. Sessions without destructive capability get a structured 'approval required' result — never a silent mutation. The `destructive` flag comes from the tool registry, so there is one source of truth for what needs a human.
Auto-approved operations record an audit row in the same trail as the runtime broker — who, what, and when. The transcript is treated as data, not instructions: inputs are scrubbed before they reach a tool, so a poisoned message can't smuggle a command.
{
"mcpServers": {
"planoda": {
"url": "https://planoda.com/api/mcp/streamable-http",
"headers": { "Authorization": "Bearer ttm_<prefix>_<secret>" }
}
}
}Full reference in the docs.
Start building
Free tier includes API access. Build, automate, and integrate.
MCP in short
One endpoint — https://planoda.com/api/mcp/streamable-http — four common clients. API-key clients pass a bearer header; OAuth clients click Connect and self-register via DCR.
claude mcp add --transport http planoda https://planoda.com/api/mcp/streamable-http --header "Authorization: Bearer <key>"npx mcp-remote https://planoda.com/api/mcp/streamable-http --header "Authorization:Bearer <key>"Add the connector and click Connect — discovery + DCR, no key needed. Multi-workspace? append ?workspace=<slug>.Developer mode → connect via OAuth, then append ?profile=core (or ?ns=issues,projects) to fit its tool-schema budget. Add ?workspace=<slug> to target a workspace.A representative slice of a surface auto-derived from the tRPC API — hundreds of tools in all. Each carries a typed schema and a destructive flag that decides whether it can run unattended. Narrow the surface with ?profile=core or ?ns=issues,projects.
searchreadFull-text + filtered search across issues, projects, and docs.get-issuereadFetch one issue with state, assignee, labels, and comments.create-issuewriteOpen a new issue with title, team, priority, and labels.update-issuewriteChange state, assignee, priority, or labels on an issue.triagewriteRoute an inbox item to a team and propose a priority.bulk-archivedestructiveArchive many issues at once — always propose/approve.The governance story is the differentiator: agents are teammates under transparent control, not unsupervised scripts.
A destructive call from a session without that capability returns a structured "approval required" result, not a mutation.
A human approves (or rejects) the proposal in-app. The destructive flag comes from one tool registry — a single source of truth.
Every action — auto-approved or human-approved — records an agent.proposal.* audit row: who, what, and when.
{
"isError": false,
"structuredContent": {
"status": "approval_required",
"tool": "bulk-archive",
"proposalId": "prop_7c2a…",
"reason": "destructive op; session lacks bulkArchive capability",
"approveUrl": "https://planoda.com/acme/agents/approvals/prop_7c2a…"
}
}FAQ
Everything you need to build on Planoda.