Give an AI agent secure, governed access to your work context — email, calendar, meetings, and tasks — in about five minutes.
Waydock is a secure agent-context layer. You connect your mailboxes and tools once, mint a scoped key, and any MCP-compatible agent (Claude, Cursor, your own code) can read and act on your behalf inside guardrails you control. Every call is scope-checked, allowlist-gated, and written to an audit log.
For agents: the MCP endpoint is
https://waydock.ai/api/mcp/stream(Streamable HTTP, protocol2025-06-18). Authenticate withAuthorization: Bearer wdmcp_.... Callwaydock_capabilities(no scope required) for the live tool list. This page is available as Markdown at /docs/quickstart.md and the whole doc set at /llms.txt.
What you'll build
By the end, an agent will answer "What's on my plate this morning?" from your live inboxes and calendar, with a provenance trail showing where each fact came from.
- Time to first result: about 5 minutes
- Prerequisites: a Waydock account and one connected mailbox (Google or Outlook)
Step 1 — Create your account and connect a mailbox
- Sign up at waydock.ai with Google or Microsoft.
- On first run the setup wizard walks you through connecting a mailbox. Or go to Settings → Connections and connect Google or Outlook via OAuth.
Waydock stores metadata and snippets, reads your mail live at query time, and never trains on your data. You can connect multiple accounts and providers (Google, Outlook, Linear, Jira, Teams, Fathom, Fireflies, Pocket).
✅ Check: your inbox populates under Today.
Step 2 — Mint a scoped MCP key
- Go to Settings → Account → MCP (/settings/account/mcp).
- Click Create key.
- Choose a permission preset:
| Preset | What it can do | Plan |
|---|---|---|
| Read & email myself (default) | Read your briefings, mail, meetings, tasks, and calendar. Email summaries or replies to your own inboxes only. | Free |
| Full access | Every read and write scope except sending mail or Teams messages to third parties (those stay a separate, explicit opt-in). | Pro |
- Name the key after the agent that will use it (e.g.
claude-desktop,cursor,nightly-brief-bot) — the name shows up in your audit log. - Copy the key. It is shown once.
Keys look like this:
wdmcp_a1b2c3d4_9f8e7d6c5b4a39281706f5e4d3c2b1a0
You can hold up to 3 live keys on Free, 5 on Pro. Revoke any key with one click.
Least privilege by default. The free preset can never email anyone but you. Sending to third parties (
write:mail.send) and Teams (write:teams.send) are always separate, deliberate grants — never bundled into "Full access."
✅ Check: the new key appears in your key list with its preset and creation time.
Step 3 — Point your agent at Waydock
Waydock speaks the Model Context Protocol over Streamable HTTP.
- Endpoint:
https://waydock.ai/api/mcp/stream - Auth:
Authorization: Bearer wdmcp_...(orX-API-Key: wdmcp_...) - Protocol: MCP
2025-06-18
Pick your client. Every snippet is copy-paste-correct — replace only the key.
Claude Desktop
Edit claude_desktop_config.json (Settings → Developer → Edit Config). The auth header contains a space, so pass it through an env var — otherwise it gets split into two arguments:
{
"mcpServers": {
"waydock": {
"command": "npx",
"args": [
"-y",
"mcp-remote",
"https://waydock.ai/api/mcp/stream",
"--header",
"Authorization:${WAYDOCK_AUTH}"
],
"env": {
"WAYDOCK_AUTH": "Bearer wdmcp_your_key_here"
}
}
}
}
Restart Claude Desktop; the Waydock tools appear under the 🔌 icon.
Claude Code (CLI)
claude mcp add --transport http waydock https://waydock.ai/api/mcp/stream \
--header "Authorization: Bearer wdmcp_your_key_here"
Cursor
Add to ~/.cursor/mcp.json (or Settings → MCP → Add):
{
"mcpServers": {
"waydock": {
"url": "https://waydock.ai/api/mcp/stream",
"headers": {
"Authorization": "Bearer wdmcp_your_key_here"
}
}
}
}
VS Code (Copilot / MCP)
Add to .vscode/mcp.json:
{
"servers": {
"waydock": {
"type": "http",
"url": "https://waydock.ai/api/mcp/stream",
"headers": {
"Authorization": "Bearer wdmcp_your_key_here"
}
}
}
}
Raw HTTP (curl)
Streamable HTTP requires an Accept header that allows both JSON and the event stream:
# Put your key in an env var first (grab it from Settings → Account → MCP):
export WDMCP_KEY=wdmcp_your_key_here
curl -sN https://waydock.ai/api/mcp/stream \
-H "Authorization: Bearer $WDMCP_KEY" \
-H "Content-Type: application/json" \
-H "Accept: application/json, text/event-stream" \
-d '{
"jsonrpc": "2.0",
"id": 1,
"method": "tools/call",
"params": { "name": "waydock_whoami", "arguments": {} }
}'
Python (SDK)
import asyncio
from mcp.client.streamable_http import streamablehttp_client
from mcp import ClientSession
URL = "https://waydock.ai/api/mcp/stream"
HEADERS = {"Authorization": "Bearer wdmcp_your_key_here"}
async def main():
async with streamablehttp_client(URL, headers=HEADERS) as (read, write, _):
async with ClientSession(read, write) as session:
await session.initialize()
result = await session.call_tool("waydock_briefing", {})
print(result.content)
asyncio.run(main())
TypeScript (SDK)
import { Client } from "@modelcontextprotocol/sdk/client/index.js";
import { StreamableHTTPClientTransport } from "@modelcontextprotocol/sdk/client/streamableHttp.js";
const transport = new StreamableHTTPClientTransport(
new URL("https://waydock.ai/api/mcp/stream"),
{ requestInit: { headers: { Authorization: "Bearer wdmcp_your_key_here" } } }
);
const client = new Client({ name: "my-agent", version: "1.0.0" });
await client.connect(transport);
const briefing = await client.callTool({ name: "waydock_briefing", arguments: {} });
console.log(briefing.content);
✅ Check: call waydock_whoami (no scope required). You should get back your account email and org. A 401 means the Bearer prefix is missing or the key was truncated on paste.
Step 4 — Ask your first question
In your agent, ask in plain language:
What's on my plate this morning? Summarize anything that needs a reply.
Behind the scenes it calls tools like waydock_briefing, waydock_inbox, and waydock_follow_ups_list and answers from live data. Every result carries a provenance chip (which mailbox, which message).
Prefer to drive it yourself? Two direct calls:
# Assumes WDMCP_KEY is set (see Step 3).
# Your daily briefing
curl -sN https://waydock.ai/api/mcp/stream \
-H "Authorization: Bearer $WDMCP_KEY" \
-H "Content-Type: application/json" \
-H "Accept: application/json, text/event-stream" \
-d '{"jsonrpc":"2.0","id":1,"method":"tools/call","params":{"name":"waydock_briefing","arguments":{}}}'
# Live-search your mailboxes
curl -sN https://waydock.ai/api/mcp/stream \
-H "Authorization: Bearer $WDMCP_KEY" \
-H "Content-Type: application/json" \
-H "Accept: application/json, text/event-stream" \
-d '{"jsonrpc":"2.0","id":2,"method":"tools/call","params":{"name":"waydock_mail_search","arguments":{"query":"invoice from acme"}}}'
✅ Check: the briefing call returns a summary object. You're connected.
Step 5 — Do something (safely)
Reading is read-only. When you're ready to act, the free preset lets an agent email you — perfect for "send me a summary of today" with no risk of it messaging a customer.
# Assumes WDMCP_KEY is set (see Step 3).
curl -sN https://waydock.ai/api/mcp/stream \
-H "Authorization: Bearer $WDMCP_KEY" \
-H "Content-Type: application/json" \
-H "Accept: application/json, text/event-stream" \
-d '{
"jsonrpc":"2.0","id":3,"method":"tools/call",
"params":{
"name":"waydock_send_email",
"arguments":{
"to":["[email protected]"],
"subject":"My morning brief",
"body":"Plain-text summary of what needs attention today."
}
}
}'
To send to other people, upgrade to Pro and grant write:mail.send explicitly. Recipients must be on your outbound allowlist, and server-enforced caps apply: 500 sends per 24h and 20 per 24h to any single address by default (clamped to hard ceilings), a 60-second cooldown on newly added recipients, and a global kill switch.
🎉 That's the quickstart. You have an agent reading your work context and acting inside guardrails you set.
Concepts (the 2-minute mental model)
- Waydock is the context layer, not the model. You bring the agent; Waydock is the secure, governed doorway to your data.
- Mira is Waydock's built-in assistant — the same tools, in-app, if you don't want to bring your own agent.
- Scopes are what a key can do. Presets are curated bundles of scopes. Least privilege is the default.
- Allowlist + caps govern outbound actions, enforced server-side no matter what the agent is told.
- Provenance travels with every read, so answers are auditable, not hallucinated.
- Everything is logged. Every tool call — key, tool, outcome, duration — lands in your audit log.
Tool reference
Waydock exposes 50+ tools (call waydock_capabilities for the live, authoritative list for your key and plan). The ones you'll reach for most:
Read
| Tool | Does | Scope |
|---|---|---|
waydock_briefing | Your current briefing summary | read:briefing |
waydock_inbox | Pending inbox cards | read:cards |
waydock_calendar | Pending calendar cards | read:cards |
waydock_mail_search | Live-search connected mailboxes | read:mail.search |
waydock_mail_list | List archived mail (filters, paging) | read:mail |
waydock_mail_get | Fetch one email by id | read:mail |
waydock_mail_count | Count mail matching filters | read:mail |
waydock_follow_ups_list | Action items others owe you | read:meetings |
waydock_meetings_list | Recent meetings (Fathom + Fireflies) | read:meetings |
waydock_tasks_list | Jira + Linear tasks | read:tasks |
waydock_accounts | Connected providers | read:accounts |
Act
| Tool | Does | Scope |
|---|---|---|
waydock_send_email | Send plain-text email (allowlist-gated) | write:mail.send.self / write:mail.send |
waydock_card_action | Archive / snooze / act on a card | write:cards |
waydock_card_feedback | Signal important / not important | write:cards |
waydock_task_create | Create a Jira or Linear issue | write:tasks |
waydock_sync | Trigger a mail/calendar sync | write:sync |
Always available (no scope)
waydock_whoami · waydock_capabilities · waydock_health · waydock_version · waydock_quota
Scopes & permissions
Scopes follow <kind>:<resource>[.<sub-resource>]. Kinds: read, write, and destructive (mail/Teams send).
Presets:
read-and-self-send— every read scope pluswrite:mail.send.self. Free. The default.full-access— every scope exceptwrite:mail.sendandwrite:teams.send. Pro.
Sending is never bundled. write:mail.send (third-party email) and write:teams.send are always granted on their own, on purpose. A "Full access" key still cannot email a customer until you add that scope deliberately.
Security you can hand to your CISO
- Scoped, revocable keys — mint one per agent, revoke instantly. Free caps at 3 live keys, Pro at 5.
- Outbound allowlist + capped sends — 500 sends/24h and 20/recipient/24h by default and a 60-second new-recipient cooldown, all enforced server-side regardless of prompt. Caps are clamped to hard server ceilings (2000/day, 100/recipient); the cooldown and kill switch are fixed in code.
- Kill switch — one toggle stops all outbound mail from every path.
- Full audit log — every MCP call recorded with tool, outcome, status, duration, and the calling agent's name.
- Least-privilege presets — read-only and self-send-only defaults; destructive sends are opt-in.
- Tenant isolation — keys are org-scoped with row-level security enforced in the database.
- No training on your data. Reads are live and provenance-tracked.
Troubleshooting
| Symptom | Cause | Fix |
|---|---|---|
401 Unauthorized | Missing/typo'd key | Ensure Authorization: Bearer wdmcp_...; re-copy the full key |
403 Forbidden on a tool | Key lacks the scope | Check the tool's scope above; re-mint with the right preset |
406 Not Acceptable (curl) | Missing Accept header | Add Accept: application/json, text/event-stream |
| Header split into two args (Claude Desktop) | Space in --header value | Use the env-var pattern shown above |
429 Too Many Requests | Rate limit | Honor the Retry-After header and back off |
upgrade_required on a write | Write needs Waydock Pro | Upgrade, then grant the write scope |
| Email won't send | Recipient not allowlisted, or self-send-only key | Allowlist the recipient (Pro), or send to your own inbox |
Duplicate-safe writes: pass an Idempotency-Key header and retries won't double-send.
Next steps
- Manage MCP keys — create, scope, name, and revoke keys
- Security — the full outbound-safety contract
- Pricing — Free vs Pro
- Contact — talk to us
Prefer to talk to a machine? Every docs page has a Markdown twin — append .md to the URL — and the whole set is summarized at /llms.txt and concatenated at /llms-full.txt.