Docs

Tool reference

Last updated: July 7, 2026

Waydock exposes 57 typed tools over the Model Context Protocol (MCP). The same registry powers both the MCP server and Mira, Waydock's in-app assistant, so behaviour, scopes, and audit are identical across both.

For agents: the MCP endpoint is https://waydock.ai/api/mcp/stream (Streamable HTTP, protocol 2025-06-18). Authenticate with Authorization: Bearer wdmcp_.... Call waydock_capabilities (no scope required) for the live tool list, or fetch the full machine-readable catalog at /api/mcp/manifest. New to Waydock? Start with the Quickstart.

How authorization works

Scopes are namespaced read:* (observation) and write:* (mutation). Genuinely irreversible tools are additionally marked destructive. A write scope implies its read parent, so write:mail.send also grants write:mail.drafts and read:mail.

Every tool call passes one admission gate, in order:

  1. Scope check. The key must hold every required scope (implied parents count).
  2. "At least one of". The send tools admit either write:mail.send or write:mail.send.self; search admits any one content read scope.
  3. Tool denylist. A per-key blocklist overrides everything else.
  4. Entitlement check. Paid write scopes are re-checked against the live plan at call time, returning upgrade_required (distinct from a scope error) when an organization has downgraded.

Two scopes are wildcard-proof: write:mail.send and write:teams.send. They can never be satisfied by a preset or a wildcard and must appear as literal strings on the key.

The catalog

Legend: R read, W write, D destructive.

System and identity

These return only server-generated metadata and require no scope.

ToolWhat it does
waydock_whoamiRSigned-in user and current organization
waydock_key_infoRThe calling key: id, name, owning email, granted scopes, server build
waydock_capabilitiesRConnected providers and feature flags (the live tool list)
waydock_healthRLiveness ping
waydock_versionRServer version, commit, and transport metadata
waydock_quotaRRate-limit budget for the calling key

Audit and telemetry ·read:audit

ToolWhat it does
waydock_agent_activityRRecent MCP audit log for this user
waydock_outbound_auditRRecent third-party API calls (Graph, Gmail, Jira, Linear, Fathom, Fireflies) made on your behalf
waydock_telemetryRUsage telemetry for the calling key

Briefing ·read:briefing

ToolWhat it does
waydock_briefingRCurrent briefing summary (counts and top cards)
waydock_morning_brief_composeRCompose a short AI morning brief (does not send)
waydock_morning_brief_sendDCompose and email the brief to you (also needs a send scope)

Cards and calendar ·read:cards, write:cards

ToolWhat it does
waydock_inboxRPending inbox cards
waydock_calendarRPending calendar cards
waydock_card_getRFetch a card by id
waydock_card_actionWArchive, snooze, or mark a card acted
waydock_card_feedbackWRecord an important / not-important signal

Mail ·read:mail, read:mail.search, write:mail.drafts, write:mail.send

ToolWhat it does
waydock_mail_listRList archived emails with filters and paging
waydock_mail_countRCount archived emails; reports the indexed coverage window
waydock_mail_getRFull email by archive id, or a live search hit by provider message id
waydock_mail_accountsRInbox accounts in the archive
waydock_mail_searchRLive-search connected mailboxes (Gmail, Outlook); needs read:mail.search
waydock_draft_reply_regenerateWRegenerate an AI draft reply
waydock_draft_reply_saveWSave a draft reply in the mailbox
waydock_follow_up_nudgeWDraft a chase email for an unreplied thread (does not send)
waydock_send_emailDSend email under the outbound safety contract below

Meetings and follow-ups ·read:meetings, write:meetings, write:tasks

ToolWhat it does
waydock_meetings_listRRecent meetings (Fireflies, Fathom)
waydock_meeting_getRA meeting with summary and attendees
waydock_meeting_transcriptRRaw transcript lines
waydock_action_items_listRA meeting's action items and any Jira/Linear promotions
waydock_action_items_searchRCross-meeting action-item search
waydock_follow_ups_listRItems where someone other than you is on the hook
waydock_follow_up_snoozes_listRActive follow-up snoozes
waydock_action_item_promoteWRoute one action item to Jira or Linear (needs write:tasks)
waydock_action_items_promote_bulkWRoute many to one project or team (needs write:tasks)
waydock_action_item_unlinkWDetach a task link (the upstream issue is kept)
waydock_follow_up_snooze / waydock_follow_up_unsnoozeWManage follow-up snoozes

Tasks ·read:tasks, write:tasks

ToolWhat it does
waydock_tasks_listRJira and Linear tasks
waydock_projects_listRAvailable Jira projects and Linear teams
waydock_task_createWCreate a Jira or Linear issue
waydock_tasks_syncWTrigger an on-demand task sync

Sync ·read:sync, write:sync

ToolWhat it does
waydock_sync_historyRRecent mail and calendar sync runs
waydock_syncWTrigger an on-demand sync

Preferences and suppressions ·read:preferences, write:preferences

ToolWhat it does
waydock_preferences_getRPreferences and lane rules
waydock_suppressions_listRActive suppression patterns
waydock_preferences_set_ruleWSet or clear a sender/domain lane rule
waydock_preferences_set_toggleWFlip a feature toggle
waydock_suppressions_removeDRemove a suppression pattern

Teams ·read:teams, write:teams.send

ToolWhat it does
waydock_teams_list_chatsRList Microsoft Teams chats (1:1 and group)
waydock_teams_get_messagesRRead messages in a chat (decrypted body)
waydock_teams_send_messageDSend a message to a chat

Pulse and health

ToolWhat it does
waydock_pulse_statusRPulse monitoring overview. Needs read:pulse; Pulse admins only
waydock_pulse_incidentsRPulse incident history. Needs read:pulse; Pulse admins only
waydock_whoop_summaryRLatest WHOOP metrics. Needs read:health; personal workspace only
ToolWhat it does
waydock_searchROne query across mail, tasks, meetings, and cards. Fans only into the verticals your key can read; needs at least one content read scope

Connected accounts ·read:accounts

ToolWhat it does
waydock_accountsRWhich providers are connected and their status

The scope catalog

22 scopes, catalog version 8. Presets (below) bundle these; you can also pick a custom set when minting a key.

Read scopes (13)

ScopeGrants
read:briefingThe daily briefing summary
read:cardsPending inbox and calendar cards
read:mailArchived email messages
read:mail.searchLive search of connected mailboxes (a separate grant from read:mail)
read:meetingsMeetings, summaries, and transcripts
read:tasksJira and Linear tasks
read:accountsWhich providers are connected
read:preferencesPreferences, lane rules, and suppressions
read:syncMail and calendar sync history
read:auditThis key's audit log, outbound calls, and telemetry
read:healthWHOOP metrics (personal workspace only)
read:teamsMicrosoft Teams chats and messages
read:pulsePulse status and incidents (Pulse admins only)

Write scopes (9)

ScopeKindGrants
write:cardswriteArchive, snooze, and feedback on cards
write:mail.draftswriteGenerate and save draft replies
write:mail.senddestructiveSend to allowlisted third-party recipients (capped, wildcard-proof)
write:mail.send.selfdestructiveSend only to your own verified inboxes
write:taskswriteCreate Jira/Linear issues and trigger task sync
write:preferenceswriteModify lane rules, toggles, and suppressions
write:syncwriteTrigger an on-demand sync
write:meetingswriteSnooze follow-ups and detach task links (local state only)
write:teams.senddestructiveSend Teams messages (wildcard-proof)

Presets

PresetContentsPlan
Read & email myself (default)Every read scope plus write:mail.send.self. Can never email anyone but you.Free
Full accessEvery read and write scope except write:mail.send and write:teams.send, which stay explicit, separate opt-ins.Pro

Mint and revoke keys in Settings → Account → MCP. New keys are read-only by default; write scopes require Pro. You can hold 3 live keys on Free, 5 on Pro.

The rules your calls obey

These are enforced server-side. Design your agent to expect them rather than work around them.

  • Provenance gating. Once your turn reads untrusted external content (an email body, a meeting transcript, a Teams message), write and destructive tools are removed for the rest of that turn. A message in the inbox cannot instruct your agent to send or delete. Plan any sends to happen before you read untrusted bodies, or across separate turns.
  • The outbound-email contract. waydock_send_email enforces an allowlist (unlisted recipients fail closed), a 60-second cooldown on new recipients, server-enforced daily and per-recipient send caps (clamped to hard ceilings), thread-only replies, a global kill switch, and invisible-character scrubbing. Mail is plain text by default; HTML is an opt-in per recipient and is sanitized. No cc, bcc, or attachments.
  • Everything is audited. Name your key after your agent. That name appears in the user's audit log next to every tool call, with the outcome and latency. Revoke a key and both the app and the agent stop in the same moment.
  • Rate limits. 500 calls per day on Free, 100,000 on Pro. waydock_quota reports your remaining budget, and Idempotency-Key is honoured on writes.

Tool admission failures come back as an explicit code: insufficient_scope, upgrade_required, or tool_blocked. Send failures instead come back as a tool result flagged isError with a human-readable message (for example: daily cap reached, per-recipient cap reached, recipient not on the allowlist, or sending disabled), so read the message rather than matching a code.

See also