Skip to main content
OpenWork Cloud exposes a hosted MCP server at https://api.openworklabs.com/mcp. Add it to an MCP client when you want agents to use your OpenWork Cloud organization, skills, plugins, marketplaces, workers, and other Cloud API resources through MCP tools. The server uses OAuth. Your MCP client opens a browser, you sign in to OpenWork Cloud, choose the organization to authorize, and the client stores the returned token.

In the OpenWork desktop app

If you use the OpenWork desktop app, there is nothing to configure. When you sign in to OpenWork Cloud, the app connects the openwork-cloud MCP for you with a token scoped to your active organization — no browser OAuth round-trip. You can see it under Settings → Extensions as OpenWork Cloud Control with a Ready status. Switching organizations refreshes the token automatically.

What you can ask the agent

Once connected, your agent manages the organization from plain English in the composer. These flows are exercised end to end against a live OpenWork Cloud deployment (see evals/cloud-mcp-agent-flows.md in the repository):
  • Check your cloud identity — “Which OpenWork Cloud organization am I connected to?” The agent reports the organization, your account, and your role.
  • Invite teammates — “Add omar@example.com to my organization.” The agent sends the invitation, updates the allowed email domains when needed, and surfaces seat-limit billing rules instead of failing silently.
  • Manage teams — “Assign Priya to the Sales team.” Works for active members; the agent explains when someone still has a pending invitation.
  • Share skills with your org — “Create a skill that writes weekly status reports and share it with my whole organization.” The agent writes the SKILL.md locally, then creates a plugin, attaches the skill, publishes it to your marketplace, and grants org-wide access — teammates see it in their marketplace and install it with one click.
Org policy still applies: invitations respect seat limits and domain rules, and resource creation follows your organization’s roles.

MCP config

The manual configuration below is for other MCP clients (or the desktop app when signed out). Add this server to your MCP config: 
{
  "mcp": {
    "openwork-cloud": {
      "type": "remote",
      "enabled": true,
      "url": "https://api.openworklabs.com/mcp",
      "oauth": {}
    }
  }
}
If your client expects the server map directly, use just the server entry: 
{
  "openwork-cloud": {
    "type": "remote",
    "enabled": true,
    "url": "https://api.openworklabs.com/mcp",
    "oauth": {}
  }
}

Authorize access

  1. Save the MCP config in your client.
  2. Start the client’s MCP auth flow for openwork-cloud.
  3. Sign in at app.openworklabs.com when the browser opens.
  4. Choose the OpenWork Cloud organization that should receive MCP access.
  5. Return to your MCP client after authorization completes.
The token is scoped to the organization you select during OAuth. If you need to switch organizations, remove the stored MCP auth token in your client and run the auth flow again.

OAuth security controls

OpenWork Cloud’s MCP OAuth flow is hardened for public MCP clients:
  • PKCE is required for dynamically registered/public clients. Only the S256 code challenge method is supported.
  • Redirect URIs are restricted to loopback HTTP(S) callbacks, such as http://127.0.0.1:<port>/callback, or private-use custom schemes. Public web redirects and dangerous schemes such as javascript:, file:, and data: are rejected.
  • MCP OAuth access tokens expire after 15 minutes.
  • JWT access tokens are signed with EdDSA only. The MCP verifier pins that signing algorithm, validates the issuer as the OpenWork Cloud auth server, and validates the audience against the MCP resource URLs advertised by the protected-resource metadata.
  • JWKS signing keys rotate every 24 hours. Previous public keys remain in the JWKS for a 1-hour overlap, which is longer than the MCP access-token lifetime, so in-flight tokens can expire naturally during rotation.
  • MCP OAuth refresh tokens expire after 7 days, rotate on refresh, and are revocable. Reusing a revoked refresh token invalidates the token family.
  • Access is rechecked against the user’s active OpenWork Cloud session and organization membership, so removing a member or revoking their session also cuts off MCP access.

What the server exposes

The hosted MCP server exposes OpenWork Cloud API tools for normal product resources, including config objects, connectors, plugins, marketplaces, skills, workers, members, roles, teams, and LLM providers. It intentionally does not expose authentication internals, admin-only system routes, webhooks, API-key creation or deletion, or credential-returning endpoints.

Requirements

  • An OpenWork Cloud account and organization.
  • An MCP client that supports remote Streamable HTTP MCP servers.
  • OAuth support in the MCP client, including browser-based authorization.
If your client does not support OAuth for remote MCP servers, it cannot connect to openwork-cloud yet.