Integration Setup Guides

Go to console.anthropic.com/settings/keys.

Click 'Create Key', give it a name (e.g. 'ClearFox'), and copy the key.

Set the key in your .env file:

PORTAL_ANTHROPIC_API_KEY=sk-ant-api03-...

Recommended models: claude-sonnet-4-20250514 (default), claude-opus-4-20250514 (max quality).

Pricing: pay-per-token via Anthropic. No minimum commitment.

Go to platform.openai.com/api-keys.

Click 'Create new secret key', name it (e.g. 'ClearFox'), and copy the key.

Set the key in your .env file:

PORTAL_OPENAI_API_KEY=sk-...

Recommended models: gpt-4o (default), gpt-4-turbo.

Pricing: pay-per-token via OpenAI. No minimum commitment.

Install Ollama: ollama.com/download (macOS, Linux, Windows).

Pull a model:

ollama pull llama3.1:70b

Ollama serves an OpenAI-compatible API on port 11434 by default.

If Ollama runs on the host machine, use host.docker.internal as the host.

Set env vars in .env:

PORTAL_OLLAMA_BASE_URL=http://host.docker.internal:11434
PORTAL_OLLAMA_MODEL=llama3.1:70b

All data stays on your machine. No internet access required after model download.

Install vLLM: docs.vllm.ai or use the Docker image.

Start vLLM with an OpenAI-compatible server:

vllm serve meta-llama/Llama-3.1-70B-Instruct --port 8000

If vLLM runs on the host machine, use host.docker.internal as the host.

Set env vars in .env:

PORTAL_VLLM_BASE_URL=http://host.docker.internal:8000/v1
PORTAL_VLLM_MODEL=meta-llama/Llama-3.1-70B-Instruct

Requires a GPU with sufficient VRAM (70B model needs ~40GB). For smaller setups, use 8B or 13B models.

Full air-gap support. Nothing leaves your network.

Create a read-only MySQL user for the AI:

CREATE USER 'clearfox'@'%' IDENTIFIED BY 'your-password';
GRANT SELECT ON your_database.* TO 'clearfox'@'%';

If MySQL runs on the host machine, use host.docker.internal as the host.

If MySQL runs in Docker, use the container name as the host.

Set env vars in .env:

MCP_MYSQL_MAIN_HOST=host.docker.internal
MCP_MYSQL_MAIN_USER=clearfox
MCP_MYSQL_MAIN_PASS=your-password
MCP_MYSQL_MAIN_DB=your_database

Optionally set MCP_MYSQL_MAIN_KEY_TABLES to highlight important tables.

Create a read-only PostgreSQL user for the AI:

CREATE USER clearfox WITH PASSWORD 'your-password';
GRANT CONNECT ON DATABASE your_db TO clearfox;
GRANT USAGE ON SCHEMA public TO clearfox;
GRANT SELECT ON ALL TABLES IN SCHEMA public TO clearfox;

If PostgreSQL runs on the host machine, use host.docker.internal as the host.

Set env vars in .env:

MCP_PG_MAIN_HOST=host.docker.internal
MCP_PG_MAIN_USER=clearfox
MCP_PG_MAIN_PASS=your-password
MCP_PG_MAIN_DB=your_database

Optionally set MCP_PG_MAIN_SCHEMA and MCP_PG_MAIN_KEY_TABLES.

Go to Google Cloud Console → IAM & Admin → Service Accounts.

Create a service account (e.g. 'clearfox-analytics').

Click on the service account → Keys → Add Key → Create new key → JSON.

Download the JSON key file.

In Google Analytics, go to Admin → Property Access Management and add the service account email as a Viewer.

Set env vars in .env:

MCP_GA_MAIN_CREDENTIALS_JSON={"type":"service_account",...}
MCP_GA_MAIN_PROPERTY_ID=123456789

Go to Azure Portal → Azure Active Directory → App registrations → New registration.

Grant API permissions: Power BI Service → Dataset.Read.All, Report.Read.All, Dashboard.Read.All.

Use OAuth2 flow to obtain an access token with Power BI scopes.

Optionally find your Workspace ID: Power BI → Workspaces → select workspace → ID is in the URL.

Set env vars in .env:

MCP_PBI_MAIN_ACCESS_TOKEN=your-azure-ad-token
MCP_PBI_MAIN_WORKSPACE_ID=your-workspace-id (optional)

Go to https://id.atlassian.com/manage-profile/security/api-tokens.

Click 'Create API token', name it (e.g. 'ClearFox AI'), and copy the token.

Set env vars in .env:

MCP_JIRA_MAIN_URL=https://yourcompany.atlassian.net
MCP_JIRA_MAIN_EMAIL=your-email@company.com
MCP_JIRA_MAIN_API_TOKEN=your-api-token
MCP_JIRA_MAIN_PROJECT_KEY=ECT (optional, default project key)

Go to https://id.atlassian.com/manage-profile/security/api-tokens.

Click 'Create API token', name it (e.g. 'ClearFox AI'), and copy the token.

Set env vars in .env:

MCP_CONFLUENCE_MAIN_URL=https://yourcompany.atlassian.net
MCP_CONFLUENCE_MAIN_EMAIL=your-email@company.com
MCP_CONFLUENCE_MAIN_API_TOKEN=your-api-token
MCP_CONFLUENCE_MAIN_SPACES=SPACE1,SPACE2 (optional)

Go to https://www.notion.so/my-integrations and click '+ New integration'.

Give it a name (e.g. 'ClearFox AI'), select the workspace, and click 'Submit'.

Copy the 'Internal Integration Secret' (starts with ntn_...).

Share the pages/databases you want accessible with the integration (click '...' → 'Connect to' → select your integration).

Set MCP_NOTION_MAIN_API_KEY=ntn_... in your .env file.

Go to https://api.slack.com/apps and click 'Create New App' → 'From scratch'.

Name it (e.g. 'ClearFox AI') and select your workspace.

Go to 'OAuth & Permissions' → 'Scopes' → add Bot Token Scopes:

channels:read, channels:history, groups:read, groups:history,
users:read, search:read, chat:write (if you want the AI to post).

Click 'Install to Workspace' and authorize.

Copy the 'Bot User OAuth Token' (starts with xoxb-...).

Set MCP_SLACK_MAIN_BOT_TOKEN=xoxb-... in your .env file.

Invite the bot to channels it should access: /invite @ClearFox AI

Log in to Freshservice as an admin.

Go to your profile icon → Profile Settings.

On the right side, find your API Key and copy it.

Your domain is the subdomain (e.g. 'mycompany' from mycompany.freshservice.com).

Set env vars in .env:

MCP_FRESHSERVICE_MAIN_DOMAIN=mycompany
MCP_FRESHSERVICE_MAIN_API_KEY=your-api-key

Log in to Zendesk as an admin.

Go to Admin Center → Apps and integrations → Zendesk API → Settings.

Enable 'Token Access' and click 'Add API token'.

Copy the token (it is shown only once).

Your subdomain is the part before .zendesk.com (e.g. 'mycompany' from mycompany.zendesk.com).

Set env vars in .env:

MCP_ZENDESK_MAIN_SUBDOMAIN=mycompany
MCP_ZENDESK_MAIN_EMAIL=agent@company.com
MCP_ZENDESK_MAIN_API_TOKEN=your-api-token

Log in to https://dashboard.stripe.com/apikeys.

Click '+ Create restricted key' (recommended over the secret key for security).

Give it a name (e.g. 'ClearFox AI Read-Only').

Set permissions: All Read access. Do NOT enable any Write permissions unless needed.

Click 'Create key' and copy it (starts with rk_live_... or sk_live_...).

Set MCP_STRIPE_MAIN_API_KEY=sk_live_... in your .env file.

For test mode, use keys from 'Test mode' toggle (starts with sk_test_...).

Go to https://developer.intuit.com → Dashboard → create or select an app.

Select 'QuickBooks Online and Payments' as the platform.

Use OAuth2 Playground or your app to obtain an access token.

Find your Realm (Company) ID: log in to QuickBooks → look at the URL (company/REALM_ID/...).

Set env vars in .env:

MCP_QB_MAIN_ACCESS_TOKEN=your-oauth-token
MCP_QB_MAIN_REALM_ID=1234567890
MCP_QB_MAIN_ENVIRONMENT=production (or sandbox)

Note: access tokens expire after 1 hour. Use a refresh token flow for production.

Go to https://developer.xero.com/app/manage and create a new app (or use existing).

Set app type to 'Web app' with OAuth 2.0.

Use the OAuth2 flow to obtain an access token with scopes: accounting.transactions.read, accounting.reports.read.

Find your Tenant ID: call GET https://api.xero.com/connections with the access token.

Set env vars in .env:

MCP_XERO_MAIN_ACCESS_TOKEN=your-oauth-token
MCP_XERO_MAIN_TENANT_ID=your-tenant-id

Note: Xero tokens expire after 30 minutes. Use a refresh token mechanism for production.

Log in to Wise → Settings → API tokens.

Click 'Add new token' → select 'Read only' for safety.

Copy the token.

Set env vars in .env:

MCP_WISE_MAIN_API_TOKEN=your-api-token
MCP_WISE_MAIN_ENVIRONMENT=live (or sandbox for testing)

For sandbox, register at https://sandbox.transferwise.tech and create a token there.

Go to https://developer.paypal.com/dashboard/applications.

Click 'Create App', name it (e.g. 'ClearFox AI').

Select 'Merchant' app type.

Copy the Client ID and Secret (toggle Live/Sandbox as needed).

Set env vars in .env:

MCP_PAYPAL_MAIN_CLIENT_ID=your-client-id
MCP_PAYPAL_MAIN_CLIENT_SECRET=your-client-secret
MCP_PAYPAL_MAIN_ENVIRONMENT=live (or sandbox for testing)

Go to HubSpot → Settings (gear icon) → Integrations → Private Apps.

Click 'Create a private app', name it (e.g. 'ClearFox AI').

Go to 'Scopes' tab and enable read scopes you need:

crm.objects.contacts.read, crm.objects.deals.read, crm.objects.companies.read, etc.

Click 'Create app' and copy the access token.

Set MCP_HUBSPOT_MAIN_ACCESS_TOKEN=pat-... in your .env file.

In Salesforce Setup, go to App Manager → 'New Connected App'.

Enable OAuth, add scopes: 'api', 'refresh_token'.

Use OAuth flow to obtain an access token, or use a session token.

Find your instance URL (e.g. https://mycompany.my.salesforce.com).

Set env vars in .env:

MCP_SF_MAIN_ACCESS_TOKEN=your-oauth-token
MCP_SF_MAIN_INSTANCE_URL=https://mycompany.my.salesforce.com

Note: access tokens expire. For production, use a refresh token flow or connected app with long-lived token.

Log in to Pipedrive → click your profile → Company settings → Personal preferences.

Go to the 'API' tab and copy your personal API token.

Your domain is the subdomain in your Pipedrive URL (e.g. 'yourcompany' from yourcompany.pipedrive.com).

Set env vars in .env:

MCP_PIPEDRIVE_MAIN_API_TOKEN=your-api-token
MCP_PIPEDRIVE_MAIN_DOMAIN=yourcompany

The token inherits the permissions of the user. Use an admin account for full access.

Log in to BambooHR as an admin.

Click your name → API Keys.

Click 'Add New Key', name it (e.g. 'ClearFox AI'), and copy the key.

Your subdomain is the part before .bamboohr.com (e.g. 'mycompany').

Set env vars in .env:

MCP_BAMBOOHR_MAIN_SUBDOMAIN=mycompany
MCP_BAMBOOHR_MAIN_API_KEY=your-api-key

Log in to Personio as an admin.

Go to Settings → Integrations → API credentials.

Click 'Generate new credentials'.

Select read permissions for the data you need (employees, absences, attendances).

Copy the Client ID and Client Secret.

Set env vars in .env:

MCP_PERSONIO_MAIN_CLIENT_ID=your-client-id
MCP_PERSONIO_MAIN_CLIENT_SECRET=your-client-secret

Log in to HiBob as an admin.

Go to Settings → Integrations → Service Users.

Create a new service user with the required permissions.

Copy the Service User ID and Token.

Set env vars in .env:

MCP_HIBOB_MAIN_SERVICE_USER_ID=your-service-user-id
MCP_HIBOB_MAIN_TOKEN=your-token

Go to Google Cloud Console → APIs & Services → Credentials.

Create OAuth 2.0 credentials (or use a service account).

Enable the Google Ads API for your project.

Use the OAuth Playground or your app to generate a refresh token.

Find your Customer ID: Google Ads → top-right corner (format: 123-456-7890, use without dashes).

Set env vars in .env:

MCP_GADS_MAIN_DEVELOPER_TOKEN=your-developer-token
MCP_GADS_MAIN_CLIENT_ID=your-oauth-client-id
MCP_GADS_MAIN_CLIENT_SECRET=your-oauth-secret
MCP_GADS_MAIN_REFRESH_TOKEN=your-refresh-token
MCP_GADS_MAIN_CUSTOMER_ID=1234567890

Go to https://developers.facebook.com → My Apps → create or select an app.

Add the 'Marketing API' product to your app.

Go to Tools → Graph API Explorer.

Select your app, and request permissions: ads_read, ads_management.

Generate an access token and exchange it for a long-lived token.

Find your Ad Account ID: Business Manager → Business Settings → Accounts → Ad Accounts (format: act_123456789).

Set env vars in .env:

MCP_META_MAIN_ACCESS_TOKEN=your-access-token
MCP_META_MAIN_AD_ACCOUNT_ID=act_123456789

Log in to Mailchimp → Profile → Extras → API keys.

Click 'Create A Key' and copy it.

The server prefix (e.g. us21) is the part after the dash in your API key.

Set env vars in .env:

MCP_MAILCHIMP_MAIN_API_KEY=your-api-key-us21
MCP_MAILCHIMP_MAIN_SERVER_PREFIX=us21

Go to Google Cloud Console → IAM & Admin → Service Accounts.

Create a service account (e.g. 'clearfox-sheets').

Click on the service account → Keys → Add Key → Create new key → JSON.

Download the JSON key file.

Share the Google Sheets you want accessible with the service account email.

Set env vars in .env:

MCP_GSHEETS_MAIN_CREDENTIALS_JSON={"type":"service_account",...}
MCP_GSHEETS_MAIN_SPREADSHEET_ID=your-spreadsheet-id

Go to Azure Portal → Azure Active Directory → App registrations → New registration.

Grant API permissions: Microsoft Graph → Files.Read.All, Sites.Read.All.

For delegated access: use OAuth2 flow to get an access token.

For app-only access: create a client secret and use client credentials flow.

Set env vars in .env:

MCP_EXCEL_MAIN_ACCESS_TOKEN=your-token
MCP_EXCEL_MAIN_DRIVE_ID=your-drive-id (optional)

Log in to Odoo as an admin.

Go to Settings → Users & Companies → your user → Preferences tab.

Scroll to 'API Keys' section → click 'New API Key', name it, and copy the key.

Your Odoo URL is the base URL of your instance (e.g. https://mycompany.odoo.com).

The database name is visible in the URL or in Settings → Database Manager.

Set env vars in .env:

MCP_ODOO_MAIN_URL=https://mycompany.odoo.com
MCP_ODOO_MAIN_DB=mycompany
MCP_ODOO_MAIN_USERNAME=admin@company.com
MCP_ODOO_MAIN_API_KEY=your-api-key

Log in to Make.com → click your profile (bottom-left) → Profile.

Scroll to 'API' section and create a new API token.

Copy the token.

Find your organization and team IDs from the URL when browsing Make.

Set env vars in .env:

MCP_MAKE_MAIN_API_TOKEN=your-api-token
MCP_MAKE_MAIN_ORG_ID=your-org-id
MCP_MAKE_MAIN_TEAM_ID=your-team-id (optional)

Go to https://zapier.com/app/developer.

Create an API key or use an existing one.

Copy the API key.

Set MCP_ZAPIER_MAIN_API_KEY=your-api-key in your .env file.

The API key allows read access to your Zaps, task history, and folders.

Identify the base URL of the API you want to connect (e.g. https://api.example.com/v1).

If the API requires authentication, prepare the auth header name and value.

Optionally provide an OpenAPI/Swagger spec URL for automatic endpoint discovery.

Set env vars in .env:

MCP_REST_MAIN_BASE_URL=https://api.example.com/v1
MCP_REST_MAIN_AUTH_HEADER=Authorization
MCP_REST_MAIN_AUTH_VALUE=Bearer your-token
MCP_REST_MAIN_OPENAPI_URL=https://api.example.com/openapi.json (optional)

You can add multiple REST API configs with different {NAME} suffixes.

Prepare an SSH key with read access to your Git repositories.

List repos to clone as comma-separated URL|branch pairs.

Set env vars in .env:

MCP_GIT_SSH_KEY=base64-encoded-private-key
MCP_GIT_REPOS=git@github.com:org/repo1.git|main,git@github.com:org/repo2.git|develop

The server will clone repos on startup and provide code search and file reading tools.

No configuration needed. This server fetches URLs and extracts content as markdown.

It works out of the box with no API keys required.

No configuration needed. This server provides structured step-by-step reasoning.

It works out of the box with no API keys required.

No configuration needed. This server provides persistent memory storage for the AI.

It works out of the box with no API keys required.