Skip to main content
Sagepilot MCP supports two authentication modes.
ModeUse whenCredential
Hosted OAuthThe client can open a Sagepilot browser sign-in flow.No token to copy. The user signs in and approves access.
API tokenThe client cannot complete OAuth, or you are running private server-side automation.Authorization: Bearer sp_...
For ChatGPT, Claude, Codex, and similar hosted clients, start with Hosted connectors.

API token authentication

Use this only when hosted OAuth is not available.
1

Open Sagepilot

Sign in to the Sagepilot workspace you want to connect.
2

Go to API Details

Open Settings -> API Details -> API client v2.
3

Create an API client

Create a new API client with the access your MCP client needs, then copy the sp_... token. It is shown once.
4

Send the token to MCP

Pass the token as an Authorization header.
Authorization: Bearer sp_your_token
Some MCP clients also support X-API-Key: sp_your_token. Prefer the Authorization header unless your client requires a separate API-key header field.
Treat sp_... API client tokens as secrets. Do not commit them to source control or expose them in client-side code.