AI assistants
Connect an AI assistant — Claude, ChatGPT, or any tool that speaks the Model Context Protocol (MCP) — directly to your Tripdocks workspace. Once connected, the assistant can read your leads, quotes, reservations and tasks, and — if you allow it — act on them: create a lead, draft a task, log a payment, all without leaving the assistant.
Access is built on OAuth 2.1. You sign in to Tripdocks, review exactly what the assistant is asking for on a consent screen, and approve it. Every assistant is bounded by your role’s permissions, every action it takes is recorded, and you can revoke it at any time.
The assistant acts as you. It sees only the data you can see and can only do what your role allows — nothing more.
What an assistant can do
What’s available depends on the access you approve and your role:
| It can… | Examples |
|---|---|
| Read your CRM | Search leads, open a lead, list reservations, view quotes, check tasks, see invoice and payment status |
| Act on your behalf (if granted) | Create or update a lead, add or complete a task, send a quote, log a payment |
The exact tools an assistant can call are derived from the access you grant and what your role permits in Settings → Roles & permissions. If your role can’t do something in Tripdocks, the assistant can’t either.
How access works
- OAuth 2.1 + PKCE. The assistant never sees your password — it’s redirected to Tripdocks to sign in.
- Consent. You see a screen listing exactly what’s being requested, grouped in plain language (for example Leads & enquiries, Create & edit on your behalf, Log payments). You Allow or Cancel.
- Role-bounded. Only the access your role actually holds is granted — anything beyond it is dropped automatically.
- Audited. Every tool call the assistant makes is logged (which tool, success or failure, when). Tool arguments are hashed, never stored in the clear.
- Revocable. Remove an assistant at any time from Settings → Intelligence; its tokens stop working immediately.
Before you start
- Your role needs the Connect AI permission, set in Settings → Roles & permissions. Without it, the consent screen tells you access isn’t permitted.
- Your assistant must support remote MCP servers / custom connectors (for example Claude on a paid plan, Claude Desktop, or another MCP-capable client).
- Have your Tripdocks connector URL ready (below).
Connect Claude (Claude.ai)
-
In Claude, open Settings → Connectors → Add custom connector.
-
Name it (for example Tripdocks) and paste your Tripdocks connector URL:
https://app.tripdocks.com/mcp -
Click Connect. A browser tab opens on the Tripdocks consent screen.
-
Sign in to Tripdocks if prompted, review the permissions, and click Allow access.
-
Done. The assistant appears under Settings → Intelligence → My assistants, and Claude can now use your Tripdocks tools.
Connect Claude Desktop
Add Tripdocks to your claude_desktop_config.json and restart Claude Desktop:
{
"mcpServers": {
"tripdocks": {
"command": "npx",
"args": ["-y", "mcp-remote", "https://app.tripdocks.com/mcp"]
}
}
}The first time it connects, Claude Desktop opens your browser to the same consent screen.
Other assistants
Any client that supports remote MCP over OAuth connects the same way — point it at your connector URL and approve the consent screen. The assistant registers itself automatically (Dynamic Client Registration); there are no API keys to copy, paste or rotate.
Permissions & scopes
On the consent screen, requested access is grouped into plain-language rows:
| Group | Type | Covers |
|---|---|---|
| Profile & company | Read | Your name, email, company and role |
| Leads & enquiries | Read | Your leads, contacts and pipeline |
| Quotes, reservations & hotels | Read | Quotes and itineraries, bookings, hotel catalogue |
| Tasks, notifications & payment status | Read | Tasks, notifications, invoice and payment status |
| Create & edit on your behalf | Write | Add or change leads, quotes, tasks and comments |
| Log payments | Write | Record payments against reservations |
You always see this list before approving, and only what your role permits is actually granted. Which tools each role’s assistants can use is configured in Settings → Roles & permissions.
Managing connected assistants
Open Settings → Intelligence:
- My assistants — every assistant you’ve connected. Open one to see its scopes, the exact tools it can use, and its recent activity. Click Revoke access to disconnect it instantly.
- Workspace (admins) — every assistant connected across your company, who connected it, and when it was last used. Admins can revoke any connection. Requires the Manage AI access permission.
Revoking is immediate: the assistant’s tokens are invalidated and it can no longer read or act on your data. To use it again, reconnect from the assistant’s side — there’s no reconnect button here, by design.
Security & privacy
- No passwords shared. Authentication is OAuth 2.1 with PKCE; the assistant only ever holds a scoped token.
- Scoped and role-bounded. A token can do only what you approved and what your role allows — including your data scope (your own records, your team’s, or all).
- Full audit trail. Every tool call is recorded with the tool name, outcome and timestamp; arguments are stored only as a hash, so the audit log never contains raw customer data.
- Revoke anytime. One click in Settings → Intelligence ends access immediately.
FAQ
Does the assistant get my password? No. It’s redirected to Tripdocks to sign in and only receives a scoped access token.
Can an assistant do more than I can? No. It acts as you and is bound by your role, including your data scope.
What happens when I revoke? The assistant’s tokens stop working immediately. It can’t read or act again until you reconnect it from the assistant’s side.
Can my admin see which assistants are connected? Yes. Admins with Manage AI access see every connection across the workspace under Settings → Intelligence → Workspace.