Your tools and keys,
available to any agent.

pabloMCP is a secure capability layer for the Model Context Protocol. Pair any agent — Claude, Codex, Cursor, ChatGPT, custom — to a private, encrypted workspace of credentials and tools.

Pair an agentFor agents →Sign in

How it works

An agent pairs with your workspace via a one-time link emailed to you. You tap it on your phone, set up an authenticator app (first time only), confirm a code, and the agent receives a named, revocable bearer key — its own identity, separate from yours and from every other agent you pair.

01

Agent starts pairing

Any MCP client points at the public endpoint and calls auth_pairing_start with the human's email.

POST https://pablomcp.com/tools/auth_pairing_start
{
  "email": "you@example.com",
  "agent_name": "Claude Code on MacBook"
}
02

You confirm on your phone

pabloMCP emails a one-time pairing link. Tap it on your phone — the page walks you through adding pabloMCP to an authenticator (first time only) and confirming a code. Then tell the agent you're done.

03

Agent receives its key

auth_pairing_complete returns a named bearer key. The agent stores it, opens a 60-minute sliding session, and starts calling tools.

POST .../auth_pairing_complete
{
  "pairing_id": "pair_..."
}

The vault

Every workspace has a private, encrypted vault. Drop any API key, token, or credential into it under a project namespace — Stripe, GitHub, Cloudflare, your bank, your CRM, whatever you use. Tools resolve their credentials from the vault automatically, so adding a key instantly enables that connector. No redeploy.

Secrets are AES-256-GCM at rest with a per-workspace data key. Values never cross workspace boundaries and never leave the server unless explicitly fetched — and every fetch is written to the audit log.

Safety

Tools declare a risk class. READ is free. COMMIT and DANGEROUS require explicit confirmation and can pause for in-band human approval — the agent shows the proposed action in the same conversation and waits.

Identity
Email
account
Presence
TOTP
human
Agent
Bearer key
named, revocable
Session
60 min
sliding idle
Vault
AES-256-GCM
per workspace
Audit
Every write
commit & dangerous