How to use MCP in Retool: Connect any AI tool to your workspace

In November 2024, Model Context Protocol (MCP) was introduced by Anthropic. Since then, it’s gone from niche spec to the connective tissue of the AI stack.

Retool works with MCP in two directions:

You can now connect AI tools like Claude Code, Cursor, or Codex directly to your Retool workspace through Retool's own native MCP server to build apps, run queries, and manage your organization without leaving your AI tool.
You can connect external MCP servers to your Retool agents, giving them tools like Jira, Linear, or GitHub to create tickets, update docs, and act on data across your stack.

In this piece, we’re going to cover both integration paths. First, we’ll look at how to build Retool apps, run queries, and manage your organization without leaving your AI coding agent. Along with that, you’ll learn everything about Retool’s MCP server—what it unlocks, how its permission scopes work, and how to connect any MCP-compatible client to your Retool workspace. Then, we’ll walk through a couple of different setup options for connecting your Retool agents to external tools.

What is MCP?

MCP (Model Context Protocol) is an open standard that allows AI agents to connect to external tools and data sources, such as GitHub, Jira, or Figma, through a consistent, standardized interface, without custom-built integrations for each tool.

It works through MCP servers: an MCP server is how a piece of software exposes its functionality to a large language model. The server describes its tools in a standard format, and any MCP-compatible client can discover those tools and call them. A great example is GitHub's MCP server. Point an AI agent at this MCP server, and it can read issues, search code, and open pull requests, with no glue code on your end.

Why does MCP matter for agents?

This functionality matters for AI agents because access to tools is what separates a chatbot from something that does real work. An agent with MCP connections can pull live data from the systems your team already uses and act on your behalf within them.

How to use Retool as a native MCP server

Retool now operates as a native MCP server, currently in public beta on Cloud and available on all plans.

Any MCP-compatible AI tool, including Claude, Cursor, Codex, ChatGPT, and Kiro, can connect directly to your Retool workspace and work with your apps, resources, workflows, and users, based on the permission scope you authorize. This is the reverse of the integrations above: instead of Retool agents reaching out to external tools, external AI tools reach into Retool.

The practical effect is that Retool comes to wherever you build. If you spend your day in Claude Code or Cursor, you can inspect your Retool environment, kick off app builds, and handle admin tasks without switching to a browser.

What can you do with Retool's MCP server?

With Retool's MCP server connected, an AI assistant can work directly against your Retool workspace. The available tools fall into two groups

Building. You can build apps from your chosen development environment:

Start a new app build from a natural-language prompt, or continue an existing one
View past and current agent activity on a build, and cancel a failed build
Read an app's files and inspect existing apps
Manually review function runs
Create resources and write queries against connected resources, like Retool Database, to power data analysis

Managing your organization. Admins can handle operational work without opening Retool:

Bulk-invite users and manage pending invites
Audit which users have access to the organization
Investigate audit logs
List and inspect workflows, folders, environments, and organization settings
List all connected resources and see their configurations

The full list of supported tools is in the MCP tools reference, or you can connect the server and run tools/list.

What AI tools can connect to Retool via MCP?

Any MCP-compatible AI client can connect to Retool's MCP server. Retool documents setup instructions for these clients:

Claude Code, via claude mcp add
Claude (Desktop or browser), added as a custom connector under Connectors (org Owners add it on Team and Enterprise plans)
Cursor, via its MCP settings or .cursor/mcp.json
Codex, via codex mcp add
ChatGPT, with Developer mode enabled
Kiro, via the Kiro CLI
Retool Agents themselves, which can consume Retool's MCP server as a tool like any other

The ecosystem of MCP clients is growing quickly. For current setup instructions per client, see Retool's MCP documentation.

How to connect your AI tool to Retool's MCP server

Every client connects with the same three details:

1.
Endpoint URL: https://<your-retool-instance>/mcp (for example, https://example.retool.com/mcp)
2.
Transport: HTTP
3.
Authentication: OAuth 2.0

During the OAuth flow, a browser window opens and asks you to select the scopes you want to authorize. After authenticating, you may need to restart your coding agent.

Here's what that looks like in Claude Code:

claude mcp add --transport http retool https://<your-retool-instance>/mcp

Start a new session, run /mcp, select the retool server, and complete the OAuth flow in your browser. The MCP is then ready to use. The flow for Cursor, Codex, ChatGPT, and Kiro follows the same pattern with each tool's own configuration syntax; the docs have step-by-step instructions for each.

No hosting or deployment is required on your end. Retool runs the MCP server as part of your Cloud instance.

Understanding Retool's three MCP scopes

Retool's MCP server offers three permission scopes that control what an AI tool can see and do inside your workspace: mcp:read for read-only access, mcp:write for building and executing, and mcp:admin for organization management, which only org administrators can select. You choose scopes during the OAuth flow when you connect a client.

mcp:read: Read-only visibility into your workspace

The mcp:read scope gives an AI assistant a read-only view of your Retool workspace. It can list and retrieve apps and resources, generate TypeScript definitions for connected resources, and read the history and status of app build threads. Nothing in this scope can change anything, which makes it the right starting point for evaluating the integration or for teams that only need visibility into Retool.

mcp:write: Build apps and run queries from your AI tool

The mcp:write scope is where app building happens. With it authorized, an AI assistant can create or update a Retool app from a natural-language prompt, monitor the build as it progresses, respond to review requests, and cancel activity that's gone sideways. It can also create new resources and execute TypeScript against connected resources, which is how you run data analysis queries from within your AI tool.

mcp:admin: Organization management for administrators

The mcp:admin scope covers governance and is available exclusively to Retool organization administrators. It adds the ability to list, retrieve, and delete workflows; manage user provisioning and pending invites; organize folders and environments; view organization settings; and investigate audit logs. Because this scope grants operational control across your workspace, authorize it deliberately and only where admin-level work from an AI tool is actually the goal.

How Retool enforces MCP permission boundaries

Retool enforces permission boundaries at the MCP layer. You can't be granted a scope with more permissions than your Retool account allows; only organization administrators can select mcp:admin, for example. And the MCP server surfaces only objects, such as apps, resources, and workflows, that the authenticated user already has permission to view.

In practice, this means your AI assistant gets the same view of Retool you already have, and nothing more. For teams evaluating MCP adoption, that's the important guardrail: connecting an AI tool doesn't widen anyone's access, because every request inherits the access controls, audit trails, and data permissions your organization has already configured at the platform level.

How to connect a public MCP server to your Retool agent

The most straightforward option is a server that's already publicly hosted. Some software providers, like Atlassian, have set up and configured their own remote MCP server. You connect it to an AI tool like Claude or Retool Agents, authenticate with OAuth, and immediately get access to data from Jira, Confluence, and other services. Your agents can then create Jira tickets, update Confluence docs, and work with data that already lives in Atlassian.

To set this up in Retool, you configure the MCP server as a resource and add it to your agent:

1.
From Retool Home, open the Resources tab and click Create new → Resource. Select MCP Server as the resource type.
2.
Give the resource a name and description, and enter the server's public URL.
3.
Configure authentication. For servers with no auth, like the AWS Knowledge MCP server (https://knowledge-mcp.global.api.aws), set authentication to None. For servers that use OAuth, like Linear's (https://mcp.linear.app/mcp), click Auto-configure authentication, and Retool detects the OAuth 2.0 settings, including the client ID and secret. You may see a consent screen asking you to authorize Retool with the service.
4.
Click Test Connection to confirm the server responds, then create the resource.

Now add the server to your agent. From your agent's configuration screen, click Add new tool, choose Connect to MCP server, and select your new resource from the dropdown. Once saved, every tool the MCP server exposes shows up in your agent's tool list, and the agent calls the appropriate one when a task requires it.

Whether you invoke your agent via chat, email, or a workflow, it can now use any tool available on the MCP server. No additional configuration required.

What if the MCP server you want doesn't have a public URL?

Many MCP servers still exist primarily as GitHub repos, designed to run locally over stdio on your own machine. Local servers work fine for a desktop AI client, but they aren't reachable from the public internet, so Retool agents (or any cloud-hosted LLM) can't connect to them.

To use one of these servers with Retool, it needs to be running somewhere with a public HTTPS endpoint that speaks MCP's Streamable HTTP transport. You have two realistic paths: find a hosted version of the server through a registry like Smithery, or host the server yourself and point Retool at your deployment.

How to find and connect hosted MCP servers with Smithery

Smithery is the largest open registry of MCP servers. Server authors publish their work for distribution, and each server gets a dedicated page with connection details. Smithery's gateway sits in front of published servers and handles MCP protocol compliance, OAuth flows, and the configuration UI, making it a convenient source of connectable endpoints for Retool.

To connect a Smithery-published server to Retool:

1.
Find the server in Smithery's registry and open its server page.
2.
Copy the server's HTTP endpoint from the connection details.
3.
In Retool, create an MCP Server resource as described above, set the Server URL to the endpoint, and configure authentication. Servers that require API keys or OAuth surface through Smithery's authentication flow.
4.
Test the connection, create the resource, and add it to your agent as a tool.

If the server you want isn't in the registry and only exists as a repo, you'll need to host it yourself. Deploy it to any platform that can serve Streamable HTTP over a public HTTPS URL, then add that URL to Retool as an MCP Server resource. Once it's running, you can also publish it on Smithery so others can discover it, and so Smithery's gateway can handle OAuth and configuration for you.

One caveat: Smithery also distributes local stdio servers as MCPB bundles. Those run inside desktop clients like Claude Desktop, not on a server, so they can't be used as Retool resources. For Retool, you need an endpoint with a URL.

Retool as both MCP consumer and MCP server: the full picture

Retool's MCP integration now works in both directions at once. On one side, Retool Agents connect to external MCP servers, pulling in tools like GitHub, Jira, or Figma to act on data across your stack. On the other, Retool exposes its own workspace to any MCP-compatible AI tool that speaks the protocol.

The two patterns are complementary, and teams will often run both. One developer wires a hosted Linear MCP server into a Retool agent that triages support tickets. At the same time, a teammate uses Claude Code with Retool's MCP server to build the app that displays them. You can even point a Retool agent at Retool's own MCP server, giving an agent inside Retool programmatic access to the workspace around it.

Which direction you start with depends on where your AI workflow begins: inside Retool, or outside it.

Next steps with MCP in Retool

Whether you're connecting external tools to your Retool agents or connecting your AI tools to Retool, here's where to start.

To connect an external MCP server to your Retool agent:

Find a public MCP server endpoint (like Linear's at https://mcp.linear.app/mcp), or a hosted server through Smithery's registry
Create an MCP Server resource in Retool and configure authentication
Add the MCP server as a tool in your Retool agent

To connect your AI tool to Retool via Retool's MCP server:

Add https://<your-retool-instance>/mcp to your MCP-compatible client
Authenticate with OAuth 2.0 and select your permission scopes
Start building apps, running queries, and managing your workspace from your AI tool of choice

For full setup instructions and the latest compatibility information, see the Retool MCP documentation. And if you're ready to go deeper on building AI agents that do real work inside your business, explore our Agents & Workflows tutorial collection.