Skip to main content
AI Integrations is in beta and available to beta testers only. Contact Stardeck support if you’d like access.
AI Integrations lets you connect external AI tools to your Stardeck organization. Once connected, those tools can read your knowledge store, query your data stores, list your apps, and call cross-app endpoints — the same capabilities Starcat uses when it works on your org, available from whatever AI tool you’re already using. The connection is a standard MCP server over HTTP. Any client that supports OAuth-based MCP can connect.

What you can do

Once connected, your AI tool can:
  • Read and search the knowledge store — ask questions about policies, SOPs, brand guidelines, or any reference material your org has stored
  • Query data stores — list stores, inspect schema, run queries against your live data (with write access: modify data or schema too)
  • Discover and call apps — list apps in the org, see which endpoints allow agent calls, and call them — useful for triggering workflows or reading app state
  • Look up roles and permissions — understand who has access to what, and what the connected session itself can do

Role binding

When you authorize a connection, you pick which org role the session acts as. The role controls exactly which tools appear — a viewer role gets read-only knowledge and data access, while an admin role gets the full surface. You can change the role (or revoke access) any time from the AI Integrations tab in your org’s Settings, without needing to re-authorize. The role is enforced per request, not just at authorization time. If you remove the role or leave the org, access stops immediately.

Access levels

At authorization you also choose an access level:
LevelWhat it enables
Read onlyRead tools: list, search, query
Read & writeRead + write tools: create, update, upsert, call write endpoints
Both levels are further controlled by the role’s permissions. Read & write won’t grant write tools if the role doesn’t hold the matching write permission.

Security model

Every connection has two independent gates:
  • Who can connect — you must be a member of the org and sign in during authorization. A token issued for one org can’t reach another.
  • What the connection can do — the role you pick. The token proves identity; the role decides capability.
Additional controls:
  • Off by default — no external tool can connect until a member in your org explicitly authorizes one.
  • Revocable at any time — org admins (or members with the Manage AI Connectors permission) can revoke any connector from the AI Integrations tab; members can always revoke their own. Access stops on the next request after revocation.
  • No stored secret in client config — authorization happens in your browser. The server URL you add to your client is public and safe to commit.
  • Audited — every tool call is logged and tagged so it’s distinguishable from Starcat’s own agent activity.

Next steps

Connect your AI tool

Step-by-step guide for Claude Code, Claude Desktop, Cursor, and more

Tools & Permissions

Full reference of what each tool group does and which permissions control it

Members & Roles

Create and configure the role your connection acts as

Starcat

The org-level agent that uses these same capabilities in the dashboard