back to features

MCP Secrets Management

Revolutionary secret management for Model Context Protocol OAuth authentication—pre-authenticate shared secrets, support multiple accounts per service, enable background agents, and provide automatic fallback authentication when needed.

Most MCP platforms treat each connection as isolated and single-user, making it impossible to pre-authenticate administrative connections or support multiple accounts from the same service. Users must manually authenticate every connection, breaking background automation entirely.

ChatBotKit's intelligent secret management changes everything. Administrators can pre-authenticate shared secrets once and make them available to everyone. Personal secrets keep user-specific data private. Multiple accounts can connect to the same service simultaneously. When an MCP ability needs authentication but has no linked secret, ChatBotKit automatically prompts the user. Link a pre-authenticated secret to an agent, and it runs completely in the background.

Install an MCP through ChatBotKit skillset abilities, and all tools become immediately available. Authentication flows seamlessly through linked secrets, falls back to user prompts when needed, and enables sophisticated multi-account, background-capable workflows impossible on other platforms.

Shared secrets enable true background automation. Administrators authenticate once, making credentials available across the entire team. Agents can run scheduled tasks, monitor systems, and automate workflows without anyone present. Connect multiple accounts to the same service—manage five different Linear workspaces or authenticate both work and personal GitHub accounts.

Personal secrets keep individual data private. When someone uses an agent accessing their calendar or email, ChatBotKit automatically uses their credentials. The system knows who's interacting and provides the right authentication context.

The automatic fallback means you can start using MCP tools immediately. If a tool needs authentication and you haven't configured a secret, ChatBotKit prompts you right then. Nothing breaks. When you're ready for background automation, pre-authenticate a shared secret and everything runs unattended.

We support OAuth for over 30 services—productivity tools like Notion and Linear, development platforms like GitHub and Sentry, business systems like Stripe and Intercom. ChatBotKit figures out which secret to use based on service, user context, and access pattern. No manual configuration needed.

Real workflows: A DevOps team pre-authenticates Sentry and Vercel secrets, then runs a monitoring agent hourly with zero user interaction. A consulting firm creates separate shared secrets for each client's Linear workspace—different agents access different workspaces simultaneously. A sales team combines shared CRM access with personal calendar and email access, automatically respecting organizational and individual boundaries.

Everything is encrypted, fully auditable, and instantly revocable. OAuth tokens are encrypted at rest and in transit. Every secret access is logged. Revoke a secret and all agents immediately stop using it. Tokens refresh automatically.

Getting started is simple. Use MCP tools and authenticate when prompted, or visit connect.chatbotkit.app to pre-authenticate shared secrets for background operation. Create multiple secrets for the same service when you need multi-tenant isolation. The system handles the complexity.

This is what MCP authentication should be: flexible enough for any workflow, secure enough for enterprise use, and simple enough to just work.

mcpmodel context protocolsecretsoauthsecurity