OAUTH 2.0
MEDIA
Connects AI agents to Cloudinary's asset management platform, enabling upload, search, transformation, and organization of media assets through natural...
from langchain_mcp_adapters.client import MultiServerMCPClient
from scalekit import ScalekitClient
client = ScalekitClient(env_url=ENV_URL, client_id=CLIENT_ID, client_secret=SECRET)
token = client.agent.get_token(user_id="user_id", connector="cloudinarymcp")
mcp = MultiServerMCPClient({
"cloudinarymcp": {
"url": "https://mcp.scalekit.com/cloudinarymcp",
"headers": {"Authorization": "Bearer " + token}
}
})
tools = await mcp.get_tools()import OpenAI from "openai";
const token = await client.agent.getToken({ userId: "user_id", connector: "cloudinarymcp" });
// Connect to MCP at https://mcp.scalekit.com/cloudinarymcpimport Anthropic from "@anthropic-ai/sdk";
const token = await client.agent.getToken({ userId: "user_id", connector: "cloudinarymcp" });
// Connect to MCP at https://mcp.scalekit.com/cloudinarymcpfrom google.adk.agents import LlmAgent
token = client.agent.get_token(user_id="user_id", connector="cloudinarymcp")
# Connect to MCP at https://mcp.scalekit.com/cloudinarymcpDoes the agent access Cloudinary as the user or as a shared key?
As the user. Each workspace member authorizes once and Scalekit resolves their credential at request time. Audit logs attribute every action to that user, not a shared service account.
Where is the Cloudinary OAuth token stored?
In Scalekit's managed AES-256 token vault, namespaced per tenant. Refresh is automatic. Revocation is a single dashboard action. Tokens never appear in prompts, logs, or LLM context.
Can I limit what the agent is allowed to do in Cloudinary?
Yes. Pass a tool name filter to listScopedTools so the media agent only sees the subset you authorize. Pre-API-call scope checks block out-of-policy actions before the request reaches Cloudinary.
What happens when a user revokes Cloudinary access?
The connection is invalidated on the next tool call. Subsequent requests for that user fail closed with a clear error. Other users in the tenant remain unaffected. The event is logged for audit.
Which media assets can the agent transform or delete?
Only assets the authorizing user can manage in Cloudinary. Uploads, renames, and deletions follow the user's product environment permissions, and destructive tools can be filtered out entirely.