Contentful MCP

Live

OAUTH 2.0

FILES & DOCUMENTS

Productivity

Connect to Contentful MCP. Manage spaces, entries, assets, content types, and taxonomies in your Contentful CMS from AI workflows.

  • Acts as the user: Every tool call runs as the authorizing user. Access and audit trail stay intact.
  • Credentials stay vaulted: AES-256 encrypted, resolved at request time, never stored in LLM context.
  • Scoped before every call: Per-user permissions enforced automatically. 90-day audit trail included.
Contentful MCP
agent · Acme Q3
Run
Archive Asset in Contentful MCP
contentfulmcp_archive_asset
85ms
Message Claude...

Contentful MCP tools for AI agents

CALL ANY TOOL
12 tools covering archive, create.
contentfulmcp_archive_asset
Archive one or more assets that are no longer needed but should be preserved.
Build your Agent
Same auth pattern across every framework.
Python · LlamaIndex
token = client.agent.get_token(user_id="user_id", connector="contentfulmcp")
mcp = MultiServerMCPClient({"contentfulmcp": {"url": "https://mcp.scalekit.com/contentfulmcp", "headers": {"Authorization": "Bearer " + token}}})
const token = await client.agent.getToken({ userId: "user_id", connector: "contentfulmcp" });
// Connect to MCP at https://mcp.scalekit.com/contentfulmcp
const token = await client.agent.getToken({ userId: "user_id", connector: "contentfulmcp" });
// Connect to MCP at https://mcp.scalekit.com/contentfulmcp
token = client.agent.get_token(user_id="user_id", connector="contentfulmcp")
# Connect to MCP at https://mcp.scalekit.com/contentfulmcp
Try these prompts
Paste any prompt into your agent to get started.
Upload a new asset to Contentful from a URL or file handle?
SEE HOW AUTH WORKS
User authorises once. Every agent call after uses their token with scope enforcement.
1
Authorize
Your user connects
Contentful MCP
once. We tie it to their identity and the meetings they approved — no shared bot account, no org-wide access
Who:
user ‘A’
when:
Once per user
access:
Limited to user
2
Store
Their
Contentful MCP
token lives in a vault scoped to them. User A's meetings are never reachable by an agent acting for user B, even on the same connection
vault:
encrypted
scope:
per-user
tokens:
auto-refreshed
3
Resolve
When your agent calls a
Contentful MCP
tool, we fetch the right token server-side. It never touches your agent, never appears in the LLM context, never shows up in your logs
speed:
~40ms
check:
before every call
seen by:
nobody
4
Audit
Every
Contentful MCP
tool call is logged — who triggered it, which meeting was fetched, what came back. 90 days of history, tied to the user who authorized it
history:
90 days
export:
SIEM-ready
logged:
every call
Test other agents
See the same per-user auth pattern across other connectors.
OPS
Email-to-calendar scheduling agent
Parse scheduling intent from Gmail threads and create Google Calendar events with the right attendees and timezone.
ENGINEERING
Engineering standup agent
Aggregate GitHub and GitLab activity, link to Jira, and post a daily standup digest to Slack. No async updates.
Why Scalekit
Secure your agent's access. Connectors ship in minutes
Other connector libraries treat auth as a demo afterthought.
01.
Shared tokens break per-user analytics
A shared token looks fine in a demo. Scalekit resolves the real user credential.
“Our agents act across Salesforce, Gong, Google Drive, and more, on behalf of every customer. Scalekit behind the scenes meant we can keep adding tools without ever rebuilding how credentials or tool calling work.”
Venu Madhav Kattagoni
Head of Engineering / Von
FAQs
Frequently Asked Questions

Does the agent access Contentful as the user or as a shared key?
As the user. Each workspace member authorizes once and Scalekit resolves their credential at request time. Audit logs attribute every action to that user, not a shared service account.

Where is the Contentful OAuth token stored?
In Scalekit's managed AES-256 token vault, namespaced per tenant. Refresh is automatic. Revocation is a single dashboard action. Tokens never appear in prompts, logs, or LLM context.

Can I limit what the agent is allowed to do in Contentful?
Yes. Pass a tool name filter to listScopedTools so the productivity agent only sees the subset you authorize. Pre-API-call scope checks block out-of-policy actions before the request reaches Contentful.

What happens when a user revokes Contentful access?
The connection is invalidated on the next tool call. Subsequent requests for that user fail closed with a clear error. Other users in the tenant remain unaffected. The event is logged for audit.

Can the agent publish content or only draft it?
Whatever the authorizing user's Contentful role allows. Entry, asset, and content type tools follow space roles, and you can filter out publish and archive tools to keep agents in draft-only mode.

Start in your coding agent
Up and running in one command
Install the Scalekit skill in your editor of choice. Connector, auth, tools, prompt, all wired up
Claude Code REPL
/plugin marketplace add scalekit-inc/claude-code-authstack
/plugin install agentkit@scalekit-auth-stack
Cursor Code REPL
# ~/.cursor/mcp.json
{
""mcpServers"": {
""contentfulmcp"": {
""url"": ""https://mcp.scalekit.com/contentfulmcp"",
""headers"": { ""Authorization"": ""Bearer $SCALEKIT_TOKEN"" }
}
}
}
Codex Code REPL
# ~/.codex/config.toml
[mcp_servers.contentfulmcp]
url = ""https://mcp.scalekit.com/contentfulmcp""
auth_env = ""SCALEKIT_TOKEN""
Copilot Code REPL
# .vscode/mcp.json
{
""servers"": {
""contentfulmcp"": {
""url"": ""https://mcp.scalekit.com/contentfulmcp"",
""type"": ""http""
}
}
}