ConnectorsCustomer.io MCP

Customer.io MCP

Live

API KEY

MARKETING

Marketing

Every campaign, customer segment, and transactional message your team sends lives in Customer.io. Customer.io MCP gives your agent authenticated access to campaigns scoped to the user who authorized it.

  • Acts as the user: Access and write actions stay tied to the Customer.io MCP account that authorized the agent.
  • Credentials stay vaulted: AES-256, resolved at request time, never in LLM context.
  • Scoped before every call: User permissions enforced. 90-day audit trail.
Get Started free
View docs
Customer.io MCP
agent · Acme Q3
Run
Which triggered campaigns sent this week had open rates below 20%?
S
customerio_campaigns_list
78ms
Marketing automation agent
3 campaigns underperformed. welcome_sequence (12.4%, 9,800 sent), trial_day7 (17.8%, 4,200 sent), churn_win_back (14.2%, 2,100 sent).
Sources: 3 campaigns, triggered email, Oct 28 to Nov 1
customeriomcpmcp
3 campaigns
18:29
Message Claude...

Tools your marketing automation agent reaches for on Customer.io MCP, scoped per user.

CALL ANY TOOL
List and inspect campaigns, track events, query customer profiles, and send transactional messages.
customerio_campaigns_list
List campaigns
List all Customer.io campaigns with status, type, and send count.
Parameters
Name
Type
Required
Description
type
string
Optional
Campaign type: email, push, sms, webhook
limit
integer
Optional
Max campaigns to return
customerio_campaign_get
Get campaign
customerio_customers_search
Search customers
customerio_customer_get
Get customer
customerio_event_track
Track event
customerio_transactional_send
Send transactional
Build your Agent
Drop the toolkit in, point it at the user, and your marketing automation agent can use Customer.io MCP from the first run.
Langchain
Open AI
Anthropic
Google ADK
Copied
import { ScalekitClient } from "@scalekit-sdk/node";
import { DynamicStructuredTool } from "@langchain/core/tools";
import { createReactAgent } from "@langchain/langgraph/prebuilt";
import { z } from "zod";

const sk = new ScalekitClient(envUrl, clientId, clientSecret);

const { tools } = await sk.tools.listScopedTools("user_123", {
  filter: { connectionNames: ["customeriomcp"], toolNames: ["customerio_campaigns_list", "customerio_campaign_get", "customerio_customers_search"] },
  pageSize: 100,
});

const lcTools = tools.map((t) => new DynamicStructuredTool({
  name: t.tool.definition.name,
  description: t.tool.definition.description,
  schema: z.object({}).passthrough(),
  func: async (args) => {
    const { data } = await sk.tools.executeTool({
      toolName: t.tool.definition.name,
      identifier: "user_123",
      params: args,
    });
    return JSON.stringify(data);
  },
}));

const agent = createReactAgent({ llm, tools: lcTools });
Copied
import { ScalekitClient } from "@scalekit-sdk/node";
import OpenAI from "openai";

const sk = new ScalekitClient(envUrl, clientId, clientSecret);
const openai = new OpenAI();

const { tools } = await sk.tools.listScopedTools("user_123", {
  filter: { connectionNames: ["customeriomcp"], toolNames: ["customerio_campaigns_list", "customerio_campaign_get", "customerio_customers_search"] },
  pageSize: 100,
});

const llmTools = tools.map((t) => ({
  type: "function",
  function: {
    name: t.tool.definition.name,
    description: t.tool.definition.description,
    parameters: t.tool.definition.input_schema,
  },
}));

const resp = await openai.responses.create({
  model: "gpt-4o", input: prompt, tools: llmTools,
});
import { ScalekitClient } from "@scalekit-sdk/node";
import Anthropic from "@anthropic-ai/sdk";

const sk = new ScalekitClient(envUrl, clientId, clientSecret);
const anthropic = new Anthropic();

const { tools } = await sk.tools.listScopedTools("user_123", {
  filter: { connectionNames: ["customeriomcp"], toolNames: ["customerio_campaigns_list", "customerio_campaign_get", "customerio_customers_search"] },
  pageSize: 100,
});

const llmTools = tools.map((t) => ({
  name: t.tool.definition.name,
  description: t.tool.definition.description,
  input_schema: t.tool.definition.input_schema,
}));

const msg = await anthropic.messages.create({
  model: "claude-sonnet-4-6", max_tokens: 1024,
  tools: llmTools,
  messages: [{ role: "user", content: prompt }],
});
Copied
import { Agent } from "@google/adk/agents";
import {
  MCPToolset, StreamableHTTPConnectionParams,
} from "@google/adk/tools/mcp";

const toolset = new MCPToolset({
  connectionParams: new StreamableHTTPConnectionParams({
    url: "https://mcp.scalekit.com/customeriomcp",
    headers: { Authorization: `Bearer ${userScopedToken}` },
  }),
});

const agent = new Agent({
  name: "agent", model: "gemini-2.0-flash",
  tools: await toolset.getTools(),
});
Try these prompts
Paste any prompt into your agent to start using Customer.io MCP.
Search & recall
Copy the prompt
Copied
List all active email campaigns.
Copy the prompt
Copied
Which campaigns are in draft status?
Copy the prompt
Copied
Find customers in segment [segment name].
Copy the prompt
Copied
Get metrics for campaign [campaign name].
Action & sends
Copy the prompt
Copied
Track event [event name] for customer [id].
Copy the prompt
Copied
Send transactional [template id] to [email].
Copy the prompt
Copied
List all customers with attribute [attr] = [value].
Copy the prompt
Copied
Pull open and click rates for [campaign].
Reporting & optimization
Copy the prompt
Copied
Which campaigns had the lowest open rates this week?
Copy the prompt
Copied
Compare send volume by channel this month.
Copy the prompt
Copied
List customers who triggered [event] but did not convert.
Copy the prompt
Copied
Show unsubscribe rate by campaign type.
SEE HOW AUTH WORKS
Users authorize Customer.io MCP once. Their credentials stay vaulted, every call is checked, and every action is logged.
1
Authorize
Your user connects
Customer.io MCP
once. We tie it to their identity and the meetings they approved — no shared bot account, no org-wide access
Who:
user ‘A’
when:
Once per user
access:
Limited to user
2
Store
Their
Customer.io MCP
token lives in a vault scoped to them. User A's meetings are never reachable by an agent acting for user B, even on the same connection
vault:
encrypted
scope:
per-user
tokens:
auto-refreshed
3
Resolve
When your agent calls a
Customer.io MCP
tool, we fetch the right token server-side. It never touches your agent, never appears in the LLM context, never shows up in your logs
speed:
~40ms
check:
before every call
seen by:
nobody
4
Audit
Every
Customer.io MCP
tool call is logged — who triggered it, which meeting was fetched, what came back. 90 days of history, tied to the user who authorized it
history:
90 days
export:
SIEM-ready
logged:
every call
Test other agents
Same per-user auth pattern across other marketing automation agents and MCP connectors. Working code, live demos, fork what fits.
SALES
Outbound prospecting agent
Build targeted prospect lists with Apollo, enrich with firmographic data, and draft personalised outreach. Runs on a schedule.
Apollo
View agent
GTM
HubSpot to Slack updates agent
Watch HubSpot deal stage changes and post structured updates to the right Slack channel. Reps stop checking the CRM all day.
HubSpot
Slack
View agent
Why Scalekit
Secure your agent's access. Connectors ship in minutes
Other connector libraries treat auth as a demo afterthought. Scalekit starts with user identity, scope enforcement, and audit.
01.
Campaigns sent from the wrong sender identity
A shared Customer.io API key looks fine in a demo. In production, every transactional send and event track appears as a service account. Attribution breaks. Scalekit resolves the actual user's key so sends come from the right identity.
// shared API key
key = "api_customerio_shared_xxx"
audit → bot_service_account
user_filter → broken

// scalekit · per-user
key = resolve(user_id)
audit → user_abc
scope → enforced ✓
02.
Authentication is not authorization
03.
Multi-tenancy is architectural
04.
Customer.io MCP today. Others tomorrow.
“Our agents act across Salesforce, Gong, Google Drive, and more, on behalf of every customer. Scalekit behind the scenes meant we can keep adding tools without ever rebuilding how credentials or tool calling work.”
Venu Madhav Kattagoni
Head of Engineering / Von
FAQs
Frequently Asked Questions
Does the agent access Customer.io MCP as the user or as a shared key?
As the user. Each workspace member authorizes once and Scalekit resolves their credential at request time. Audit logs attribute every action to that user, not a shared service account.
Where is the Customer.io MCP api key stored?
In Scalekit's managed AES-256 token vault, namespaced per tenant. Refresh is automatic. Revocation is a single dashboard action. Tokens never appear in prompts, logs, or LLM context.
Can I limit what the agent is allowed to do in Customer.io MCP?
Yes. Pass a tool name filter to listScopedTools so the marketing automation agent only sees the subset you authorize. Pre-API-call scope checks block out-of-policy actions before the request reaches Customer.io MCP.
What happens when a user revokes Customer.io MCP access?
The connection is invalidated on the next tool call. Subsequent requests for that user fail closed with a clear error. Other users in the tenant remain unaffected. The event is logged for audit.
Can the agent send messages to any customer in the workspace?
Only customers the authorizing user's API key has access to. Customer.io API key scope determines which workspace and data center is accessible. A key scoped to one workspace cannot reach another, and send quotas apply per key.
On this page
Tool and actionsFramework CompatibilityStarter PromptAuth LifecycleTry Other AgentsWhy Scalekit
Quick links
OverviewQuickstartAll connectors
Similar connectors
Adobe Marketing Agent MCP
Bitly MCP
Adzviser MCP
Commonroom MCP
Start in your coding agent
Up and running in one command
Install the Scalekit skill in your editor of choice. Connector, auth, tools, prompt, all wired up
Claude Code
Cursor
Codex
Copilot
Claude Code REPL
CopyCopied
/plugin marketplace add scalekit-inc/claude-code-authstack
/plugin install agentkit@scalekit-auth-stack
Cursor Code REPL
CopyCopied
# ~/.cursor/mcp.json
{
""mcpServers"": {
""customeriomcp"": {
""url"": ""https://mcp.scalekit.com/customeriomcp"",
""headers"": { ""Authorization"": ""Bearer $SCALEKIT_TOKEN"" }
}
}
}
Codex Code REPL
CopyCopied
# ~/.codex/config.toml
[mcp_servers.customeriomcp]
url = ""https://mcp.scalekit.com/customeriomcp""
auth_env = ""SCALEKIT_TOKEN""
Copilot Code REPL
CopyCopied
# .vscode/mcp.json
{
""servers"": {
""customeriomcp"": {
""url"": ""https://mcp.scalekit.com/customeriomcp"",
""type"": ""http""
}
}
}
The auth stack for agents.
hi@scalekit.com
Scalekit Inc
2261 Market Street, STE 86971
San Francisco, CA 94114
Join our community
COMPLIANCE
Auth for SaaS Apps
org & userSSOSCImMCP authRbacpasswordlessAuth for saas pricing
Agentkit
QuickstartConnectorsSDKscode samplesFor agent developersFor teamsAgentKit Pricing
Connectors
marketingcrm & salesproject managementAccounting & financeproductivity
all categories
Resources
mcp vs cliScalekit vs composioUser Delegated AuthdocsApi referencegithubblog
company
customerstrust centerlegal
Follow us on
All systems operational
© 2026 SCALEKIT, INC.

We use cookies, so things load fast, we learn what to fix, and you can always reach us on chat

Okay, got it!