DevRev MCP

Live

API KEY

DEVELOPER TOOLS

Developer Tools

Give your agent per-user access to DevRev issues, tickets, and customer conversations without a shared service account.

  • Acts as the user. Every DevRev API call carries the authorizing user's token, not a bot key.
  • Credentials stay vaulted. Personal access tokens encrypted AES-256, resolved at request time, never in context.
  • Scoped before every call. Tool permissions enforced per tenant. Full audit trail on every DevRev action.
DevRev MCP
agent · Acme Q3
Run
What issues are assigned to me right now?
S
devrev_works_list
85ms
DevRev support agent
You have 7 open issues: 3 bugs (P1), 2 feature requests, 1 customer escalation (Acme Corp), 1 waiting on QA.
Sources: 7 works, assigned to you, open
devrevmcp
7 works
18:29
Message Claude...

Tools your support agent reaches for on DevRev MCP, scoped per user.

CALL ANY TOOL
Each tool maps to a DevRev API resource and runs under the authorizing user's personal access token.
devrev_works_list
List works
Fetch a paginated list of issues, tickets, or tasks with optional filters for stage, assignee, and priority.
Parameters
Name
Type
Required
Description
assignee_id
string
Optional
Filter by assignee DevRev ID
stage
string
Optional
Stage filter, e.g. in_progress or open
type
string
Optional
Work type: issue, ticket, or task
limit
integer
Optional
Max results (default 50)
devrev_work_get
Get work
devrev_work_create
Create work
devrev_work_update
Update work
devrev_timeline_entries_list
List timeline entries
devrev_timeline_entry_create
Add timeline comment
devrev_accounts_list
List accounts
devrev_search
Search DevRev
Build your Agent
One auth pattern wires DevRev into LangChain, OpenAI, Anthropic, and Google ADK without framework-specific token handling.
Python · LlamaIndex
Try these prompts
Paste any prompt into your DevRev agent to get started.
Issue triage
Copy the prompt
Copied
List all P1 issues assigned to me that are still open.
Copy the prompt
Copied
Summarise the last 5 issues created in the past 24 hours.
Copy the prompt
Copied
What customer escalations are waiting on engineering right now?
Copy the prompt
Copied
Create a new P2 issue for the login timeout bug and assign it to me.
Customer account lookup
Copy the prompt
Copied
Show me all open tickets for Acme Corp.
Copy the prompt
Copied
How many issues has Globex reported this quarter?
Copy the prompt
Copied
Find all accounts with tickets in the in-progress stage.
Updates and comments
Copy the prompt
Copied
Post a comment on ISS-456 saying the fix is deployed to staging.
Copy the prompt
Copied
Move ISS-789 to the resolved stage and reassign it to QA.
Copy the prompt
Copied
List all timeline activity on ISS-123 from this week.
SEE HOW AUTH WORKS
The user authorises once with their DevRev personal access token. Every agent call after uses that token, scoped to the tools you allow.
1
Authorize
Your user connects
DevRev MCP
once. We tie it to their identity and the meetings they approved — no shared bot account, no org-wide access
Who:
user ‘A’
when:
Once per user
access:
Limited to user
2
Store
Their
DevRev MCP
token lives in a vault scoped to them. User A's meetings are never reachable by an agent acting for user B, even on the same connection
vault:
encrypted
scope:
per-user
tokens:
auto-refreshed
3
Resolve
When your agent calls a
DevRev MCP
tool, we fetch the right token server-side. It never touches your agent, never appears in the LLM context, never shows up in your logs
speed:
~40ms
check:
before every call
seen by:
nobody
4
Audit
Every
DevRev MCP
tool call is logged — who triggered it, which meeting was fetched, what came back. 90 days of history, tied to the user who authorized it
history:
90 days
export:
SIEM-ready
logged:
every call
Test other agents
See the same per-user auth pattern across other developer tool connectors.
No items found.
Why Scalekit
Secure your agent's access. Connectors ship in minutes
Other connector libraries treat auth as a demo afterthought — shared tokens, no scope enforcement, no audit trail.
01.
Shared tokens break per-user analytics
A shared DevRev PAT looks fine in a demo. In production every API call shows as a service account. Scalekit resolves the real user's credential so issues, comments, and audit logs carry the correct author.
// shared token
devrev audit → bot_service_account

// scalekit
devrev audit → alice@acme.com ✓
02.
Authentication is not authorization
03.
Multi-tenancy is architectural
04.
DevRev MCP today. Others tomorrow.
“Our agents act across Salesforce, Gong, Google Drive, and more, on behalf of every customer. Scalekit behind the scenes meant we can keep adding tools without ever rebuilding how credentials or tool calling work.”
Venu Madhav Kattagoni
Head of Engineering / Von
FAQs
Frequently Asked Questions
Does every user need their own DevRev token, or can I use one shared PAT?
Every user connects their own DevRev personal access token. Scalekit vaults each token under a per-user, per-tenant namespace. A shared PAT collapses all actions into a single audit identity and breaks any per-user access controls DevRev enforces on your workspace.
How does Scalekit store the DevRev personal access tokens?
Tokens are encrypted at rest with AES-256 and resolved at request time directly into the tool call. The plaintext token never appears in agent context, logs, or LLM prompts. You can rotate or revoke a token from the Scalekit dashboard without redeploying your agent.
Can I limit which DevRev tools a specific agent or tenant can call?
Yes. Use listScopedTools to return only the tools permitted for a given user or tenant. Your agent never sees tools outside the allowed scope, so it cannot accidentally call devrev_work_create when only read access is granted. Scope lists update at runtime without redeployment.
What happens when a user revokes their DevRev token or leaves the organisation?
Scalekit detects the 401 on the next tool call and surfaces a re-auth event to your application. The agent stops executing DevRev tools for that user until a fresh token is vaulted. No other users or tenants are affected. You can also proactively delete a user's credential via the Scalekit API when offboarding.
DevRev uses personal access tokens, not OAuth. Does Scalekit handle PAT-based connectors?
Yes. Scalekit's connector model supports API key and PAT-based services alongside OAuth 2.0 flows. The user enters their DevRev PAT once through Scalekit's auth UI, and from that point the vault, scope enforcement, and audit trail work identically to OAuth connectors. No separate integration path required.
Start in your coding agent
Up and running in one command
Install the Scalekit skill in your editor of choice. Connector, auth, tools, prompt, all wired up
Claude Code REPL
/plugin marketplace add scalekit-inc/claude-code-authstack
/plugin install agentkit@scalekit-auth-stack
Cursor Code REPL
# ~/.cursor/mcp.json
{
""mcpServers"": {
""devrevmcp"": {
""url"": ""https://mcp.scalekit.com/devrevmcp"",
""headers"": { ""Authorization"": ""Bearer $SCALEKIT_TOKEN"" }
}
}
}
Codex Code REPL
# ~/.codex/config.toml
[mcp_servers.devrevmcp]
url = ""https://mcp.scalekit.com/devrevmcp""
auth_env = ""SCALEKIT_TOKEN""
Copilot Code REPL
# .vscode/mcp.json
{
""servers"": {
""devrevmcp"": {
""url"": ""https://mcp.scalekit.com/devrevmcp"",
""type"": ""http""
}
}
}