Excalidraw MCP

Live

API KEY

DIAGRAMS

Design

Excalidraw MCP gives agents authenticated access to your diagrams: create scenes, edit elements, search shapes and text, and render screenshots across every workspace.

  • Per-user credentials: each call uses the actual user's key, never a shared bot.
  • Encrypted per-tenant vault: AES-256, resolved at request time, never in LLM context.
  • Scoped before every call: pre-call scope check, 90-day SIEM-exportable audit chain.
Excalidraw MCP
agent · Acme Q3
Run
Find the auth flow diagram and add a retry step after the token exchange.
S
excalidrawmcp_search_scene_content
84ms
Diagram agent
Found 'Auth flow v3' in the Architecture collection. Added a retry step after token exchange, rebound 2 arrows, screenshot attached for review.
Sources: 1 scene, Architecture collection
excalidrawmcp
3 tool calls
18:29
Message Claude...

Tools your diagram agent reaches for on Excalidraw, scoped per user.

CALL ANY TOOL
Work diagrams end to end: create scenes, edit elements in valid Excalidraw format, search shapes and text, and render screenshots to verify layout.
excalidrawmcp_list_scenes
List scenes
List every scene in the workspace with its metadata, the starting point for finding diagrams to read or edit.
Parameters
Name
Type
Required
Description
collectionId
string
Optional
Filter scenes by a specific collection ID.
limit
integer
Optional
Maximum number of scenes to return per page (1-100).
offset
integer
Optional
Number of items to skip before starting to collect results.
excalidrawmcp_create_scene
Create scene
excalidrawmcp_edit_scene_content
Edit scene content
excalidrawmcp_get_scene_content
Get scene content
excalidrawmcp_search_scene_content
Search scene content
excalidrawmcp_take_screenshot
Take screenshot
excalidrawmcp_read_excalidraw_format
Read element format
Build your Agent
Same auth pattern across LangChain, OpenAI, Anthropic, and Google ADK.
Python · LlamaIndex
import { ScalekitClient } from "@scalekit-sdk/node";
import { createReactAgent } from "@langchain/langgraph/prebuilt";

const sk = new ScalekitClient(env.SCALEKIT_ENV_URL, env.SCALEKIT_CLIENT_ID, env.SCALEKIT_CLIENT_SECRET);

// Excalidraw tools scoped to this user
const { tools } = await sk.tools.listScopedTools("user_123", {
  filter: { connectionNames: ["excalidrawmcp"], toolNames: [
    "excalidrawmcp_list_scenes",
    "excalidrawmcp_edit_scene_content",
    "excalidrawmcp_take_screenshot"] },
  pageSize: 100,
});

const agent = createReactAgent({ llm, tools });
await agent.invoke({ messages: [{ role: "user", content: "Add a retry step to the auth flow diagram." }] });
import OpenAI from "openai";
import { ScalekitClient } from "@scalekit-sdk/node";

const sk = new ScalekitClient(env.SCALEKIT_ENV_URL, env.SCALEKIT_CLIENT_ID, env.SCALEKIT_CLIENT_SECRET);
const openai = new OpenAI();

const { tools } = await sk.tools.listScopedTools("user_123", {
  filter: { connectionNames: ["excalidrawmcp"] }, pageSize: 100,
});

const res = await openai.chat.completions.create({
  model: "gpt-5",
  messages: [{ role: "user", content: "Which scenes are in the Architecture collection?" }],
  tools,
});

// Execute the tool call with the user's vaulted Excalidraw credential
await sk.tools.executeTool(res.choices[0].message.tool_calls[0], "user_123");
import Anthropic from "@anthropic-ai/sdk";
import { ScalekitClient } from "@scalekit-sdk/node";

const sk = new ScalekitClient(env.SCALEKIT_ENV_URL, env.SCALEKIT_CLIENT_ID, env.SCALEKIT_CLIENT_SECRET);
const anthropic = new Anthropic();

const { tools } = await sk.tools.listScopedTools("user_123", {
  filter: { connectionNames: ["excalidrawmcp"] }, pageSize: 100,
});

const msg = await anthropic.messages.create({
  model: "claude-sonnet-5",
  max_tokens: 1024,
  messages: [{ role: "user", content: "Search the roadmap scene for shapes mentioning Q3." }],
  tools,
});

// Tool call runs with the user's vaulted Excalidraw credential
await sk.tools.executeTool(msg.content, "user_123");
import { Agent } from "@google/adk/agents";
import { ScalekitClient } from "@scalekit-sdk/node";

const sk = new ScalekitClient(env.SCALEKIT_ENV_URL, env.SCALEKIT_CLIENT_ID, env.SCALEKIT_CLIENT_SECRET);

const { tools } = await sk.tools.listScopedTools("user_123", {
  filter: { connectionNames: ["excalidrawmcp"] }, pageSize: 100,
});

const agent = new Agent({
  name: "excalidraw_diagram_agent",
  model: "gemini-2.5-pro",
  instruction: "Manage Excalidraw diagrams for the signed-in user.",
  tools,
});

await agent.run("Render a screenshot of the onboarding diagram.");
Try these prompts
Copy any prompt into your agent. Each maps directly to an Excalidraw tool. Click to copy, paste into your agent, done.
Create and edit diagrams
Copy the prompt
Copied
Create a new scene called 'Payments flow' in the Architecture collection.
Copy the prompt
Copied
Add a retry step after the token exchange in the auth flow diagram.
Copy the prompt
Copied
Render a screenshot of the onboarding diagram so I can review the layout.
Find and inspect
Copy the prompt
Copied
List all scenes in the Design systems collection.
Copy the prompt
Copied
Search the roadmap scene for any shapes mentioning Q3.
Copy the prompt
Copied
Pull the full content of the infra diagram, elements and files.
Organize the workspace
Copy the prompt
Copied
Create a collection called 'Customer journeys' and move the funnel scene into it.
Copy the prompt
Copied
Pin the sprint planning scene and rename it to 'Sprint 24'.
Copy the prompt
Copied
Show workspace activity logs for scene edits this week.
SEE HOW AUTH WORKS
Your users connect once. Their Excalidraw credentials stay vaulted, every call is scope-checked, and every action is logged.
1
Authorize
Your user connects
Excalidraw MCP
once. We tie it to their identity and the meetings they approved — no shared bot account, no org-wide access
Who:
user ‘A’
when:
Once per user
access:
Limited to user
2
Store
Their
Excalidraw MCP
token lives in a vault scoped to them. User A's meetings are never reachable by an agent acting for user B, even on the same connection
vault:
encrypted
scope:
per-user
tokens:
auto-refreshed
3
Resolve
When your agent calls a
Excalidraw MCP
tool, we fetch the right token server-side. It never touches your agent, never appears in the LLM context, never shows up in your logs
speed:
~40ms
check:
before every call
seen by:
nobody
4
Audit
Every
Excalidraw MCP
tool call is logged — who triggered it, which meeting was fetched, what came back. 90 days of history, tied to the user who authorized it
history:
90 days
export:
SIEM-ready
logged:
every call
Test other agents
See the same per-user auth pattern across other design connectors.
No items found.
Why Scalekit
Secure your agent's access. Connectors ship in minutes
Other connector libraries treat auth as a demo afterthought. Scalekit starts with identity, scope enforcement, and audit. Connectors follow.
01.
Shared tokens break per-user analytics
A shared Excalidraw key looks fine in a demo. In production every scene edit and workspace change looks like one service account, and you cannot tell who redrew a diagram or invited a member. Scalekit resolves the credential of the actual user who triggered the agent, never a shared bot.
// shared key
audit → bot_service_account

// scalekit
audit → user_abc ✓
02.
Authentication is not authorization
03.
Multi-tenancy is architectural
04.
Excalidraw today. Others tomorrow.
“Our agents act across Salesforce, Gong, Google Drive, and more, on behalf of every customer. Scalekit behind the scenes meant we can keep adding tools without ever rebuilding how credentials or tool calling work.”
Venu Madhav Kattagoni
Head of Engineering / Von
FAQs
Frequently Asked Questions
Does the agent access Excalidraw as the user or through a shared key?
As the user. Scalekit resolves the credential of the person who triggered the agent at request time, so every scene edit, invite, and workspace change in your audit trail is attributed to a real user, not a shared service account.
Where is the Excalidraw API key stored?
In an AES-256 encrypted vault with per-tenant namespacing. Keys are resolved at request time, never enter LLM context, and can be revoked from one dashboard.
Can I limit what the agent does in Excalidraw?
Yes. Filter by tool name in listScopedTools to expose only what you want, for example read and search without edit_scene_content or delete_collection. Scalekit also enforces scope checks before every API call.
What happens when a user revokes access?
The credential is invalidated at the next tool call. The call fails closed, other users' connections are unaffected, and the revocation is logged in the audit chain.
Can the agent manage workspace members and invites?
The connector exposes invite and member tools like create_email_invite, update_invite, and remove_workspace_user. If you only want diagram work, exclude those tools with the listScopedTools filter; excluded tools are never offered to the model and calls to them are blocked.
Start in your coding agent
Up and running in one command
Install the Scalekit skill in your editor of choice. Connector, auth, tools, prompt, all wired up
Claude Code REPL
/plugin marketplace add scalekit-inc/claude-code-authstack
/plugin install agentkit@scalekit-auth-stack
Cursor Code REPL
# ~/.cursor/mcp.json
{
""mcpServers"": {
""excalidrawmcp"": {
""url"": ""https://mcp.scalekit.com/excalidrawmcp"",
""headers"": { ""Authorization"": ""Bearer $SCALEKIT_TOKEN"" }
}
}
}
Codex Code REPL
# ~/.codex/config.toml
[mcp_servers.excalidrawmcp]
url = ""https://mcp.scalekit.com/excalidrawmcp""
auth_env = ""SCALEKIT_TOKEN""
Copilot Code REPL
# .vscode/mcp.json
{
""servers"": {
""excalidrawmcp"": {
""url"": ""https://mcp.scalekit.com/excalidrawmcp"",
""type"": ""http""
}
}
}