Vapi MCP

Live

OAUTH 2.0

COMMUNICATION

Communication

Connect to Vapi MCP to create and manage AI voice assistants, phone calls, and real-time voice workflows from your AI agent pipelines.

  • Acts as the user: Every tool call runs as the authorizing user. Access and audit trail stay intact.
  • Credentials stay vaulted: AES-256 encrypted, resolved at request time, never stored in LLM context.
  • Scoped before every call: Per-user permissions enforced automatically. 90-day audit trail included.
Vapi MCP
agent · Acme Q3
Run
Create Assistant in Vapi MCP
S
vapimcp_create_assistant
85ms
Vapi MCP agent
Creates a new vapi voice ai assistant with the specified configuration. configure the assistant's llm provider, voice, t.
Sources: Vapi MCP
vapimcpmcp
1 tool call
18:29
Message Claude...

Vapi MCP tools for AI agents

CALL ANY TOOL
12 tools covering create, delete, get.
vapimcp_create_assistant
Creates a new vapi voice ai assistant with the specified con
Creates a new vapi voice ai assistant with the specified configuration. configure the assistant's llm provider, voice, transcription engine, first message, and any tools it should have access to.
Parameters
Name
Type
Required
Description
name
string
Required
Name of the assistant
rationale
string
Required
Always provide a brief explanation of why you are calling this tool
firstMessage
string
Optional
First message the assistant says when a call starts
firstMessageMode
string
Optional
Whether the assistant speaks first or waits for the user
instructions
string
Optional
System instructions for the assistant. Defaults to 'You are a helpful assistant.'
llm
string
Optional
LLM configuration. Defaults to OpenAI gpt-4o.
vapimcp_create_call
Initiates or schedules an outbound vapi call. specify the as
vapimcp_create_tool
Creates a new vapi tool that can be attached to assistants.
vapimcp_get_assistant
Retrieves the full configuration of a specific vapi assistan
vapimcp_get_call
Retrieves detailed information about a specific vapi call by
vapimcp_get_phone_number
Retrieves details of a specific vapi phone number by id, inc
vapimcp_get_tool
Retrieves the full configuration of a specific vapi tool by
vapimcp_list_assistants
Lists all vapi assistants configured in the account. returns
vapimcp_list_calls
Lists all vapi calls in the account. returns call records in
vapimcp_list_phone_numbers
Lists all phone numbers provisioned in the vapi account. ret
vapimcp_list_tools
Lists all vapi tools configured in the account. vapi tools e
vapimcp_update_assistant
Updates an existing vapi assistant's configuration. only fie
Build your Agent
Same auth pattern across every framework.
Python · LlamaIndex
from langchain_mcp_adapters.client import MultiServerMCPClient
from scalekit import ScalekitClient

client = ScalekitClient(env_url=ENV_URL, client_id=CLIENT_ID, client_secret=SECRET)
token = client.agent.get_token(user_id="user_id", connector="vapimcp")

mcp = MultiServerMCPClient({
"vapimcp": {
"url": "https://mcp.scalekit.com/vapimcp",
"headers": {"Authorization": "Bearer " + token}
}
})
tools = await mcp.get_tools()
import OpenAI from "openai";
import { ScalekitClient } from "@scalekit-sdk/node";

const client = new ScalekitClient({ envUrl, clientId, clientSecret });
const token = await client.agent.getToken({ userId: "user_id", connector: "vapimcp" });

const openai = new OpenAI();
// Connect to MCP at https://mcp.scalekit.com/vapimcp
// Pass: Authorization: Bearer + token
import Anthropic from "@anthropic-ai/sdk";
import { ScalekitClient } from "@scalekit-sdk/node";

const client = new ScalekitClient({ envUrl, clientId, clientSecret });
const token = await client.agent.getToken({ userId: "user_id", connector: "vapimcp" });

const anthropic = new Anthropic();
// Connect to MCP at https://mcp.scalekit.com/vapimcp
// Pass: Authorization: Bearer + token
from google.adk.agents import LlmAgent
from scalekit import ScalekitClient

client = ScalekitClient(env_url=ENV_URL, client_id=CLIENT_ID, client_secret=SECRET)
token = client.agent.get_token(user_id="user_id", connector="vapimcp")
# Connect to MCP at https://mcp.scalekit.com/vapimcp
# Pass: Authorization: Bearer + token
Try these prompts
Paste any prompt into your agent to get started.
Get started
Copy the prompt
Copied
Updates an existing Vapi tool’s configuration?
Copy the prompt
Copied
Lists all Vapi tools configured in the account?
Advanced
Copy the prompt
Copied
Retrieves the full configuration of a specific Vapi tool by ID, including its type (SMS, transfer call, function, or API?
Copy the prompt
Copied
Creates a new Vapi tool that can be attached to assistants?
SEE HOW AUTH WORKS
User authorises once. Every agent call after uses their token with scope enforcement.
1
Authorize
Your user connects
Vapi MCP
once. We tie it to their identity and the meetings they approved — no shared bot account, no org-wide access
Who:
user ‘A’
when:
Once per user
access:
Limited to user
2
Store
Their
Vapi MCP
token lives in a vault scoped to them. User A's meetings are never reachable by an agent acting for user B, even on the same connection
vault:
encrypted
scope:
per-user
tokens:
auto-refreshed
3
Resolve
When your agent calls a
Vapi MCP
tool, we fetch the right token server-side. It never touches your agent, never appears in the LLM context, never shows up in your logs
speed:
~40ms
check:
before every call
seen by:
nobody
4
Audit
Every
Vapi MCP
tool call is logged — who triggered it, which meeting was fetched, what came back. 90 days of history, tied to the user who authorized it
history:
90 days
export:
SIEM-ready
logged:
every call
Test other agents
See the same per-user auth pattern across other connectors.
ENGINEERING
Slack workflow agent (LangGraph)
LangGraph agent that drives multi-step Slack workflows: triggers, approvals, and follow-up actions per user identity.
OPS
Email-to-calendar scheduling agent
Parse scheduling intent from Gmail threads and create Google Calendar events with the right attendees and timezone.
Why Scalekit
Secure your agent's access. Connectors ship in minutes
Other connector libraries treat auth as a demo afterthought.
01.
Shared tokens break per-user analytics
A shared token looks fine in a demo. In production every call looks like a service account. Scalekit resolves the real user credential.
// shared token
audit → bot_service_account

// scalekit
audit → user_abc ✓
02.
Authentication is not authorization
03.
Multi-tenancy is architectural
04.
One connector today. Ten tomorrow.
“Our agents act across Salesforce, Gong, Google Drive, and more, on behalf of every customer. Scalekit behind the scenes meant we can keep adding tools without ever rebuilding how credentials or tool calling work.”
Venu Madhav Kattagoni
Head of Engineering / Von
FAQs
Frequently Asked Questions

Does the agent access Vapi as the user or as a shared key?
As the user. Each workspace member authorizes once and Scalekit resolves their credential at request time. Audit logs attribute every action to that user, not a shared service account.

Where is the Vapi OAuth token stored?
In Scalekit's managed AES-256 token vault, namespaced per tenant. Refresh is automatic. Revocation is a single dashboard action. Tokens never appear in prompts, logs, or LLM context.

Can I limit what the agent is allowed to do in Vapi?
Yes. Pass a tool name filter to listScopedTools so the messaging agent only sees the subset you authorize. Pre-API-call scope checks block out-of-policy actions before the request reaches Vapi.

What happens when a user revokes Vapi access?
The connection is invalidated on the next tool call. Subsequent requests for that user fail closed with a clear error. Other users in the tenant remain unaffected. The event is logged for audit.

Can the agent modify voice assistants and place calls?
Yes, within the authorizing user's Vapi account. Assistant edits, call placement, and phone number changes run under that user's credential. Filter to read-only tools if you want reporting without call spend.

Start in your coding agent
Up and running in one command
Install the Scalekit skill in your editor of choice. Connector, auth, tools, prompt, all wired up
Claude Code REPL
/plugin marketplace add scalekit-inc/claude-code-authstack
/plugin install agentkit@scalekit-auth-stack
Cursor Code REPL
# ~/.cursor/mcp.json
{
""mcpServers"": {
""vapimcp"": {
""url"": ""https://mcp.scalekit.com/vapimcp"",
""headers"": { ""Authorization"": ""Bearer $SCALEKIT_TOKEN"" }
}
}
}
Codex Code REPL
# ~/.codex/config.toml
[mcp_servers.vapimcp]
url = ""https://mcp.scalekit.com/vapimcp""
auth_env = ""SCALEKIT_TOKEN""
Copilot Code REPL
# .vscode/mcp.json
{
""servers"": {
""vapimcp"": {
""url"": ""https://mcp.scalekit.com/vapimcp"",
""type"": ""http""
}
}
}