Connect
Optimize
Secure
MCP servers for Retool Agents
MCP Servers
for Retool Agents
Let your Retool agents act across 270+ enterprise SaaS — without leaving the agent builder. No auth hassle. Token-efficient by design. Security and governance built-in.
What is an MCP gateway?
MCP gateways are real-time integration infrastructure connecting AI
agents to the SaaS apps they need to use. They expose one MCP server
instead of many to the AI agent. They are built on the open Model Context Protocol (opens in new tab), and
are also called MCP aggregators.
MCP gateways use whatever communication protocol each MCP server requires
(stdio, SSE, streamable HTTP), maximize the action coverage agents can
call, and handle authentication, agent action scoping, tool-call
optimization, agent security, and tool-call observability.
StackOne's MCP gateway — SOC2, HIPAA, CCPA, and GDPR compliant — brings this infrastructure to 270+ pre-built SaaS integrations exposing 18,000+ actions, reachable from your Retool agent through one URL.
Act across all your apps
from inside Retool
One MCP gateway, every enterprise SaaS your Retool agent
could ever need to act on.
Coverage
270+ connectors.
18,000+ tested actions.
Every action is built and maintained by StackOne, tested against the live API, and updated when vendors change their endpoints.
Browse all connectors
Trust
Auth & governance,
simplified.
StackOne handles OAuth, API keys, refresh, and scopes for every connector, giving enterprise IT full control through auth configs in a multi-tenant setup.
Agent Auth
Performance
Agent context window,
managed.
Tool Discovery and Code Mode keep your Retool agent's context lean — only relevant actions, no raw response noise. Sharper agents, lower token costs.
Tools Discovery
Security
Agent security,
built in.
Defender scans every MCP tool response for prompt injection in real time. Up to 97.44%¹ detection, 0.2% false positives. SOC2, HIPAA, CCPA, GDPR compliant.
Prompt Injection Defense¹ Jayavibhav test, 65,000 samples.
Connect Retool Agents
to more apps in 4 steps
From auth config to first agent tool call in 5 minutes.
1
Connect StackOne as an MCP Server in your Retool agent.
Open your Retool agent → Configuration → Add new tool → Connect to MCP Server, paste the StackOne gateway URL, choose Streamable HTTP and OAuth, and click Create resource.
Agents → Configuration → Add new tool
Connect to MCP Server
Name
StackOne
URL
https://api.stackone.com/mcp/{...}
Authentication
OAuth 2.0
Create resource
2
Connect each SaaS integration in StackOne.
OAuth or API key per app, done once in your dashboard. Tokens stay server-side.
3
Scope agent actions.
Read-only, specific objects, or per-role exposure. Toggle from the StackOne dashboard.
List records (enabled)
Get record (enabled)
Process refund (enabled)
Update record (disabled)
Delete record (disabled)
4
Run your Retool agent in plain English.
StackOne maps the agent's tool call to the right action in the right system. Done.
"Investigate this refund request: pull Stripe history, update the Salesforce account, email the customer."
stripe_list_charges
Completed
salesforce_update_account
Completed
field: refund_status = approved
note: Linked to charge ch_3PqW...
result: Account 001Ab updated
Issued $129 refund, updated Salesforce account, and emailed customer. Logged into the agent run history.
Get Retool Agents
to do more across your stack
Cross-app workflows your Retool agent now runs in seconds instead of click-throughs.
Customer Support Triage & Resolution
> Triage Zendesk tickets and route the bug into Linear from your Retool agent.
CRM & Revenue Operations
> Update Salesforce records and email the customer after the refund goes through.
Engineering & DevOps
> Page on-call in PagerDuty and open a GitHub issue from the support escalation.
HR & People Ops
> Onboard the new hire in BambooHR + provision GitHub seats from one agent run.
Connect any Enterprise AI Agent
to the StackOne MCP Gateway
Same 270+ MCP servers. Same agent context. Pick yours.
Frequently Asked Questions
Retool Agents consume external MCP servers as a client. In Retool, open your agent → Configuration tab → Add new tool → Connect to MCP Server, paste the StackOne gateway URL, choose Streamable HTTP transport, set authentication to OAuth 2.0 (or Bearer / Basic if you prefer), click Create resource, and authenticate. 270+ pre-built SaaS connectors are reachable through that single MCP server. Full walkthrough in the Retool Agents MCP docs. Available on Team, Business, and Enterprise plans. For managing Retool itself from Claude or Cursor, see the Retool MCP connector page (inverse direction).
An MCP gateway is real-time integration infrastructure connecting AI agents to the SaaS apps they need to use. It exposes one MCP server instead of many to the AI agent, and handles authentication, agent action scoping, tool-call optimization, agent security, and tool-call observability. Also called an MCP aggregator.
Retool Agents can access enterprise SaaS like Salesforce, HubSpot, Zendesk, Intercom, Freshdesk, GitHub, Linear, PagerDuty, BambooHR, Workday, Greenhouse, Stripe, and NetSuite through the StackOne MCP gateway — 270+ pre-built connectors in total. Retool's own Resources catalog (Postgres, REST, etc.) is traditional SQL/HTTP — StackOne's MCP gateway is the SaaS-app side. New connectors ship continuously, and you can build custom ones with AI Integration Builder. See all connectors.
Retool Agents doesn't curate an MCP partner directory — it's "bring your own MCP URL" by design. StackOne gives you 270+ apps through one MCP server resource instead of one per app, auth managed once in the dashboard, and tool definitions loaded only when relevant to the prompt.
Credentials sit at three layers: your StackOne API token (embedded in the gateway URL configured as a Retool MCP resource, governed by your Retool workspace), SaaS connector credentials (server-side in your StackOne dashboard), and per-user OAuth or session tokens (server-side, scoped per user). StackOne stores OAuth tokens and API keys, refreshes them automatically, and only exposes the actions you've authorized to the agent.
Skip the StackOne MCP gateway when any of these is true:
- Your team already runs per-app MCP servers (or Retool Resources for each SaaS) and wants to keep wiring agents to each separately
- You only use a handful of actions across a few apps
- You don't need multi-tenancy, per-user permissions, or per-action scoping
- Indirect prompt injection isn't a concern
- Your MCP provider already does tool discovery and server-side execution to keep the agent context lean
Connect All Your Apps to Retool Agents.
One MCP gateway, 270+ pre-built SaaS connectors. Set up in 5 minutes.