OAuth Flow
The Slate MCP Connector uses secure, industry-standard authentication to connect AI assistants to your Slate account, the same approach used by major platforms to grant third-party access without sharing passwords.
How it works
Section titled “How it works”- You ask your AI to do something with Slate - for example, “list my courses”
- Your AI client opens a browser window - you’re redirected to Slate’s authorization page
- You sign in and approve - Slate shows which permissions the connector is requesting
- You’re redirected back - your AI client receives a secure token and can now interact with your account
This only happens once. After the initial authorization, your AI client handles token refresh automatically. You may need to re-authenticate after an extended period of inactivity.
Security
Section titled “Security”- Secure authentication - industry-standard protocol that prevents token interception
- Short-lived tokens - automatically refreshed by your AI client in the background
- Row-level security - database policies ensure you can only access your own data
- No PII exposure - analytics return only aggregate metrics, never personally identifiable information
Revoking access
Section titled “Revoking access”You can disconnect an AI client from your Slate account at any time:
- Open the Slate Builder
- Go to Settings
- Select Connected Applications
- Click Revoke next to the client you want to disconnect
This immediately invalidates all tokens for that client. The AI assistant will need to re-authorize if you want to reconnect later.
You can also revoke access from within your AI client’s settings.