LiveAgent exposes a built-in MCP server (Model Context Protocol) that lets you connect external AI tools — such as Claude Desktop, Cursor, claude.ai, FlowHunt, or any other MCP-compatible client — directly to your LiveAgent account. Once connected, those tools can read ticket data and perform actions on your behalf, using your agent identity and permissions.
There are two ways to authenticate your MCP client:
- Bearer token — generate an MCP access token in your profile and paste it into the client manually.
- OAuth 2.1 — the client discovers the authorization server automatically and redirects you to a consent screen. No manual token handling required.
Finding MCP Integration in Your Profile
- Click your avatar in the top-right corner of the LiveAgent panel and select Edit profile.
- In the left-hand menu, select MCP Integration.
This screen shows your connection details, access tokens, and authorized OAuth apps. Use these values when configuring any MCP-compatible client:
| Setting | Value |
|---|---|
| MCP server URL | https://<your-liveagent-domain>/public/api/mcp |
| Transport protocol | MCP over HTTP (SSE) |
| Authentication | Bearer token or OAuth 2.1 (Authorization Code + PKCE) |
Connecting with a Bearer Token
Bearer tokens are MCP access tokens you generate in your profile and paste directly into your MCP client. Best for desktop tools and scripts that require manual configuration.
Generating an access token
- On the MCP Integration screen, click Generate token.
- Copy the access token immediately — it is displayed only once and cannot be retrieved later.
- Paste the access token into your MCP client as the Bearer token value.
Important: Store the access token securely as soon as you generate it. If you lose it, you will need to revoke the existing token and generate a new one.
You can generate up to 10 active access tokens per account. Having multiple tokens is useful if you connect the same account to more than one tool or device — each can be revoked independently without affecting the others.
Note: Access tokens expire automatically after two years from the date they were generated, regardless of how frequently they are used. Plan to rotate access tokens before they expire to avoid interruption.
Managing access tokens
The access token list on the MCP Integration screen shows each token's masked identifier and expiration date. You can revoke any individual access token — the corresponding MCP client will lose access immediately.
Connecting with OAuth
OAuth lets AI tools connect to your LiveAgent MCP server without you having to copy and paste a token. The tool handles the entire authentication flow automatically using standard OAuth 2.1 with PKCE.
How it works
- In the AI tool (for example claude.ai), add your LiveAgent MCP server URL:
https://<your-liveagent-domain>/public/api/mcp - The tool contacts that URL, receives a discovery hint, and fetches LiveAgent’s OAuth server metadata automatically.
- You are redirected to the LiveAgent login page (if not already logged in) and then to a consent screen asking you to approve the connection.
- After you approve, the tool receives an access token and is ready to use. No manual copy-paste required.
Note: Your consent decision is remembered. If you connect the same tool again later, the consent screen is skipped and the flow completes silently.
Managing authorized apps
The MCP Integration screen in your profile lists all OAuth clients you have approved under Authorized apps. You can revoke any authorized app — the tool will lose access immediately and will need to go through the OAuth flow again to reconnect.
Administrators with the agent management privilege can view and revoke authorized apps for any agent in the account.
Available Tools
Regardless of whether you connect via Bearer token or OAuth, your AI tool has access to the full set of LiveAgent MCP tools. All actions are performed under your agent identity and are subject to your role's permissions.
Read tools
| Tool | What it does |
|---|---|
| Get ticket context | Retrieve the ticket metadata and most recent messages |
| Get ticket messages | Retrieve all ticket messages with a cursor search |
| Get ticket metadata | Read ticket properties such as subject, timestamps, status, priority, department, and assigned agent |
| Get tags | Read the tags currently applied to the ticket |
| List agents | Retrieve the list of agents available in the account (needed for assignment actions) |
| List departments | Retrieve the list of departments (needed for transfer actions) |
| Search tickets | Search for other tickets in the system to establish context |
Write tools
| Tool | What it does |
|---|---|
| Add tags | Apply one or more tags to the ticket |
| Remove tags | Remove one or more tags from the ticket |
| Resolve ticket | Set the ticket status to resolved |
| Reopen ticket | Reopen a previously resolved ticket |
| Assign ticket | Assign the ticket to a specific agent |
| Transfer ticket | Move the ticket to a different department |
Note: Unlike AI work definitions — which run FlowHunt flows automatically via rules and restrict the tool set per workflow — agent MCP access tokens give access to all tools. Your role's permissions still apply — actions your role is not permitted to perform will be rejected.
Permissions and Audit Trail
All actions taken through an MCP client — regardless of whether Bearer token or OAuth authentication is used — are attributed to your agent account, exactly as if you had performed them in the LiveAgent panel. They appear in the ticket’s activity history under your name.
Administrators with the agent management privilege can view and revoke both MCP access tokens and authorized OAuth apps for any agent in the account.