Today we’re shipping Tenon MCP — a Model Context Protocol server that connects your Tenon account to every major AI client. Claude Desktop, Claude Code, Cursor, ChatGPT — all of them, no plugins, no integrations to wait for. Generate an API key, paste a config snippet, and you’re talking to your jobsite from the AI tool you already use every day.
For a builder running four active jobs, that means: ask “what’s slipping this week” in Claude and get the actual answer pulled from your live schedule. Have ChatGPT draft an RFI from a half-formed thought and post it to the right project in one round-trip. Tell Cursor to clock you in to a task while you’re already deep in another tool. The AI does the wiring; you stay in flow.
What is MCP?
The Model Context Protocol is an open standard from Anthropic — released last winter — that lets any AI client talk to any tool over a simple, well-defined wire format. Think of it as a USB-C port for LLMs: one cable, every tool, no per-vendor adapter. Claude was first to support it, and adoption has spread quickly through the rest of the AI ecosystem.
What that means for Tenon users: we built one MCP server, and you can plug it into whichever AI client you already use. We don’t have to ship a Claude integration, then a ChatGPT integration, then a Cursor integration. The protocol does the integration layer for us.
What’s in the box
The server ships with 20 tools covering the parts of Tenon you reach for hour-by-hour. Ten read tools and ten write tools — all RBAC-aware, all audited, all rate-limited.
Read tools (10)
list_projects·get_project·get_project_schedulelist_tasks·get_active_timerlist_daily_logs·list_rfis·list_invoicessearch_documents·get_decisions
Write tools (10)
create_task·update_taskclock_in·clock_out·log_timecreate_daily_log·add_log_entrycreate_rfi·answer_rfi·make_selection
If you find yourself wanting one we don’t have yet, tell us — the next batch picks the most-requested ones first.
Setup — three minutes flat
Setup is intentionally short:
- Sign in to Tenon → Settings → API Keys → Generate. The key shows once; copy it.
- In your AI client, add a new MCP server pointing at
https://mcp.usetenon.comwith that key as the bearer token. - Try it: ask “what tasks do I have due this week?” and watch the LLM call
list_tasks.
Per-client snippets — Claude Desktop, Claude Code, Cursor, ChatGPT, and a generic “Other” tab — are at usetenon.com/mcp. Pick yours, copy, paste, done.
How we thought about safety
Three things kept us up at night when we built this. Here’s how each one is handled.
1. RBAC inheritance
The MCP server is not a privilege escalation. Your API key inherits your Tenon role exactly. If you can’t delete tasks in the UI, you can’t delete them through MCP. If a project is invisible to you because it’s not in your assigned scope, the MCP server returns the same empty list the UI would. The LLM has exactly the same view you do — nothing more.
2. Per-call audit log
Every MCP call writes a row to tenant_audit_log with the API key, tool name, project ID, timestamp, and result. Your firm’s admin sees every read, every write, every retry. If an LLM goes rogue or a contractor’s laptop walks off, the trail is complete.
3. Instant key revocation
API keys are stored as SHA-256 hashes — we never see the raw key after generation. Revocation is one click in Settings → API Keys, takes effect on the next request, and there’s no provider to email or wait on. Lost key = revoke + regenerate, full stop.
What’s next
This first cut keeps the surface deliberately tight: the 20 tools above, one server, one bearer-token model. The next two upgrades are already on the board:
- Per-key scoping. Limit a key to specific tools (e.g., read-only, or “no
clock_out”) and specific projects. - OAuth for vendor integrations. Long-running session-based auth so you can let an external automation talk to your Tenon without minting a permanent key.
If you’re a Tenon customer and you want either of those sooner rather than later, hit reply on this announcement and tell us how you’d use them. We prioritise based on what we hear.