Maeve MCP gives AI agents a controlled way to inspect and help with the posting workflow in your social media workspace, from drafts and schedules to media, campaigns, and analytics, while keeping high-risk actions behind permissions and confirmations.
Connect Claude Code, Codex, Cursor, or another MCP-compatible client. The agent can ask Maeve for the context it needs: which workspaces exist, which accounts are connected, what drafts are waiting, what is scheduled this week, which media assets are available, or how a recent campaign performed.
When work moves from inspection to action, MCP uses explicit scopes. mcp:read exposes read-only tools. mcp:write allows selected draft, schedule, notes, and media actions. mcp:dangerous is reserved for externally visible or destructive actions like publish now, retry, archive, restore, delete content, and preview-first bulk media organization.
MCP is most useful when an agent needs product context before it can help. Instead of copying screenshots into a chat, you can ask an agent to list drafts waiting for review, compare scheduled posts by platform, check which media assets are available, or pull analytics for the last 30 days.
Actions land back in the same surfaces your team already uses: the Composer, Calendar, Board, and Media Room.
mcp:read
List workspaces, integrations, content, content counts, campaigns, taxonomy, hashtags, media, grid items, and analytics.
mcp:write
Create draft content, schedule an existing post, update internal notes, and handle the two-step media upload flow. Editor or admin role required.
mcp:dangerous
Publish now, retry, archive, restore, and delete content, plus preview-first bulk media organization. Each requires exact confirmation.
Exact action + target
Dangerous calls require exact text such as publish_now:<contentId> or delete_content:<contentId>. Missing or wrong text fails before the action runs.
Browser approval or API key
Browser-approved MCP uses OAuth with PKCE, 6-hour access tokens, and 90-day rotating refresh tokens. API keys remain available for headless setups.
Workspace checks
Read tools require workspace access. Write and dangerous tools require editor or admin access. Organization-scoped grants still check the workspace on every call.
A hosted Model Context Protocol server at the Maeve API endpoint. MCP clients receive typed tools for workspace-aware social media work instead of scraping the UI or guessing from pasted context.
The backend registers 48 tools today: 28 read tools, 14 write tools, and 6 high-risk tools. The tool list changes with the scopes and policies approved for that connection.
Workspaces, integrations, platform capabilities and options, drafts and scheduled content, content counts, campaigns, taxonomy, hashtag groups, media, media folders, media labels, media usage history, grid items, analytics, demographics, and integration health.
With mcp:write, an editor or admin can create a draft, update planning metadata and internal notes, set an intended time, schedule existing content, run the two-step media upload, and manage media folders and labels. These actions do not bypass the product's normal validation.
mcp:dangerous exposes publish_now, retry_content, archive_content, restore_content, delete_content, and organize_media_assets (preview-first bulk media move/label/unlabel).
Each dangerous action requires an exact confirmationText value based on the action and target ID. Server-side dangerous auto-confirm exists only when explicitly enabled by policy for named actions.
Preferred setup is browser approval from the MCP client. The frontend authorization page validates PKCE S256, shows requested scopes, lets the user choose organization context when needed, and issues a scoped MCP token after approval.
Browser-approved MCP grants are tied to an organization context. Individual tool calls still pass a workspace ID, and the backend checks that the user can access that workspace before reading or mutating anything.
OAuth access tokens last 6 hours. Refresh tokens rotate and last up to 90 days. Approved clients appear in MCP Connections, where access can be revoked immediately.
MCP tool calls are logged with the tool name, user, credential type, client, scopes, organization, workspace, targets, confirmation mode, duration, and outcome so support and engineering can trace behavior.
The MCP controller is throttled at 60 requests per minute and guarded by the same allowed-origin rules as the API. Downstream publishing and inbox actions still inherit provider limits and validation.
Approvals and client review are human sign-off workflows and are intentionally outside the MCP surface. Read history and manage reviews in the app, REST API, or CLI.
Agents can read summaries, aggregate performance, post analytics, demographics, and health. MCP v1 does not generate PDF analytics reports; use the app, API, or CLI for that workflow.
Inbox replies, moderation, resolve/reopen, read state, and retries are community management, not posting, and are intentionally not MCP tools. Use the Social Inbox in the app, REST API, or CLI.
It does not handle the Inbox, approvals, or client review; manage boost ads; generate PDF reports; reorder or promote grid items; run destructive or broad media operations beyond organize_media_assets; manage API keys; or override platform API limits.
Use the API for service integrations, custom dashboards, CI jobs, and full endpoint coverage beyond the curated MCP tool list.
Use @ezibreezy/cli for terminal work, scripts, cron jobs, JSON output, and workflows that are not exposed through MCP.
Drafts created by an agent become normal Maeve content, ready for editing, preview, approval, scheduling, or publishing.
Scheduled content created or inspected through MCP appears on the same calendar your team uses for date-first planning.
Reply, moderation, and read-state work lives in the app, REST API, or CLI. The Inbox is intentionally outside the MCP posting surface.
Use MCP for quick analytics reads, then use the reporting surface when you need a client-ready PDF workflow.
MCP is not a separate automation island. It reads from and writes into the same product surfaces your team already uses, so agent help stays visible in the normal workflow.
Maeve MCP is a controlled AI-agent interface focused on the posting workflow for your Maeve workspace. It lets MCP-compatible tools inspect social media drafts, schedules, integrations, media, analytics, tags, hashtags, campaigns, and grid-planner items, and compose, schedule, and publish content, with write actions gated by scopes, roles, and confirmations.
An MCP server exposes product actions as typed tools that an AI client can call after authorization. In Maeve, those tools sit on top of the real publishing, media, and analytics systems instead of giving an agent a separate sandbox. MCP is the curated posting slice of the product; other surfaces stay in the app, REST API, and CLI.
Maeve provides setup copy for Claude Code, Codex, and Cursor or other JSON-configured MCP clients. Browser-approved MCP has been validated in the product guidance with Codex and Claude Code, and any compliant HTTP MCP client can connect if it supports the required authentication flow.
With mcp:read, an agent can list workspaces, integrations, integration capabilities and options, content, content counts, campaigns, taxonomy, hashtag groups, media, media folders and labels, media usage history, grid items, analytics summaries, aggregate metrics, post analytics, demographics, and integration health.
Yes, when the connection has mcp:write and the user has editor or admin access. MCP can create draft content and schedule an existing item for a specific timestamp. Drafts and scheduled posts appear in the Composer and Calendar.
Yes, but only through the high-risk publish_now tool. The connection must include mcp:dangerous, the user must have editor or admin access, and the call must include exact confirmation text such as publish_now:<contentId> unless a server-side dangerous auto-confirm policy has explicitly allowed that action.
No. The Inbox is a separate community-management surface and is intentionally outside the MCP posting surface. Agents do not read or act on inbox threads through MCP. Use the Maeve app, the REST API, or the CLI for Social Inbox work.
Yes. Dangerous tools are not exposed unless the connection has mcp:dangerous, workspace roles still apply, and each high-risk call requires exact confirmation text tied to the action and target ID. Tool allowlists and denylists can also hide specific tools globally or for an organization.
High-risk tools require a confirmationText value that exactly matches the server's expected action and target, such as publish_now:<contentId>, delete_content:<contentId>, or organize_media_assets:<operationKey>:<count>. If the text is missing or wrong, the tool returns a confirmation-required error with the expected text.
Yes. Every workspace-scoped tool checks access before it reads or writes. Read tools require workspace access; write and dangerous tools require editor or admin roles. Viewer access can inspect allowed data but cannot create, schedule, publish, or delete through MCP.
No. Approvals and client review are human sign-off workflows and are intentionally outside the MCP posting surface. MCP does not read approval history or act on reviews. Manage agency approvals and client reviews in the app, REST API, or CLI.
MCP can read analytics summaries, aggregate metrics, post analytics, audience demographics, and integration health. It does not generate PDF analytics reports in MCP v1; use the app, API, or CLI for report generation where that workflow is available.
No. MCP is the agent-friendly surface: typed tools, OAuth scopes, and confirmations for AI clients. The REST API remains better for software integrations, servers, CI jobs, custom dashboards, and full endpoint coverage.
No. MCP is for AI tools such as Claude, Codex, and Cursor. The CLI is for humans, shell scripts, cron jobs, and CI.
MCP is focused on posting. It does not handle the Inbox, approvals, or client review; it does not generate PDF reports, manage boost ads, run destructive or broad media operations beyond the preview-first organize tool, reorder or promote grid items, manage API keys, or bypass platform/API constraints. Those workflows live in the app, REST API, or CLI. Publishing still depends on the connected platform's API.