OctoDock is an API platform that lets any AI agent (Claude, ChatGPT, Cursor, or any MCP-compatible tool) operate all your apps through a single MCP URL. It provides unified authentication, smart parameter correction, error recovery, and cross-agent memory — so your AI remembers your preferences no matter which AI tool you use.

What is MCP (Model Context Protocol)?

MCP is an open protocol created by Anthropic that lets AI assistants connect to external tools and data sources. OctoDock is an MCP server — you add one URL to your AI tool, and it can instantly access all your connected apps like Notion, Gmail, Google Calendar, GitHub, and more.

How many apps does OctoDock support?

OctoDock supports 57+ apps including Notion, Gmail, Google Calendar, Google Drive, Google Docs, Google Sheets, GitHub, YouTube, Todoist, LinkedIn, Telegram, Discord, Slack, Canva, and many more. New apps are added regularly.

Yes, OctoDock offers a free tier with 1,000 MCP tool calls per month. This is enough for most personal use. A Pro plan is available for heavy users who need unlimited calls.

Does OctoDock work with ChatGPT?

Yes. OctoDock works with any MCP-compatible AI tool including Claude, ChatGPT, Cursor, Windsurf, and more. Your app connections, memory, and preferences carry over across all AI tools.

How do I set up OctoDock?

Sign up at octo-dock.com, connect your apps via OAuth (one-click for Google, Notion, GitHub, etc.), and add your personal MCP URL to your AI tool's settings. The whole process takes about 2 minutes. No coding required.

Is my data safe with OctoDock?

OctoDock never stores your app data. It acts as a secure bridge — when your AI requests an action, OctoDock authenticates with the app's API using your encrypted OAuth tokens, executes the action, and returns the result. All tokens are encrypted with AES-256-GCM at rest.

What is cross-agent memory?

Cross-agent memory means OctoDock remembers your preferences and usage patterns across different AI tools. If you tell Claude your default Notion database, ChatGPT will know it too. Your memory lives in OctoDock, not in any single AI — so switching AI tools doesn't mean starting over.

How is OctoDock different from connecting apps directly via MCP?

Connecting apps directly means managing separate MCP servers for each app — each with its own authentication, error handling, and configuration. OctoDock provides one URL for all apps, plus smart features like automatic parameter correction (AI sends wrong parameter names, OctoDock fixes them), unified error messages, operation history, and cross-app workflows.

Can I use OctoDock for my team or business?

Yes. OctoDock supports organizations — create a team, invite members, and share app connections and custom adapters. Each member gets their own MCP URL with team-level shared resources. Enterprise features include custom adapters, private API integrations, and usage analytics.

Stop Clicking "Allow" Every 10 Seconds in Claude Code

Name: OctoDock
Author: OctoDock

You ask Claude to refactor a module and then spend the next twenty minutes clicking "Allow" on every file read, every edit, every git command. By the time it's done, you've approved forty permission dialogs and lost whatever flow state you had.
Auto mode fixes this. A separate classifier reviews each action before it runs, blocking anything risky and letting safe operations through without asking you.

What You'll Learn

What auto mode actually does under the hood
How the classifier decides what to block
How to tell it which repos and services you trust
Conversational boundaries: saying "don't push" actually works
What plans and models support it

How It Works

Auto mode adds a classifier between Claude's intent and the actual execution. When Claude wants to run a command, the classifier checks it against a set of rules before it executes.
Safe actions — reading files, running tests, editing code in your working directory — go through silently. Risky actions — force-pushing, writing to unknown URLs, running `curl | bash` — get blocked.
You don't see the safe ones at all. That's the point. Instead of forty permission dialogs, you might see one or two blocks for genuinely unusual operations.

The Classifier Isn't Just Pattern Matching

Here's what surprised me: the classifier reads your CLAUDE.md. If your project's CLAUDE.md says "never force push," the classifier enforces that too. It's not a separate rule system — it shares context with Claude itself.
Even more useful: conversational boundaries work. If you tell Claude "don't push until I review the diff," the classifier blocks push attempts even though pushing is normally allowed. The boundary stays active until you explicitly lift it.

💡 This means you can be specific about what you're comfortable with for each task. "Refactor this module but don't touch the database migrations" — the classifier respects that.

Telling It What You Trust

Out of the box, the classifier only trusts your working directory and your repo's remotes. Pushing to your company's GitHub org? Blocked. Writing to your team's S3 bucket? Blocked.
Fix this by adding your infrastructure to autoMode.environment in settings:

{
  "autoMode": {
    "environment": [
      "$defaults",
      "Source control: github.com/my-org and all repos under it",
      "Trusted buckets: s3://my-team-artifacts",
      "Internal services: ci.mycompany.com"
    ]
  }
}

Entries are natural language, not regex. Write them like you'd explain your infrastructure to a new teammate. `$defaults` keeps the built-in trust list; omitting it replaces the entire list.

When the Classifier Gets It Wrong

It will. Especially at first, before you've told it about your infrastructure.
When an action is blocked, it shows up in /permissions under the "Recently denied" tab. Press r on a denied action to retry it. If the same thing keeps getting blocked, add that destination to your autoMode.environment.
You can also use the PermissionDenied hook to handle denials programmatically — return retry: true and Claude tries a different approach automatically.

⚠️ Auto mode is a research preview. It reduces permission prompts but doesn't guarantee safety. Don't use it as a replacement for reviewing sensitive operations.

Requirements

Plan: Max, Team, Enterprise, or API. Not available on Pro.
Model: Opus 4.6, Opus 4.7, or Sonnet 4.6 (Team/Enterprise/API). Opus 4.7 only on Max.
Team/Enterprise: An admin must enable it first in Claude Code admin settings.
To turn it on: press Shift+Tab in Claude Code to cycle through permission modes until you reach Auto.

❌ Auto mode won't help if you're on a Pro plan. You'll need to upgrade to Max or use the API.

The goal isn't to remove all permission prompts. It's to remove the ones that were never protecting you in the first place.