What’s new
- Claude.ai — add Bower as an MCP connector; native refresh-token support keeps the session alive.
- ChatGPT — add Bower as a custom MCP connector (Pro plan or higher).
- Cursor — configure Bower via
~/.cursor/mcp.jsonor Settings → MCP / Tools. - A new AI app access tab in Settings shows which clients have connected and lets you manage access.
https://app.bowerlabs.ai/mcp.
How it works
Connection uses OAuth 2.1 + PKCE. When you add Bower as an MCP server in your client, the client opens a browser tab to Bower’s sign-in page. Sign in with your Bower account and, if you belong to more than one workspace, pick which one to grant the client access to. Bower issues tokens and redirects you back to the client. The whole flow takes under a minute. Tokens are issued and rotated by WorkOS AuthKit, Bower’s identity partner. Refresh tokens rotate automatically, so long-running client sessions stay connected without re-authorisation. Bower stores no credentials of its own. Workspace isolation is server-enforced on every request — a token scoped to workspace A never returns data from workspace B, even if you are a member of both.Privacy
- Bower never sees your AI client’s credentials. Only OAuth tokens are exchanged.
- Tokens are issued and rotated by WorkOS AuthKit. Bower stores no access tokens.
- Workspace isolation is server-enforced — valid tokens for one workspace never surface data from another.