Tray.ai MCP Server

Provider-hosted MCP gateway that exposes 700+ iPaaS connectors and Tray workflows as governed tools for AI agents, with OAuth2 and RBAC.

Automation by Tray.ai OAuth2 active

Connect (Remote Server) Docs npm: @trayio/tray-mcp

Overview

Tray.ai Agent Gateway is the MCP server layer of the Tray.ai integration and automation platform. Rather than exposing a fixed set of tools, it lets enterprise teams publish any of Tray's 700+ connectors (Salesforce, NetSuite, Snowflake, Workday, GitHub, Slack, Jira, Google Sheets, and more) or any multi-step Tray workflow as a governed MCP tool. AI agents in Claude, Cursor, Windsurf, VS Code, or any other MCP-compatible client can then discover and call those tools through a single workspace-scoped endpoint.

The gateway is hosted by Tray.ai at https://{workspace-id}.mcp.tray.ai. Authentication uses OAuth2 for remote clients like Claude Desktop (Tray appears in the official Claude Connectors Directory) and API tokens for local clients. Every call is tied to a user identity, with central versioning, rate limits, RBAC enforced at the tool level, and audit logs that satisfy SOC 2 Type II, SOC 1 Type II, HIPAA, GDPR, and CCPA requirements.

Two tool types are exposed via MCP: Connector Tools, which map a single connector operation (for example, a Salesforce SOQL query or a Slack message lookup) to one MCP tool, and Workflow Tools (also called Composite Tools), which wrap an entire Tray workflow with built-in validation and error handling behind a single callable function. This makes it notable for teams that want to give agents broad access to enterprise systems without bypassing IT governance.

Tools

Tool	Description
`Connector Tools`	Individual operations from any of Tray's 700+ connectors (Salesforce, NetSuite, Snowflake, Workday, GitHub, Slack, Jira, Google Sheets, databases, etc.) exposed as discrete MCP tools. The exact set is configured per workspace.
`Workflow Tools (Composite Tools)`	Full Tray workflows wrapped as single callable MCP tools, with multi-step business logic, validation, and error handling baked in. Each workflow requires an Agent Tool Trigger and a Trigger Reply step.

Setup Guide

Prerequisites

A Tray.ai workspace with Agent Gateway enabled
Your Workspace ID (UUID found in the workspace URL)
A Tray API token
At least one Workflow Tool or Connector Tool published in Workspace Settings, Agent Gateway, MCP Server
The user added to the MCP server via the Access Management tab
Node.js installed (for local client setup)

Option 1: Claude Desktop via OAuth2 (recommended)

Open Claude Desktop and click the + icon in the compose area, then Manage connectors
Click + then Add custom connector
Enter a name and the remote MCP server URL:

https://{workspace-id}.mcp.tray.ai

Click Connect and complete the OAuth2 authorization flow

Tray is also available directly in the Claude Connectors Directory.

Option 2: Local client setup via npm utility

Interactive mode:

npx @trayio/tray-mcp

CLI mode:

npx @trayio/tray-mcp \
  --workspace-id 12345678-abcd-1234-ef56-0123456789ab \
  --api-token tray_api_token_xxxxx \
  --client claude \
  --name production-mcp

Available flags:

-w, --workspace-id (required): Tray Workspace ID UUID
-t, --api-token (required): Tray API token
-c, --client: Target client, one of claude, cursor, windsurf, vscode (default: claude)
-n, --name: Custom MCP server name (default: tray-workspace)

The utility writes the appropriate config file for your client. Config locations:

Claude Desktop (macOS): ~/Library/Application Support/Claude/claude_desktop_config.json
Claude Desktop (Windows): %APPDATA%\Claude\claude_desktop_config.json
Windsurf: ~/.codeium/windsurf/mcp.json
VS Code: registered via the VS Code CLI

Use Cases

Give Claude access to every SaaS system in the company through one governed endpoint instead of installing dozens of point MCP servers
Expose a "Send Slack Message" or "Create Jira Issue" composite workflow so an agent can complete a multi-step action with a single tool call
Allow agents to run read-only Salesforce SOQL queries, look up NetSuite records, or query Snowflake while IT enforces RBAC and audit logging
Centralize MCP governance, audit trails, rate limits, and version rollout across all AI agents in the organization to satisfy SOC 2, HIPAA, and GDPR controls
Replace shadow or unmanaged MCP servers with approved, user-scoped tools published from existing Tray workflows

Example Prompts

"Look up the Acme Corp account in Salesforce and summarize the last three opportunities"
"Send a Slack message to the on-call engineer letting them know the deployment finished"
"Run the order-status workflow for order #48211 and tell me where the shipment is"
"Search Jira for open P1 bugs assigned to the platform team this sprint"
"Pull the latest revenue figures from Snowflake and post them as a comment on the Q3 forecast Google Doc"

Pros

Official, vendor-hosted server with OAuth2 support and a listing in the Claude Connectors Directory
Massive surface area: 700+ connectors plus arbitrary Tray workflows can be exposed without writing MCP code
Enterprise-grade governance including RBAC, audit logs, rate limits, and compliance with SOC 2, HIPAA, and GDPR
Composite Workflow Tools reduce hallucination risk by hiding multi-step logic behind a single deterministic tool call

Limitations

Requires a paid Tray.ai workspace and admin work to publish tools; not usable without an existing Tray account
No public source code or open-source MCP server implementation, so the exact tool surface depends on what your admins configure
The set of available tools is workspace-specific, which means consistent prompts across organizations are not guaranteed

Alternatives

Zapier MCP: exposes Zapier's 7,000+ app integrations as MCP tools for AI agents
Workato MCP: similar iPaaS-as-MCP approach with enterprise governance
Pipedream MCP: developer-focused MCP server fronting Pipedream's connector catalog