Knowledge Guide · Updated June 2026

Claude Connectors: A Complete GuideMCP, Permissions and Connected Workflows

Claude connectors extend Claude's capabilities by linking it to approved external tools, data sources and services via the Model Context Protocol (MCP). Whether you are evaluating connectors for your organization, building custom integrations or governing connector use across teams, this guide explains how they work, what they can and cannot do, and how to approach them responsibly.

Availability note: Connector availability and capabilities may depend on the Claude plan, interface, region, administrator settings, source application, user permissions and current Anthropic product configuration. Features described here reflect publicly documented information and may change.

Claude Enterprise Training →Claude Code Training What is MCP?

Conceptual connector flow — actual behavior depends on connector type, plan, administrator configuration and source-system permissions

Quick Answer

Claude connectorsare integrations powered by the Model Context Protocol (MCP) that allow Claude to access approved external tools, retrieve context from connected services and — where permitted — take actions in those systems. Claude inherits each user's existing permissions from the connected service. Organization administrators control which connectors are enabled and what actions they can perform. Connector availability depends on the plan, interface, region and current Anthropic product configuration.

What Are Claude Connectors?

By default, Claude works within the context of your current conversation and any files or documents you directly provide. Claude connectors extend this by creating structured, permission-aware connections to approved external systems — allowing Claude to retrieve relevant context, reference live or indexed data, and in some cases take permitted actions in connected applications.

Connectors are built on Model Context Protocol (MCP), an open protocol that defines how AI systems communicate with external tools and data sources. Claude.com hosts a connector directory of pre-built integrations. Organizations can also build custom connectors by implementing remote MCP servers.

A key principle: connecting a service does not grant Claude unrestricted access to that system.Claude inherits the requesting user's permissions from the connected source application. Organization owners on Team and Enterprise plans can additionally restrict permitted actions at the connector level.

Important: Connector availability and capabilities depend on the Claude plan, interface, region, administrator settings, source application, user permissions and current Anthropic product configuration. Not all connectors are available on all plans or interfaces.

Five Types of Claude Connectors

Anthropic documents several connector categories. Availability depends on plan, interface and administrator configuration.

Remote / Web Connectors (Pre-built)

•Cloud-hosted integrations available from the Claude connector directory.
•Accessible across Claude's web interface, mobile apps, Claude.ai for Work and — where applicable — Claude Desktop and Claude Code.
•Connect Claude to services such as project management tools, communication platforms, document systems and more.
•Each connector has its own capability profile (read, write, interactive) — verify what each connector can actually do.
•Administrator enables and controls which connectors are available to which users.

Desktop Extensions (Local)

•Run locally on the user's machine — not in the cloud.
•Available only in Claude Desktop and Claude Code. Not available through the web interface or mobile apps.
•Provide access to local tools, files, development environments and machine-level integrations.
•Suitable for developer workflows where local system access is needed.
•Security model differs from remote connectors — local execution requires careful review of what the extension can access.

Custom Connectors via Remote MCP

•Organizations or third parties build and host a remote MCP server that Claude connects to.
•Enables integration with internal systems, proprietary data sources or specialized tools not in the pre-built directory.
•Requires development resources, security review and ongoing maintenance.
•Anthropic does not security-audit third-party MCP servers — organizations are responsible for assessing security.
•Available where remote MCP connectors are supported; plan and administrator configuration applies.

Claude Code MCP (Developer-Configured)

•Developers configure MCP servers locally (per-project) or remotely within Claude Code.
•Supports local MCP servers, project-scoped MCP config files and remote MCP server connections.
•Primarily for developer workflows: connecting Claude Code to databases, APIs, version control, CI/CD or custom tools.
•Configuration lives in project or user-level config files; scope and trust level are developer-managed.
•See Claude Code documentation and training for detailed MCP configuration patterns.

API-Level MCP Connector (Application Integration)

•Developers building Claude API applications connect their app to remote MCP servers.
•Enables applications — not just end-user Claude interfaces — to use MCP-connected tools and data.
•Useful for building products and internal tools where Claude serves as an AI layer over connected systems.
•Requires Anthropic API access and development against the MCP specification.
•Configuration and security are the developer/organization's responsibility at the application level.

Remote Connectors vs Desktop Extensions

Remote connectors and desktop extensions have different architectures, availability and security profiles. Organizations should verify which type is appropriate for their use case and platform.

Aspect	Remote / Web Connectors	Desktop Extensions
Hosting	Cloud (Anthropic or third-party hosted)	Local machine
Interfaces	Web, mobile, Claude.ai for Work, Desktop, Code (where applicable)	Claude Desktop and Claude Code only
Web / Mobile availability	Yes	No
Use case	Cloud services, SaaS tools, organizational systems	Local files, development tools, machine-level access
Auth model	OAuth per-user, or enterprise-managed auth (where available)	Local config, developer-managed
Admin controls	Org owner can restrict or block actions	Developer-configured; org admin controls vary
Security review	Pre-built directory connectors reviewed by Anthropic; third-party MCP servers are not	Developer responsibility; local execution scope

Architecture details reflect publicly documented Anthropic product information and may change. Verify current capabilities and availability in your plan and environment.

The Connector Permission Model

Claude connectors operate within a layered permission model. An action is only permitted if it passes every layer. Understanding this model helps organizations design appropriate governance and helps users understand why certain requests may not be fulfilled.

Permission layers — an action is only permitted if all layers approve it

Always Allow

The connector can take this action automatically when relevant, without per-request user confirmation.

Needs Approval

Claude presents the proposed action and the user must explicitly confirm before it is executed.

Blocked

The action is not permitted regardless of user request. Blocked actions cannot be executed through this connector.

Policy options available to Team and Enterprise organization owners, subject to current Anthropic product configuration. Verify current admin controls in your plan documentation.

Read Connectors vs Write Connectors

The Claude connector directory categorizes connectors by capability. This distinction is important for governance — read connectors retrieve context while write (or read & write) connectors can also take actions in connected systems.

📖

Read

What it does: Retrieve context, documents or data from connected services.
Example: Searching project documentation, pulling meeting notes, referencing knowledge bases.
Risk level: Lower — data flows into Claude but no changes are made in the source system.

✏️

Read & Write

What it does: Retrieve context and also create, update or delete records in connected services.
Example: Creating tasks, updating project status, posting messages, writing records.
Risk level: Higher — actions change state in external systems. Review and approval controls are especially important.

⚡

Interactive

What it does: Enable richer interactive experiences within connected workflows.
Example: Structured data entry, guided workflows, form interactions in connected tools.
Risk level: Depends on what actions the interaction can trigger. Review connector documentation carefully.

Governance recommendation: Apply stricter review policies (Needs approval or Blocked) to write and interactive connectors, especially those connected to production systems. Always require human review before acting on connector outputs.

Enterprise-Managed Authentication

Beta Feature

Enterprise-managed authentication for connectors is described as a beta feature at the time of writing. Availability, supported connectors and supported identity providers may change. Verify current status in your plan's administrator documentation before planning rollouts.

By default, users authenticate individually to each connector via OAuth — each team member connects their own account to the external service. Enterprise-managed authentication allows Team and Enterprise administrators to provision connector access centrally through an identity provider, so employees gain access without needing to authenticate individually.

At the time of writing, enterprise-managed auth supports Okta as the identity provider at launch. A small number of connectors have been documented as supported. Organizations wishing to access this feature may need to apply through a waitlist.

Benefits

•Simplified rollout — employees do not authenticate individually
•Centralised access management via your identity provider
•Easier offboarding — remove access from one place
•More consistent governance across the organization

Considerations

•Beta — availability and supported connectors limited at launch
•Okta only at launch — other IdPs may follow
•Requires Team or Enterprise plan
•Apply via waitlist; not universally available

Connectors, MCP, Projects and RAG: How They Relate

Several related concepts are often discussed together. This table clarifies the distinction to help with both technical and organizational decision-making.

Concept	What it is	Relation to connectors
Claude Connectors	User/org-facing integrations that extend Claude with approved external tools, data and actions.	The product experience — what users and admins configure and use.
Model Context Protocol (MCP)	The open protocol underlying connector integrations — defines how AI systems communicate with external tools.	The technology that connectors are built on. Not all users need to know MCP; it is primarily a developer/admin concept.
Claude Projects	Persistent conversation spaces with shared instructions, uploaded documents and memory for a team or use case.	Complementary to connectors. Projects provide stored context; connectors provide live, permission-aware access to external systems. They can be used together.
RAG (Retrieval-Augmented Generation)	An AI architecture pattern where relevant documents are retrieved and passed to the model as context at inference time.	Connectors can implement a form of RAG behavior — retrieving context from external systems. RAG as a system-design pattern is broader and can exist independently of Claude connectors.
ChatGPT Connectors / Apps	OpenAI's equivalent feature set for connecting ChatGPT to external tools and data.	Separate product with its own terminology and architecture. See the ChatGPT Apps and Connectors guide for comparison.

Enterprise Use Cases for Claude Connectors

The following use cases represent patterns that organizations explore when deploying connectors across teams. Actual capabilities depend on the specific connector, plan and administrator configuration.

📋

Read & Write

Project and Task Management

Access project status, create or update tasks, retrieve sprint summaries and surface blockers — without switching between Claude and project management tools.

💬

Read

Communication and Collaboration

Reference conversation threads, draft responses with context from approved channels, and surface relevant discussions for summarization or decision support.

🎨

Read & Write

Design and Creative Workflows

Access design files and assets, generate content aligned with brand references, and iterate on creative work with connected design tool context.

🗃️

Read

Knowledge Management

Query internal wikis, documentation or knowledge bases to give Claude access to institutional knowledge relevant to a request — within user permissions.

📊

Read & Write

Engineering and Development

Connect Claude Code to issue trackers, linear boards, databases and internal APIs to support coding, debugging and planning workflows.

🔐

Admin

Governance and Audit

Centralize connector access management via enterprise-managed auth, apply connector policies and monitor which connectors are used and by whom.

Capabilities depend on the specific connector, plan and administrator configuration. Verify available connectors and their permissions in your Claude workspace.

Connector Evaluation and Adoption Lifecycle

Organizations that treat connector adoption as a structured process — rather than an ad-hoc configuration exercise — tend to see better governance outcomes. The lifecycle below reflects a recommended evaluation approach.

Recommended connector adoption lifecycle — adapt to your organization's security and compliance requirements

Evaluation checklist for each connector

1Does this connector serve a documented business need that justifies the data access scope?
2What data classification does the connected system hold — public, internal, confidential or regulated?
3What is the connector's capability type — read only, read & write, or interactive?
4Which user groups need access, and which should be excluded?
5Does the connector respect source-system permission boundaries for each user?
6Who built the connector — pre-built directory or third-party MCP server? Has the third party been assessed?
7Which action policies are appropriate — Always allow, Needs approval or Blocked?
8How will connector activity be monitored and reviewed?
9Does enabling this connector create any compliance implications for regulated data?
10When and how will this connector be reassessed as business needs or risks change?

Security Considerations and Controls

Connecting Claude to external systems introduces security considerations that organizations must assess independently. This section outlines common risk areas and corresponding controls.

Risk Area	Recommended Controls
Overly broad data access	Apply least-privilege principle — enable connectors only for users who need them; review connected scope.
Prompt injection via connected content	Claude has mitigations but is not immune — review retrieved content before trusting it in critical workflows.
Unreviewed write actions	Apply Needs approval policy to write connectors; require human confirmation before actions execute.
Third-party MCP server security	Anthropic does not audit third-party MCP servers — conduct your own security review before enabling third-party connectors.
Credential and token exposure	Use enterprise-managed auth where available; rotate credentials periodically; monitor for unauthorized access.
Compliance with regulated data	Enabling a connector does not create compliance — conduct a data flow review for any regulated data touched by the connector.
Lack of visibility	Monitor which connectors are active, which users have access and what actions are being taken through connector audit logs.

Important:Technovids Consulting Pvt. Ltd. does not provide legal, privacy or cybersecurity guarantees. All security assessments should be conducted by qualified security professionals appropriate to your organization's context and regulatory environment.

Common Mistakes When Deploying Connectors

✗

Assuming connectors work the same on all interfaces

Desktop extensions are only available in Claude Desktop and Claude Code — not the web or mobile interface. Before deploying connectors to employees, verify which connector type works on the interface those employees will use.

✗

Enabling write connectors without approval policies

Write connectors can create, update or delete records in external systems. Without a Needs approval policy, these actions may execute without explicit user confirmation. Always apply review policies to write connectors, especially in production systems.

✗

Treating connector responses as authoritative without review

Claude can make errors even with connected context. Connector responses may be incomplete, outdated or misinterpreted. Human review before acting on connector-assisted responses is not optional — it is a governance requirement.

✗

Connecting regulated data without a compliance assessment

Enabling a connector does not create regulatory compliance. If the connected system holds personally identifiable information, health records, financial data or other regulated content, a formal data flow and compliance assessment is required before deployment.

✗

Skipping security review of third-party MCP servers

Anthropic does not security-audit every third-party MCP server. Organizations are responsible for assessing the security of any third-party connector before connecting it to organizational data.

✗

No offboarding process for connector access

When employees leave or change roles, connector access should be reviewed and revoked as appropriate. Enterprise-managed auth simplifies this; without it, organizations should maintain a process for individually revoked connector credentials.

A Practical Connector Adoption Roadmap

Phase 1

— Foundation

→Identify 2–3 high-value, low-risk read connectors for a pilot team.
→Review data classification of connected systems.
→Configure connector policies — start with Needs approval for all.
→Document acceptable use expectations for employees.

Phase 2

— Controlled Rollout

→Expand read connectors to broader teams after pilot review.
→Evaluate write connectors with mandatory approval policies and limited users.
→Conduct employee training on connector use, permissions and responsible usage.
→Set up monitoring and review of connector activity.

Phase 3

— Scale and Govern

→Evaluate enterprise-managed auth if on Team/Enterprise plan — centralize provisioning.
→Review custom connector needs for internal systems not in the directory.
→Establish periodic connector access review (quarterly or on role change).
→Assess write connector policies — move from Needs approval to Always allow only where risk is understood and accepted.

Ready to Deploy Claude Connectors at Scale?

Understanding connectors is the first step. Our Claude Enterprise training covers the guide to Claude connectors and permission-aware workflows — permission models, governance frameworks, connector policies and responsible enterprise adoption. For developers, our Claude Code training covers how Claude connectors and MCP integrations work at the engineering level.

Claude Enterprise Training →Claude Code Training →

Or explore our Claude AI training course for a structured introduction to Claude across all interfaces.

Frequently Asked Questions

What are Claude connectors?+

Claude connectors are integrations that extend Claude's capabilities by connecting it to approved external tools, data sources and services. Powered by the Model Context Protocol (MCP), connectors allow Claude to retrieve context from external systems, take permitted actions and work within connected workflows — subject to user permissions, administrator controls and the applicable Claude plan.

What is the difference between remote connectors and desktop extensions?+

Remote web connectors are cloud-hosted integrations accessible across Claude's web interface, mobile apps, Claude.ai for Work (formerly Teams/Cowork) and Claude Desktop and Claude Code where applicable. Desktop extensions run locally on the user's machine and are only available in Claude Desktop and Claude Code — they are not available through the web or mobile interfaces. Organizations should verify which connector type is appropriate for their platform and users.

Do Claude connectors give unrestricted access to organizational data?+

No. Claude inherits each user's existing permissions from the connected service — the connector does not grant broader access than the user already has in the source application. Connecting Claude to a system does not bypass that system's own permission controls. Organization owners on Team and Enterprise plans can further restrict what actions connectors are allowed to perform. Claude does not provide unrestricted access to organizational data through connectors.

Are Claude connectors available on all plans?+

Connector availability depends on the Claude plan, interface, region, administrator settings and current Anthropic product configuration. Some connectors and connector management features — particularly enterprise-managed authentication and certain organizational controls — are primarily available on Team and Enterprise plans. Connector availability can also depend on whether an administrator has enabled the connector for the organization. Always verify current availability in your specific plan and region.

What is enterprise-managed authentication for connectors?+

Enterprise-managed authentication is a feature (described as in beta at the time of writing) that allows Team and Enterprise administrators to provision connector access centrally — for example, using an identity provider like Okta — rather than requiring each employee to authenticate individually. This simplifies rollout and governance for organizations connecting Claude to multiple systems. Availability, supported connectors and supported identity providers may change; verify current status in your plan's administrator documentation.

How does Claude's permission model work with connectors?+

When a user makes a request that involves a connector, Claude operates within the permissions that user has in the connected service. Additionally, organization owners can set policies at the connector level: Always allow (the action can proceed without per-request approval), Needs approval (the user must confirm before the action executes) or Blocked (the action is not permitted). This layered model means the effective permission is the intersection of the user's source-system permissions and the organization's connector policy.

What is the difference between Claude connectors and MCP?+

Model Context Protocol (MCP) is the open protocol that provides the underlying technology for connector integrations. Claude connectors are the user- and organization-facing integration experiences built on MCP. Not every user needs to understand MCP to use connectors; MCP is primarily a developer and administrator concept. Custom connectors built by organizations or developers are often implemented as remote MCP servers. See the MCP guide for a deeper technical explanation.

Can organizations build custom Claude connectors?+

Yes — organizations and developers can build custom connectors by implementing a remote MCP server, which Claude can then connect to. Custom connectors allow organizations to integrate Claude with internal systems, proprietary data sources or specialized workflows not covered by pre-built connectors. Building custom connectors requires development resources, security review and ongoing maintenance. The specific capabilities and interfaces available for custom connectors depend on the plan and Anthropic's current developer documentation.

Does enabling a connector make a workflow compliant with regulations?+

No. Connecting Claude to an external system does not automatically make any workflow compliant with data protection regulations, industry standards or organizational policies. Compliance depends on how data is handled, stored, processed and retained across the full system — including the connected service, Claude's processing and any outputs generated. Organizations should conduct their own compliance assessment for any connected workflow involving regulated data.

Does Anthropic security-audit every third-party MCP server?+

No. Anthropic does not security-audit every third-party MCP server or connector. While Anthropic provides documentation and guidelines for building connectors, third-party MCP servers are developed and maintained independently. Organizations should conduct their own security assessment of any third-party connector before connecting it to Claude and organizational data. Enterprise-managed auth and connector allowlists help reduce risk by limiting which connectors employees can access.

What is the best way to prepare employees to use Claude connectors responsibly?+

Organizations should train employees to use only administrator-approved connectors, understand which data each connector can access, always review Claude's responses before acting on them, avoid entering sensitive data outside approved connected workflows, recognize that Claude can make errors even with connected context, and follow company acceptable-use policies. Structured Claude enterprise training covering connectors, permissions and governance helps ensure consistent and responsible adoption.

Official Claude Resources

The following links point to official Anthropic documentation. Features and availability may have changed since publication — always verify in current documentation.

Claude Connector Directory ↗

Browse available pre-built connectors from the official directory.

Using Connectors to Extend Claude ↗

Overview of connector types, capabilities and permission model.

Desktop vs Web Connectors ↗

When to use remote connectors vs desktop extensions.

Custom Connectors via Remote MCP ↗

Getting started with building custom connectors.

Enterprise-Managed Authentication ↗

Org-wide MCP connector authorization (beta).

Claude Code MCP Documentation ↗

MCP configuration for Claude Code (developer-focused).

Claude API MCP Connector documentation ↗

Official documentation for connecting Claude API applications to remote MCP servers and enabling approved MCP tools.

Related Resources

Claude Enterprise Training Claude Code Training Claude AI Training Course What is MCP?ChatGPT Apps and Connectors Guide MCP Training Bangalore Agentic AI Explained AI Engineering

Independent provider notice: Technovids Consulting Pvt. Ltd. is an independent training provider. We are not affiliated with, endorsed by or in any business relationship with Anthropic PBC. Claude, Claude.ai, Claude Code and related product names are trademarks of Anthropic PBC. All product information is based on publicly documented Anthropic materials. Connector availability, features, plans and interfaces change over time — verify current information in official Anthropic documentation. This page does not constitute legal, privacy or cybersecurity advice.