gigamcp/ docs

Personal connectors

Personal connectors let an individual workspace member authorise access to their own Google Drive folder, GitHub account, Slack workspace, or Linear workspace, without sharing credentials with the workspace admin.

Knowledge sources created from a personal connector are tagged with a fixed user:<your-id> audience, which is immutable: even your workspace owner can't widen the visibility, and other members will never see your content in their MCP responses.

Plan availability

  • Free: 0 personal connectors. Upgrade to enable.
  • Starter: up to 3 per user.
  • Growth / Enterprise: unlimited.

Connecting your Google account

  1. Open My connectors from the sidebar.
  2. Click Connect Google. You'll be redirected to Google's OAuth consent screen.
  3. Approve the drive.readonly scope. Gigamcp asks for the minimum scope needed; we never request write access.
  4. Once redirected back, your account shows up under Personal Google connectors. Add a Drive folder ID to start indexing it.

Connecting your GitHub account

  1. Click Connect GitHub on the same page.
  2. Approve the repo scope (or public_repo if you only want to index public repos).
  3. Pick the repos you want indexed. The list mirrors what your GitHub account can see — Gigamcp does not pull private repos you haven't explicitly added.

Connecting your Slack workspace

  1. Click Connect Slackon the same page. You will be bounced to your workspace's Slack OAuth consent screen.
  2. Approve the read-only user scopes: channels:read, groups:read, channels:history, groups:history, users:read, search:read. You will only ever see channels you can already see in Slack.
  3. Add a channel id to start indexing it. Personal sources stay scoped to user:<you>.

Connecting your Linear workspace

  1. Click Connect Linearon the same page. You will be bounced to Linear's OAuth consent screen.
  2. Approve the read-only read scope. You will only ever see teams / projects / issues you can already see in Linear.
  3. Add a team key (e.g. ENG) to start indexing it.

Token handling

  • Refresh tokens are stored encrypted in AWS Secrets Manager under a per-workspace, per-user key (gigamcp/tenants/<tenantId>/users/<userId>/<provider>) — if you are a member of two workspaces and connect the same provider in each, the two credentials are independent.
  • Access tokens are exchanged on the fly per request and never persisted.
  • You can revoke a connection at any time via My connectors → Disconnect. Within 5 minutes, all indexed content from that source disappears from MCP responses; the underlying chunks are purged within 24 h.

What the workspace admin can see

Audit log entries (e.g. "vahur connected GitHub", "vahur ran 12 personal-search calls today"). The content of your searches and the files in your personal sources are not visible to anyone but you.

What happens when you leave the workspace

If your membership is revoked, all your personal connectors in that workspace are auto-revoked. The associated knowledge sources are tombstoned for 7 days (so you can request a copy via the GDPR export endpoint) and then hard-purged.