The SocialCRM MCP App now runs inside ChatGPT. That means you can pull a live Brand Snapshot— repository assets, monitoring results, mentions, and platform metrics—without leaving the conversation. This is exactly how AI ops should feel: fast, direct, and actionable.
What You Can Do in ChatGPT
- Pull a Brand Snapshot instantly. One request surfaces core brand context plus live monitoring and mentions.
- Share results back to the model. We can inject the snapshot into model context for better follow-up responses.
- Stay in flow. No context switching, no copy-paste, no stale data.
How We Secure It (Clear + Strict)
- 1) API keys from your dashboard. We use the keys you already manage in
/settings/api-keys—no extra provisioning. - 2) Auth on every call. MCP tool calls require
Authorization: Bearer <key>. Missing or invalid keys are rejected. - 3) Company scoping enforced server-side. We derive
companyIdfrom the key and force it into brand-scoped tools. Clients can’t spoof it. - 4) Tool allowlist only. The MCP App exposes a vetted, read-only snapshot surface—no destructive actions.
- 5) Locked iframe origin. The UI only embeds from the approved ChatGPT host.
If You Want It Even Tighter
We can lock this down further in hours, not weeks:
- Per-key rate limits to prevent abuse and enforce fair usage.
- Scoped permissions so each key only accesses the specific tools you allow.
- Brand allowlists so a key can only access designated brand IDs.
If you want to run Brand Snapshots in ChatGPT securely, we’re ready. This is the baseline—and we can harden it as far as you need.
MCP Apps are the new integration surface for AI workflows. We’re excited because it finally matches how teams work: conversation-first, data-rich, and secure by default.
