Connecting AI assistants to your data (MCP)

What is MCP, and what does this give me?

MCP (the Model Context Protocol) is an open standard that lets an AI assistant talk to an outside service in a structured way. trustyourinbox runs an MCP server, so any MCP-capable client can read your DMARC data and answer questions about it without you exporting anything or writing a query.

Once connected, you can ask in plain language and get an answer built from your real reports. For example:

• "How much spoof mail did acme.com get last week?"
• "Which of my domains are failing compliance right now?"
• "What should I fix next?"
• "Show me the top sending sources for acme.com over the last 30 days."
• "List my domains."

The answers come back as clean tables and summaries, computed by the same logic that powers your dashboard. So the numbers your assistant shows you always match what you see in the product.

Step 1: Create a token

Access is authenticated with a personal access token that you create in the app. In the dashboard, go to Settings, then Integrations, then MCP, give the token a name you'll recognize (for example "Claude on my laptop"), and click Create token.

You'll see the token once. It looks like tyi_mcp_.... Copy it now and store it like a password. If you lose it, just revoke it on that same page and create a new one. You can keep several tokens (one per client or device) and revoke any of them at any time.

The server URL you'll need is https://mcp.trustyourinbox.com.

Step 2: Add the server to your client

Every MCP client needs the same two things: the server URL above, and your token sent as a Bearer credential. The menus differ from client to client, and they change often, but the two ingredients don't. Here are the common ones.

Cursor

Cursor reads MCP servers from a JSON file (a project-level .cursor/mcp.json, or your global ~/.cursor/mcp.json). Add an entry with the URL and an Authorization header:

{
  "mcpServers": {
    "trustyourinbox": {
      "url": "https://mcp.trustyourinbox.com",
      "headers": {
        "Authorization": "Bearer tyi_mcp_your_token_here"
      }
    }
  }
}

Save the file, then open Cursor's MCP settings and confirm the trustyourinbox server shows its tools as connected. Ask it "list my domains" to check it works.

Claude (desktop app)

The Claude desktop app reads MCP servers from its claude_desktop_config.json (Settings, then Developer, then Edit Config). Because the desktop app launches servers as local commands, the simplest way to connect a remote server with a token is the small open-source bridge mcp-remote, which forwards to our URL and attaches your token:

{
  "mcpServers": {
    "trustyourinbox": {
      "command": "npx",
      "args": [
        "-y",
        "mcp-remote",
        "https://mcp.trustyourinbox.com",
        "--header",
        "Authorization: Bearer tyi_mcp_your_token_here"
      ]
    }
  }
}

Save the file and restart Claude. You'll see the trustyourinbox tools appear in the tools menu. (npx comes with Node.js; if you don't have Node installed, install it first.)

Any other client

Any client that supports a remote (Streamable HTTP) MCP server with a custom header works the same way: set the URL to https://mcp.trustyourinbox.com and add the header Authorization: Bearer tyi_mcp_your_token_here. For a client that only speaks the local (stdio) transport, use the same mcp-remote bridge shown above. To sanity-check a connection outside any client, the official MCP Inspector can point at the URL with the same bearer header.

What it can and can't do

Tokens are read-only by default. A read-only token can look at your data and summarize it, but cannot change anything. When you create a token you can optionally turn on write access, which lets the assistant take a few safe actions on your behalf (below). Either way it cannot touch your billing, your settings, or another workspace.

It's also scoped to one workspace: the workspace the token was created in. A token can never see another customer's data, and a domain name that isn't in your workspace simply comes back as "not found". The assistant runs as the person who created the token, so if that person's access is removed, the token stops working.

The read tools answer questions about:

• your domains, their status, and overall workspace health and alignment,
• spoofing blocked for a domain, and a workspace-wide threat overview,
• who is sending as a domain (known senders vs unknown sources),
• whether your failures are forwarding or real, broken down by authentication path,
• how each receiver (Gmail, Outlook, Yahoo) sees your mail,
• your DKIM selectors and key sizes, reverse-DNS coverage, and BIMI logo setup,
• compliance against the Google, Microsoft, BIMI, and TLS mandates, your open action items, and what to fix next,
• and your reports and recent changes. There is also a public toolbox that checks any domain or explains a pasted email header.

If you enable write access, the assistant can also snooze or dismiss an action item, re-check a domain's DNS, label an unknown sender as a known vendor, and stage a one-click DNS fix (which still goes through the same 5-minute delay, email notice, and 24-hour undo as the app), including canceling a staged fix. Every write is recorded in your audit log with the token's name.

Browsing your workspace and autocomplete

Beyond asking questions, the connection exposes your data as browsable resources. Clients that support it let you attach a view directly as context, like your workspace health, your action inbox, or a single domain's posture, without having to phrase a question first. There is one view per workspace summary and a set of per-domain views (overview, records, senders, and recommendation).

Clients that support argument autocomplete will also suggest your real domain names as you type, so you pick from a list instead of guessing the exact spelling. All of this stays scoped to your workspace in exactly the same way: you only ever see and complete your own domains.

Keeping the token safe

Treat the token like a password. We store only a one-way hash of it, so nobody (including us) can read it back. That's also why you only see it once at creation. If a laptop is lost or a token is shared by mistake, open Settings, then Integrations, then MCP, and click Revoke next to it. It stops working immediately, and any client still using it gets locked out on the next request.

Anyone with workspace data access can create their own tokens. Each token is tied to its creator, and every create and revoke is recorded in your audit log.

If you give a token write access, every change an assistant makes is recorded in your audit log and per-domain history the same way a change you make by hand is, and it is labeled with the token's name so you can always see when an action came through an assistant rather than a person.

Troubleshooting

The client says "unauthorized" or the connection is refused. The token is wrong, expired from a typo, or was revoked. Make sure the header is exactly Authorization: Bearer tyi_mcp_... with a single space, and that you copied the whole token. If in doubt, create a fresh one.

It can't find my domain. Use the exact domain name as it appears under "list my domains". A domain that isn't monitored in this workspace (or that belongs to a different workspace) returns "not found" by design.

The tools don't show up at all. Double-check the URL is https://mcp.trustyourinbox.com, restart the client after editing its config, and confirm the JSON is valid (a stray comma is the usual culprit).

Still stuck? Open the help bubble in the dashboard and send us a note. We read every one.