en
Signup
Get Started
Get Started
right-arrow Created with Sketch.
Integrations

ITxM Platform

Unified IT operations and service management

Explore Platform
right-arrow Created with Sketch.

AI-powered ITSM for the Modern Enterprise

AI-native Incident Management for the Modern Enterprise

Status Pages

Communicate service health in real time

A connected AI fabric, woven across the Xurrent platform, Sera AI brings together signals, service data, and workflows to reduce noise, focus teams on what matters, and accelerate action across IT and the enterprise.

Explore Sera AI
right-arrow Created with Sketch.
FEATURES

AI-Powered Incident Management

Helps service desk teams resolve issues faster.

Service Desk

Built to streamline IT workflows and elevate the employee experience from day one.

Workflow Automation

Centralize and coordinate automation efforts across your entire enterprise.

AI Virtual AgentOn-call ManagementSLA ManagementIncident Management for ITSM
See all
right-arrow Created with Sketch.
INDUSTRIES

Manufacturing

Resolve issues quickly with an AI-powered system that automates ticketing.

Financial Services

Resolve issues quickly with an AI-powered system that automates ticketing.

SaaS

Resolve issues quickly with an AI-powered system that automates ticketing.

E-commerce

Resolve issues quickly with an AI-powered system that automates ticketing.

USE CASES

AI Service Desk

Resolve issues quickly with an AI-powered system that automates ticketing.

Enterprise Service Management

Resolve issues quickly with an AI-powered system that automates ticketing.

  1. Help
  2. Integrations
  3. MCP
  4. Authentication & PAT Setup

Close modal icon featuring an X formed by two crossed lines.
  1. Help
  2. Integrations
  3. MCP
  4. Authentication & PAT Setup

purple icon for coordination.
We’ve moved!
Our Help Center has a new home and our URLs have changed. Please update your bookmark to this page before April 30, 2026

Authentication and PAT Setup

Generate a Personal Access Token, pick the right scopes, and protect your credentials when using the Xurrent MCP server.

The Xurrent MCP server authenticates every request using a Personal Access Token (PAT) sent as a Bearer token in the Authorization header. There is no separate MCP-specific credential. Your PAT is what grants access.

Before you start: Sera AI must be enabled on the account the MCP server connects to. If Sera AI is off, the connection handshake still succeeds and the tools still list, but every tool call returns a 403 error. Enable it under Settings, Self Service Settings, Enable Sera AI.

Generating a PAT

Important: create your PAT from a support domain account. This is the supported and recommended setup. When the token belongs to a support domain account, the MCP server resolves the account for you automatically.

  1. Log in to your Xurrent account.
  2. Click your profile picture in the top right, then My Profile.
  3. In the left sidebar, click Personal Access Tokens.
  4. Click New Token (or the equivalent button).
  5. Give the token a descriptive name (e.g. "Claude Desktop MCP" or "Copilot Studio Agent").
  6. Select the scopes you need (see Required scopes below).
  7. Copy the generated token immediately. Xurrent will not show it again.

Required scope

To use the MCP server, your Personal Access Token needs one scope:

  • Effect: Allow
  • Actions: MCP — Prompts, Resources, Tools

This single scope grants the MCP server access to all its prompts, resources, and tools. The server's actual permissions on Xurrent data (what it can read, what it can write) are inherited from the user the PAT belongs to.

Token security

  • Treat your PAT like a password. Anyone with the token can act on Xurrent as you, within its scopes.
  • Never paste your PAT into chat with an AI. The AI doesn't need to see it. It lives in the client's config.
  • Never include your PAT in MCP debug logs. It appears in plaintext in the args. Scrub it before sharing logs.
  • Rotate your PAT if it leaks. Revoke the old one under My Profile, then Personal Access Tokens.
  • Use separate PATs per client. That way you can revoke one without breaking the others.

Account selection

Use a Personal Access Token that belongs to a support domain account. The MCP server reconciles the account from the token automatically, so you do not need to specify it anywhere in your client configuration. Your roles and permissions within that account govern what the MCP server can read and do on your behalf. To work against a different account, create a token in that support domain account and use that token instead.

You can also use a Directory Account token, but then you have to specify the target account yourself by passing it in the X-Xurrent-Account header. The support domain account token is the recommended path because it removes that step.

Token expiration

PATs do not expire by default, but you can set an expiration date when creating one. We recommend setting an expiration of 90 days for MCP use and rotating regularly.