en
Signup
Get Started
Get Started
right-arrow Created with Sketch.
Integrations

ITxM Platform

Unified IT operations and service management

Explore Platform
right-arrow Created with Sketch.

AI-powered ITSM for the Modern Enterprise

AI-native Incident Management for the Modern Enterprise

Status Pages

Communicate service health in real time

A connected AI fabric, woven across the Xurrent platform, Sera AI brings together signals, service data, and workflows to reduce noise, focus teams on what matters, and accelerate action across IT and the enterprise.

Explore Sera AI
right-arrow Created with Sketch.
FEATURES

AI-Powered Incident Management

Helps service desk teams resolve issues faster.

Service Desk

Built to streamline IT workflows and elevate the employee experience from day one.

Workflow Automation

Centralize and coordinate automation efforts across your entire enterprise.

AI Virtual AgentOn-call ManagementSLA ManagementIncident Management for ITSM
See all
right-arrow Created with Sketch.
INDUSTRIES

Manufacturing

Resolve issues quickly with an AI-powered system that automates ticketing.

Financial Services

Resolve issues quickly with an AI-powered system that automates ticketing.

SaaS

Resolve issues quickly with an AI-powered system that automates ticketing.

E-commerce

Resolve issues quickly with an AI-powered system that automates ticketing.

USE CASES

AI Service Desk

Resolve issues quickly with an AI-powered system that automates ticketing.

Enterprise Service Management

Resolve issues quickly with an AI-powered system that automates ticketing.

  1. Help
  2. Integrations
  3. MCP
  4. Authentication and PAT Setup

Close modal icon featuring an X formed by two crossed lines.
  1. Help
  2. Integrations
  3. MCP
  4. Authentication and PAT Setup

purple icon for coordination.
We’ve moved!
Our Help Center has a new home and our URLs have changed. Please update your bookmark to this page before April 30, 2026

Authentication and PAT Setup

Generate a Personal Access Token, pick the right scopes, and protect your credentials when using the Xurrent MCP server.

The Xurrent MCP server authenticates every request using a Personal Access Token (PAT) sent as a Bearer token in the Authorization header. There is no separate MCP-specific credential. Your PAT is what grants access.

Generating a PAT

  1. Log in to your Xurrent account.
  2. Click your profile picture in the top right, then My Profile.
  3. In the left sidebar, click Personal Access Tokens.
  4. Click New Token (or the equivalent button).
  5. Give the token a descriptive name (e.g. "Claude Desktop MCP" or "Copilot Studio Agent").
  6. Select the scopes you need (see Required scopes below).
  7. Copy the generated token immediately. Xurrent will not show it again.

Required scopes

The scopes you need depend on which tools you want the MCP server to use. At minimum, for read-only access:

  • requests:read
  • knowledge_articles:read
  • inbox:read

For full read and write functionality:

  • requests:read, requests:write
  • knowledge_articles:read
  • problems:read, problems:write
  • project_tasks:read, project_tasks:write
  • inbox:read
  • request_templates:read

[TODO: confirm exact scope names and document the canonical scope order if there is one.]

Scope ordering (important for some clients)

Some clients, notably Microsoft Copilot Studio, are sensitive to the order in which scopes are listed in the PAT. If your token works in Claude Desktop but fails in Copilot Studio, regenerating the PAT with scopes in a different order may resolve it.

Token security

  • Treat your PAT like a password. Anyone with the token can act on Xurrent as you, within its scopes.
  • Never paste your PAT into chat with an AI. The AI doesn't need to see it. It lives in the client's config.
  • Never include your PAT in MCP debug logs. It appears in plaintext in the args. Scrub it before sharing logs.
  • Rotate your PAT if it leaks. Revoke the old one under My Profile, then Personal Access Tokens.
  • Use separate PATs per client. That way you can revoke one without breaking the others.

Account selection

Most users have access to a single Xurrent account, so no account selection is needed. If you have access to multiple accounts, [TODO: document how account is selected. Is it inferred from the PAT, or passed as a header like X-Xurrent-Account?]

Token expiration

PATs do not expire by default, but you can set an expiration date when creating one. We recommend setting an expiration of 90 days for MCP use and rotating regularly.