Admin-enabled access
Company owners and admins decide which credentials may be used by automations and AI agents.
Controlled Beta
AI Agent Access for Service Business Workflows
Let approved AI agents inspect company context and perform bounded, safe workflow actions across leads, bookings, and job status updates.
Built for controlled agent access
An AI agent should not get unrestricted operational data access. The beta focuses on scopes, auditing, and fast revocation.
Scoped safe-write tools
Tools focus on reading workflow context and bounded actions such as creating leads, adding notes, and updating statuses.
Auditable by credential
Agent actions should trace back to a named credential with last-used metadata and a clear revocation path.
Hosted MCP endpoint
The controlled beta uses company bearer access to a hosted MCP endpoint with HTTP transport, authentication, and Origin validation guidance.
How safe agent access works
Give an agent only the tools it needs for a specific operational job, not blanket control over the company workspace.
01
Admin creates access
Generate a scoped credential, copy the secret once, and store it in the approved AI client or automation platform.
02
Agent reads context
The agent can search leads, quotes, bookings, items, and team members inside the credential's company scope.
03
Agent performs bounded actions
Safe writes include actions like creating a lead, adding a note, updating a lead status, or supporting booking workflow steps.
04
Admin revokes access
Revoking a credential stops future use while preserving records of actions already performed.
Where AI agent access fits
This beta is best for teams that want to automate repetitive workflow steps without handing over full administrative control.
High-volume enquiry teams
Let an agent organise context, create leads, and add notes without retyping data.
Schedule-driven operators
Use agents to inspect booking context and support job status follow-up.
Cautious AI adopters
Start with scoped beta access that is named, revocable, and designed for auditability.
AI agent and MCP access FAQ
Is this unrestricted AI access to my company?
No. Beta access is admin-enabled, scoped, and limited to safe operational tools.
Can agents change data?
Only within the tools you grant. Safe writes may cover leads, notes, statuses, and bookings, but they do not automatically include delete, payment, or company settings access.
How do I control risk?
Use separate credentials per agent, keep secrets out of public frontends, review last-used metadata, and revoke credentials that no longer need access.
Related pages
See how Punchlist fits your field workflow
Compare plans, review the workflow pages, and choose the setup that matches how your team captures work, schedules jobs, and gets paid.
Compare Plans