4Degrees› Docs› Setup Guide

4Degrees AI Connector

A remote Model Context Protocol (MCP) server hosted at https://mcp.4degrees.ai/mcp. Once your firm enables it and a teammate authorizes their AI assistant, the assistant can pull contacts, deals, interactions, and network-strength signals from 4Degrees into the conversation — read-only, scoped to that teammate’s seat.

What it is #

The connector exposes three tools over MCP: discover, query, and compare. All three are annotated readOnlyHint: true, destructiveHint: false, idempotentHint: true, openWorldHint: false — so any MCP-aware assistant treats them as safe to invoke without a confirmation prompt.

Authorization uses OAuth 2.1 with Dynamic Client Registration (RFC 7591) and PKCE S256, so each AI assistant registers its own client and your firm doesn’t need to provision credentials by hand.

Enable the connector #

One-time, by an owner or admin of your firm’s 4Degrees workspace:

Sign in to 4Degrees.
Open Workspace Settings → Integrations.
Toggle “AI Connector” on. This grants every member the option to connect their own AI assistant. It does not connect anyone automatically.

Connect your AI client #

Pick the way you actually use AI today. Each path takes under five minutes; the OAuth handshake is the same.

Claude on the web (claude.ai) #

Best UX. No JSON to edit, no CLI required. Recommended for most deal-team users.

In claude.ai, click your profile avatar → Customize → Connectors.
Click + → Add custom connector.
Paste the MCP URL: https://mcp.4degrees.ai/mcp.
Click Add. Claude opens a new tab to 4Degrees — sign in and approve. You’re done.

ChatGPT (chatgpt.com) #

Best UX for ChatGPT users. Same one-URL flow, same OAuth handshake.

In chatgpt.com, open Settings → Connectors → Create.
Set the connector name to 4Degrees and paste the URL: https://mcp.4degrees.ai/mcp.
Click Create. ChatGPT validates the connection and lists the available tools.
To use it: open a new chat → + → More → pick 4Degrees. Sign in to authorize the first time.

Claude Code (CLI) #

For developers using Claude Code in the terminal.

claude mcp add --transport http 4degrees https://mcp.4degrees.ai/mcp

That’s it — on first tool use Claude Code opens a browser to complete OAuth. Verify with claude mcp list; the server shows up as 4degrees.

By default the connector is scoped to the current project. Add --scope user to make it available across all projects.

Claude Desktop (macOS / Windows app) #

The desktop app does not yet have a built-in remote-connector UI. Until it does, use the mcp-remote bridge below.

Install Node.js if you don’t already have it (the bridge runs via npx).
Open Claude Desktop → Settings → Developer → Edit Config. That opens claude_desktop_config.json.
Add the 4degrees entry inside mcpServers:

{
  "mcpServers": {
    "4degrees": {
      "command": "npx",
      "args": ["-y", "mcp-remote", "https://mcp.4degrees.ai/mcp"]
    }
  }
}

Quit Claude Desktop fully and relaunch. mcp-remote opens a browser the first time so you can sign in to 4Degrees.

OpenAI Codex (CLI) #

For developers using the OpenAI Codex CLI.

Edit ~/.codex/config.toml (or .codex/config.toml in your project root) and add:

[mcp_servers.4degrees]
url = "https://mcp.4degrees.ai/mcp"

Run codex mcp login 4degrees to authorize, or Codex will prompt you on first tool use.

Tool reference #

Three tools, each annotated readOnlyHint: true. AI assistants compose them automatically — you typically don’t call them by hand.

discover Lists available CRM resources, your org’s custom fields, and pipeline names. Always called first.

Parameters

Name	Type	Required	Description
`resource`	`string`	Optional	Resource name — one of `contacts`, `companies`, `deals`, `interactions`, `custom_fields`, `team`, `pipelines`. Omit to list all available resources.

Returns

Markdown text describing the requested resource, including your org’s actual custom fields and pipeline names. With no argument: a list of all available resources plus tips.

query Retrieves records with optional filters, field selection, sorting, pagination, and output format.

Parameters

Name	Type	Required	Description
`resource`	`string`	Required	One of `contacts`, `companies`, `deals`, `interactions`, `company_notes`, `deal_notes`, `custom_fields`, `team`, `pipelines`, `portfolio`, `introductions`.
`filters`	`object`	Optional	Field-value pairs. `{"id": "87"}` for a specific record; `{"name": "Jason"}` for a search.
`fields`	`string`	Optional	Comma-separated field names to return (e.g. `"name,email,company"`). Defaults to all fields.
`sort`	`string`	Optional	Sort field with optional `Desc` suffix (e.g. `"name"`, `"strengthDesc"`).
`limit`	`integer`	Optional	Max records returned. Default `20`; clamped to `100`.
`offset`	`integer`	Optional	Skip N records for pagination. Default `0`.
`format`	`string`	Optional	`"csv"` (default, most token-efficient), `"markdown"`, `"json"`, or `"summary"`.

Returns

Formatted text in the requested format. Interactions require at least one scoping filter (contact_id, owner, type, source, date_after, date_before, or search) to avoid an unbounded query.

compare Server-side aggregation — counts, averages, sums — grouped by a dimension. Avoids fetching raw records.

Parameters

Name	Type	Required	Description
`resource`	`string`	Required	What to aggregate — typically `contacts` or `deals`.
`metric`	`string`	Required	One of `count`, `avg_strength`, `sum_deal_value`, `avg_deal_value`, `total_interactions`.
`group_by`	`string`	Required	How to group — e.g. `pipeline`, `stage`, `owner`, `tag`, `location`, `month`, or any custom-field name.
`filters`	`object`	Optional	Same syntax as `query`.
`format`	`string`	Optional	`"csv"` (default), `"markdown"`, or `"json"`.

Returns

Aggregated rows in the requested format. deals supports count/sum_deal_value/avg_deal_value by pipeline/stage; contacts supports count/avg_strength by owner/tag; both support total_interactions.

OAuth flow #

Each teammate authorizes their AI assistant separately. Tokens are issued per-seat, scoped read-only, and stored as SHA-256 hashes server-side — the original token value is never persisted. Connection setup uses OAuth 2.1 with Dynamic Client Registration so the AI assistant registers its own client.

Code samples #

Discovering OAuth metadata (any client)

# Step 1 — discover the auth server
curl -i https:/.4degrees.ai/.well-known/oauth-protected-resource

# Returns:
{
  "resource": "https://mcp.4degrees.ai/mcp",
  "authorization_servers": ["https://app.4degrees.ai"],
  "resource_documentation": "https://mcp.4degrees.ai/docs/connector",
  "scopes_supported": ["read"],
  "bearer_methods_supported": ["header"]
}

Calling a tool with a bearer token

# Once your AI client has a token, every tool call is JSON-RPC over HTTP.
curl -X POST https://mcp.4degrees.ai/mcp \
  -H "Authorization: Bearer $ACCESS_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "jsonrpc": "2.0",
    "id": 1,
    "method": "tools/call",
    "params": {
      "name": "compare",
      "arguments": {
        "resource": "deals",
        "metric": "count",
        "group_by": "stage",
        "filters": {"pipeline": "Enterprise"}
      }
    }
  }'

What data is accessible #

Read-only access to data your seat in 4Degrees already has permission to view, scoped to your firm:

Contacts, companies, deals (and their custom fields, tags, owners, locations)
Interaction metadata — subject, sender, date, type. Encrypted email and meeting bodies are never returned.
Pipelines, stages, custom field definitions, team membership
Portfolio dashboards (triage, warmest leads, news, job changes, reminders)
Introduction paths — teammates with the strongest relationship to a contact or company

See the connector Privacy Policy for the full data inventory.

Security & control #

Read-only by design

No write tools exposed. readOnlyHint: true + destructiveHint: false on every annotation.

Email bodies stay private

Encrypted at rest in 4Degrees. Only metadata — subject, sender, date — is queryable.

Org admins control access

One toggle in workspace settings disables the connector firm-wide and invalidates every teammate’s token immediately.

Revoke in one click

From your AI assistant’s settings or your 4Degrees account. Effective on the next request.

How to revoke access #

From Claude: Settings → Connectors → 4Degrees → Disconnect.
From ChatGPT: Apps → 4Degrees → Disconnect.
From 4Degrees: revoke the access token from your account settings.
From your firm’s administrator: disabling the AI Connector in workspace settings invalidates every token issued to org members.

Revocation is effective immediately on the next request — there’s no background sync to wind down.

Troubleshooting #

401 Unauthorized Token expired, revoked, or never issued.

Access tokens are valid for one hour. If your AI client doesn’t auto-refresh, disconnect and reconnect from the assistant’s settings. If your firm’s admin has disabled the connector since you last connected, every previously-issued token returns 401 too.

403 Forbidden Origin header isn’t in the connector allowlist.

The connector validates Origin headers as defense-in-depth. Approved origins include claude.ai, claude.com, chatgpt.com, chat.openai.com, and *.4degrees.ai. Requests with no Origin header (typical for non-browser MCP clients) are allowed.

Query timed out Add scoping filters; never query interactions unfiltered.

Interactions require at least one of contact_id, owner, type, source, date_after, date_before, or search. For other resources, narrow with owner: "you", a date range, or a tag.

FAQ #

Does Claude or ChatGPT learn from my firm’s data?

No. Per Anthropic’s Connector Terms and OpenAI’s Apps SDK terms, neither provider trains its models on data returned by third-party connectors. 4Degrees does not share connector data with any other party.

What happens when I revoke access?

The next request from that AI assistant fails authentication and the connection drops. There’s no background sync to wind down.

Can I share access across my team?

No — every teammate authorizes their own AI assistant separately. Each connection is scoped to that person’s seat in 4Degrees, ensuring every query respects their permissions and visibility rules.

Where is my firm’s data stored?

Your CRM data continues to live in your existing 4Degrees infrastructure. The connector does not duplicate, cache, or relocate it. The only thing 4Degrees logs from connector traffic is request metadata (user/org IDs, path, duration, hashed token ID) for audit and rate-limiting — see the privacy policy.

Are there rate limits or result-size caps?

Yes. Each token has a per-minute sliding-window rate limit (default 100 req/min, with a short burst allowance). Individual query calls return up to 100 rows; for "how many" questions the assistant should call compare instead, which aggregates server-side without hitting the row cap.

Which 4Degrees plans include the AI Connector?

The connector is available to firms whose 4Degrees plan includes MCP access. Your firm’s administrator can enable it in workspace settings; if the toggle isn’t visible, contact support@4degrees.ai or schedule a call.

Last updated April 27, 2026. Found something inaccurate? support@4degrees.ai.