Canvas Connectors

Your agent can reason about the work. It still can't act on it.

Connectors gives your agent a real toolset (read and write files, run code, search and scrape the web) plus governed access to the 3,000+ apps your organization already runs. Scoped permissions and a full audit trail on every call.

CONNECTORS YOUR AGENT TOOLS · 3,000+ APPS
One governed layer between your agent and everything it needs to touch.

Your agent can do real work the moment it starts.

Most integration layers just proxy other people's APIs. Connectors also ships a powerful built-in toolset. No setup, no glue code.

read_file
Read any file the agent has access to.
write_file
Create a file, or overwrite one.
edit_file
Make precise, surgical edits to an existing file.
run_shell
Run shell commands in a sandboxed environment.
search_content
Search across file contents, fast.
find_files
Find files by name or glob pattern.
web_search
Search the live web.
fetch_url
Fetch and read any URL as clean text.
scrape_site
Scrape any website, even pages behind JavaScript.

That's the toolset before you connect a single app. On top of it, Connectors gives your agent governed access to 3,000+ integrations.

3,000+ integrations, one interface

Every app, exposed the same way.

Same auth model, same schema shape, same audit trail, whether the system underneath is Slack or a 20-year-old ERP.

Browse all 3,000+ integrations

Available over MCP and as a plain API.

Add Connectors to Claude Code, Cursor, or any MCP client in one line, or call the HTTP API directly from any agent framework. Same tools, same scopes, same audit trail.

# Add Connectors to Claude Code, Cursor,
# or any MCP client, in one line.
claude mcp add canvas-connectors \
  --transport http \
  https://mcp.canvasx.ai/v1

# Your agent now has the built-in tools and
# 3,000+ integrations, governed.
# One governed call over plain HTTP.
curl https://api.canvasx.ai/v1/run \
  -H "Authorization: Bearer $CANVAS_KEY" \
  -d '{
    "tool": "slack.send_message",
    "args": { "channel": "#ops",
              "text": "Deploy is live." }
  }'

# Same tools, same scopes, same audit trail.

Questions

Before you connect anything, an agent gets a full working toolset: read, write, and edit files, run shell commands, search file contents, find files by pattern, search the web, fetch a URL, and scrape any site. Then Connectors adds 3,000+ app integrations on top, all through one interface.

Sign up and you get a sandbox with the built-in tools and a handful of connectors live the same day. Production access (full catalog, your own cloud, air-gapped deployment) opens after a short onboarding call, mostly so we can set up your environment correctly. Developer teams can start in the sandbox; enterprises typically start with a scoped pilot.

Two audiences. Developer teams building agents who want one toolset and one API instead of forty SDKs. And enterprises and consulting firms who need agents to act inside their stack without handing over the keys or losing the audit trail. The same tools and governance serve both. The difference is whether you call the API directly or run it as managed infrastructure.

More than 3,000 today, and the catalog grows weekly: messaging, docs, project tracking, CRM, support, and data warehouses. Every one is exposed through the same interface, with the same auth and audit behavior. If a tool has an API and we don't cover it, you can register a private connector against it and it gets the same scopes, audit, and treatment as the rest.

Every tool and every connector is scoped: per org, per agent, per user, per action. An agent can read a CRM but not write to it, run shell in a sandbox but not touch production, or message one Slack channel and no others. Every call is checked against those scopes before it runs, and side-effecting actions can require human approval before they fire. You set the scopes; the agent can't widen them. Change or revoke a grant and it takes effect on the next call.

Yes, on every call, whether built-in tool or integration. You get the tool, the arguments, the authorizing user, the timestamp, and the response, denied calls included. It's queryable and exportable to your own logging stack. This is the record your security and compliance teams read.

Yes. Connectors runs in your own cloud, or fully air-gapped with no outbound connection. Self-hosting puts the tools, the integration layer, the credentials, and the audit log inside your network and under your control. Nothing about how your agent calls it changes, so you build once and choose the deployment later. This is the configuration most banking, government, and consulting teams use for client work.

Your data stays in your systems. Connectors runs the tool and passes the result back to your agent. It isn't a place your data goes to live, and we don't train on it. Credentials are held in your secrets store, not ours. In the self-hosted and air-gapped modes, nothing leaves your network at all.

Yes. Connectors is a plain HTTP API with typed schemas, so it works with the Claude Agent SDK, the OpenAI SDK, LangChain, LlamaIndex, your own loop, or anything that can make a tool call. It's a layer your agents call, not an agent framework of its own. Canvas's own product, Sketch, runs entirely on it.

Yes. Connectors is available as an MCP server: add it to Claude Code, Cursor, or any MCP client in one line, and your agent gets the built-in tools and 3,000+ integrations through the same governed layer, with the same scopes and audit trail. Nothing to install.

Connectors is the action layer of Canvas Labs' Context Graph. Tools and integrations are grounded in your organization's real context (its people, projects, and history) so an agent picks the right tool and the right arguments instead of guessing. You can use Connectors on its own or with the graph underneath it.

Usage-based on the calls your agents make, with a free sandbox to build against. No per-seat fee, so adding agents or users doesn't change the bill. Self-hosted and air-gapped deployments add a flat platform fee, priced per environment. Tell us your expected call volume and we'll give you a number.

Pricing

Pay for calls, not seats.

You pay per call your agents actually run (built-in tool or integration) and nothing per user, so adding agents or users doesn't change the bill. Building and testing in the sandbox is free.

SandboxFree, the full toolset to build against
UsagePer call · no per-seat fee
Self-hosted & air-gappedFlat platform fee, priced per environment
Tell us your call volume, get a number

Give your agent hands.

Spin up the built-in tools, connect your first app, grant one scope, and watch the first action land in your audit log. Your cloud or fully air-gapped.

Get access