Skip to main content
Productlane ships a Model Context Protocol server so AI clients (Claude, Cursor, VS Code, and any MCP-compatible app) can read and act on your workspace directly. Every v2 endpoint is exposed as a tool, so the agent can list threads, send messages, file issues, publish changelogs, and manage docs without you writing any glue code.

Endpoint

https://productlane.com/api/mcp
The server speaks Streamable HTTP. One endpoint handles everything: POST for JSON-RPC calls, GET for the optional notification channel.

Authentication

The MCP server uses the same bearer token as the rest of the v2 API. There’s no separate login - mint a v2 key and pass it as the Authorization header.
  1. Open Settings → Integrations → API.
  2. Click Create API key and pick the scopes you want the agent to have.
  3. Copy the secret (pl_v2_...). It’s shown once.
The key’s scopes decide which tools the agent can call. A read-only key (threads:read, docs:read, …) exposes only the read tools; a key without admin hides member management. Mint a narrow key when you want the agent limited to a subset of your workspace. See Authentication for the full scope list. v1 keys (pl_v1_*) are rejected with 410 unsupported_key_version. Mint a v2 key.

Connect a client

Claude (Desktop, Code, web)

Add Productlane as a custom connector and paste your key as the bearer token. 
{
  "mcpServers": {
    "productlane": {
      "url": "https://productlane.com/api/mcp",
      "headers": {
        "Authorization": "Bearer pl_v2_..."
      }
    }
  }
}

Cursor

Settings → MCP → Add new MCP server, then use the same url + Authorization header shown above.

Any MCP client

Point the client at https://productlane.com/api/mcp over Streamable HTTP and send Authorization: Bearer pl_v2_... on every request. The server is stateless, so each request re-authenticates against the key; there’s no session to keep alive.

What the agent can do

Tools are generated from the v2 API, so the catalogue tracks the endpoint reference one-to-one. Tool names are the resource and action in snake_case:
ResourceExample tools
Threadsthreads_list, threads_get, threads_send_message, threads_update
Contactscontacts_list, contacts_create, contacts_update
Companiescompanies_list, companies_create, companies_update
Projectsprojects_list, projects_create, projects_list_statuses
Issuesissues_list, issues_create, issues_list_workflow_states
Tagstags_list, tags_create, tags_create_group
Changelogschangelogs_list, changelogs_create, changelogs_broadcast
Docsdocs_list_articles, docs_create_article, docs_create_draft
Portalportal_get_roadmap, portal_get_customer_portal
Membersmembers_list, members_invite, members_update_role (need admin)
Identityme_get
A tool call is forwarded to the matching v2 endpoint, so the same scopes, rate limits, plan gating, and error envelope apply. If the agent calls a tool the key lacks scope for, it gets back 403 scope_required naming the missing scope.

List size and pagination

List tools return up to 25 items per call by default (lower than the REST default of 50, to keep responses inside an agent’s context window). Each response carries a page.cursor; pass it back as cursor to fetch the next page, and raise limit up to 200 when you want larger pages. The defaults are stated in each list tool’s description so the client knows to paginate rather than assume it has everything.

Verify the connection

Ask the client to call me_get. It returns the workspace, key id, and granted scopes: 
{
  "workspace_id": "wks_abc123",
  "api_key_id": "key_def456",
  "scopes": ["threads:read", "threads:write", "docs:read"],
  "linear_team_ids": ["lt_..."],
  "default_linear_team_id": "lt_..."
}
If the call fails with 401 unauthenticated, the header is missing or the key was revoked. If it returns 410 unsupported_key_version, you passed a v1 key.

Rate limits

MCP tool calls count against the same per-key limits as the REST API: 1000 reads/min and 60 writes/min by default. See Rate limits.

Revoke access

Revoke the key in Settings → Integrations → API. Every connected client using it stops working immediately. To rotate, mint a new key, update the client config, then revoke the old one.