What’s an MCP connector—& how it fits the Apps SDK
- MCP is the open spec that standardizes “tools” your backend exposes (with JSON Schema for inputs/outputs). ChatGPT (and other LLM clients) can discover and call those tools during a conversation.
- In the Apps SDK, your MCP server not only runs the logic but can return structured results + component HTML, which the ChatGPT client renders as native UI (cards, carousels, fullscreen).
- You link that backend to ChatGPT by creating a connector in Developer Mode (Settings → Apps & Connectors → Create), pointing to your
/mcpendpoint over HTTPS.
Key constraint as of October 2025:
- OpenAI-built connectors: search/read-only (no writes).
- Custom MCP connectors: can include write/modify actions (with explicit user confirmations, admin review, and optional RBAC).
Where connectors run (and who can use them)
- Apps in ChatGPT (Apps SDK UI) are in preview for Plus/Pro/Go/Free; Business/Enterprise/Edu can use Developer Mode but Apps UI isn’t yet supported in those plans.
- Full MCP connectors (including writes) are rolling out in Business & Enterprise/Edu via Developer Mode, with confirmations for write actions and admin publishing.
Architecture at a glance
- ChatGPT client (Apps SDK surface)
- Connector → your MCP server (lists tools, executes
call_tool, enforces auth) - Downstream systems (Salesforce, HubSpot, internal APIs) via scoped OAuth and audited calls
- UI rendered inline from structured results/component HTML (cards, carousels, fullscreen)
Integration playbooks
A) Salesforce (CRM, cases, quotes)
Goal: read accounts/opps; optionally write new leads/cases.
- Auth model: Create a Salesforce Connected App and use OAuth 2.0 for token issuance. Your MCP server stores/refreshes tokens server-side.
- Expose tools (examples):
sf_search_accounts(query: string)→ SOQL query → returns normalized rowssf_create_case(subject, description, contactId, origin)→ POST/services/data/vXX.X/sobjects/Casesf_update_opportunity(id, stageName, amount)→ PATCH Opportunity
Define each tool with JSON Schema and mark write actions so ChatGPT can gate with confirmations.
- Endpoints & objects: Use the Salesforce REST API for CRUD on sObjects (Leads, Cases, Opportunities).
- Connector setup: Publish your MCP server over HTTPS, then create the connector in ChatGPT Developer Mode. Confirm write actions in-chat during testing.
- Governance: For Business/Enterprise/Edu, admins can enable Developer Mode, test, and publish to the workspace with warnings for write actions; RBAC is available in Enterprise/Edu.
Why it works well: MCP tools give you narrowly scoped, auditable entry points into SFDC; confirmations reduce risk for destructive operations.
B) HubSpot (contacts, deals, tickets)
Goal: surface contact context in-chat; create/update CRM records from a guided flow.
- Auth model: Use HubSpot OAuth with the minimum required scopes (e.g.,
crm.objects.contacts.read,crm.objects.contacts.write, deals/tickets as needed). - Expose tools (examples):
hs_get_contact(email)→ GET contacts v3hs_create_deal(name, amount, stage, associations[])→ POST deals v3hs_create_ticket(subject, content, pipeline, stage)→ POST tickets
Document inputs/outputs clearly in JSON Schema.
- UI flow: Use Apps SDK components to display a contact summary card (owner, lifecycle stage, last activity) with follow-ups (e.g., “Create deal” → invokes
hs_create_deal). Components run in an iframe and communicate viawindow.openai. - Testing & rollout: Add the connector in Developer Mode; verify discovery (“pick the right tool”), schema validation, and confirmation modals for writes.
C) Internal APIs (inventory, pricing, order creation)
Goal: wrap private services behind a secure MCP server.
- Design tools “contract-first”: Keep them small and single-purpose (e.g.,
inventory_lookup(sku),price_quote(sku, qty),create_order(payload)), each with JSON Schema contracts. - Auth: Prefer OAuth 2.1/OIDC or signed service tokens; never expose secrets in the component/browser—Apps SDK components run sandboxed and should call only your MCP, not third-party APIs directly.
- UI: Return structured results plus component metadata to render an inline quote/checkout; keep flows simple and action-oriented per design guidelines.
- Commerce (optional): If you plan in-chat checkout, map to OpenAI’s Agentic Commerce Protocol (ACP) for Instant Checkout.
Delivery plan (scoped for velocity)
Week 1 – Scope & contracts
Define the minimal set of read tools and a small number of write tools; enumerate OAuth scopes (Salesforce Connected App, HubSpot app).
Weeks 2–3 – Build & integrate
Implement the MCP server; wire OAuth; add Apps SDK components (cards/carousels) for the key flows.
Week 4 – Hardening & pilot
Run Developer Mode tests with confirmation modals; admin publish to a limited workspace; capture feedback and iterate.
Common pitfalls (and how to avoid them)
- Over-broad scopes. Start with read-only, then add writes with confirmations; auditors will ask why each scope is required.
- Putting secrets in the component. Components are sandboxed iframes; route all privileged calls through your MCP server.
- Assuming OpenAI-built connectors can write. They’re search-only today—build a custom MCP for writes.
- Skipping plan constraints. Apps UI isn’t yet supported in Business/Enterprise/Edu, even though full MCP is; plan your rollout accordingly.
RFP checklist (use with vendors)
- Show tool schemas (JSON) for Salesforce/HubSpot/internal APIs.
- List OAuth scopes to be requested (Salesforce Connected App; HubSpot app).
- Describe confirmation UX for write actions & admin review/publishing flow.
- Provide Apps SDK UI plan (cards/carousels/fullscreen) tied to specific tools.
- Outline Developer Mode test plan (discovery prompts, schema validation, mobile checks).
Why hire us
We design contract-first MCP connectors with least-privilege OAuth, production-grade logging, and Apps SDK UI that converts—plus an enterprise rollout plan using Developer Mode and admin publishing. All patterns above map directly to OpenAI’s official docs and help center guidance.