The MCP server now uses OAuth exclusively. Stdio transport and API key authentication (tk- keys) have been removed. Just point your MCP client to https://mcp.kadoa.com/mcp and sign in — no API keys, no local install, no config files.

Reliability improvements

• Stateless HTTP transport: The server now survives deploys without disconnecting users. No more "Session not found" errors after updates.
• Persistent sessions: JWT token refreshes and team switches are now persisted to Redis, so they survive across requests. Previously, switching teams or refreshing an expired token could be lost between requests.

Expanded notification options

• Webhook authentication: Secure your webhook channels with bearer tokens, basic auth, or custom headers
• Slack OAuth integration: Use slackChannelId and slackChannelName to select channels via OAuth, in addition to legacy webhook URLs
• WEBSOCKET channel type: Enable programmatic real-time notification consumption
• Custom email recipients: Pass specific email addresses when creating workflows with notifications
• New event types: workflow_health_degraded, workflow_recovered, workflow_export_completed, workflow_validation_anomaly_change

MCP server documentation ->