Domain 3 · Task Statement 3.2
Connectors: Integrating Productivity Tools
TL;DR
Master the OAuth authentication flow for MCP Connectors, configure granular read/write permissions, understand MCP Apps for interactive UI, and manage connector lifecycle including enterprise provisioning.
What You Need to Know
Connectors are the bridge between Claude and the rest of your tech stack. Without them, Claude is limited to files on your local machine and whatever you paste into the conversation. With them, Claude can pull data from Salesforce, post to Slack, read your Google Calendar, update Jira tickets, and interact with dozens of other services — all without you leaving the Cowork interface.
But Connectors aren't a blank cheque. Every connector enforces a security model, requires explicit authentication, and operates within permission boundaries you control. Understanding how that model works is what separates competent Cowork users from people who either lock themselves out of useful capabilities or grant more access than they intended.
The OAuth authentication flow
When you install a Connector, you're not giving Claude your password. The process works like a hotel key card system. You check in once through a secure OAuth flow — a browser window opens, you authenticate directly with the external service (Google, Slack, Salesforce), and the service issues a scoped access token. That token tells the service exactly what Claude is allowed to do: read-only access to one folder, read-write access to a specific Slack channel, or full access to a CRM pipeline.
Claude never sees your credentials. It holds the token, and the token can be revoked at any time from the Connector settings in Cowork.
Exam Trap: Connectors Use Tokens, Not Passwords
Any exam option that describes Claude "storing your password" or "remembering your login credentials" for an external service is wrong. The OAuth model means Claude receives a scoped access token — never your actual password. This is a fundamental security property of the MCP Connector architecture.
Installation and authentication are separate steps
This trips up more people than you would expect. Installing a Connector from the Browse Plugins menu adds it to your Cowork environment, but it can't do anything until you complete the browser-based OAuth flow. Installation is like plugging in a new appliance. Authentication is like turning on the power. Skip the second step and every request to that Connector will fail — either silently or with an authentication error.
The exam tests this directly. If a scenario describes someone installing a Connector and immediately trying to query data, and the query fails, the answer is almost always "they didn't complete the authentication step."
Granular permission controls
"Granular" means you choose exactly what Claude can do. A Google Drive Connector might offer:
- Read-only access to your entire Drive
- Read-write access to a specific folder
- Full access including shared drives
These aren't all-or-nothing choices. You select the scope during the OAuth flow, and you can change it later in the Connector settings. The principle is the same as folder scoping in Domain 2: grant the minimum permissions needed for your task, not the maximum available.
Start Read-Only, Upgrade Later
When connecting a new service for the first time, choose the most restrictive permission set available. You can always upgrade to read-write later if your workflow requires it. Starting with full access "just in case" violates the principle of least privilege and creates unnecessary risk.
If you only authorised access to "My Drive" during the OAuth flow, Claude can't see shared drives, other users' files, or organisation-wide folders. This catches people out regularly — they install the Google Drive Connector, assume it can see everything, and then wonder why Claude reports "no files found" when asked to search a shared team folder. Review and adjust permissions in the Connector settings if broader access is genuinely needed.
MCP Apps: interactive UI inside the conversation
Standard Connectors return data as text — Claude describes your Jira board, lists your calendar events, or summarises your Slack messages in paragraph form. MCP Apps go further. They render interactive UI components directly inside the Claude conversation.
Instead of Claude describing your Asana board in text, an MCP App shows the actual board — drag-and-drop task cards, editable fields, live status indicators. Think of it as picture-in-picture mode for your favourite productivity apps, embedded right in the chat window. You can update a task deadline, reassign a ticket, or approve a pull request without switching to another application.
MCP Apps aren't proprietary to Claude. They use the open MCP standard and are supported by multiple AI clients, including VS Code and other development tools. Any exam option claiming MCP Apps only work inside Claude is a distractor.
Enterprise provisioning
In team and enterprise environments, individual setup gives way to centralised control. IT administrators can pre-install and configure Connectors for all users automatically — provisioning the Salesforce connection, the Slack integration, and the Google Workspace suite before anyone logs in for the first time.
This serves two purposes: it reduces onboarding friction (new team members start with working Connectors from day one) and it enforces consistent security policies (the admin sets the permission boundaries, not each individual user). Enterprise provisioning is covered in more depth in Domain 6, but the exam expects you to know it exists here in Domain 3.
Connector lifecycle: tokens expire
OAuth tokens aren't permanent. External services can revoke them, sessions can time out, and security policies can force re-authentication. When a Connector stops working unexpectedly, the first diagnostic step is always: check whether the token is still valid and re-authenticate if needed.
Connector tokens are also tied to your authenticated Cowork session. Log out, switch devices, or clear your session, and Claude loses access to the stored tokens. You must be logged into the same Cowork account that authorised the Connector for it to function.
Common Mistakes
Common Mistake
Installing a Connector from the Browse Plugins menu and immediately trying to query data — without completing the browser-based OAuth authentication flow.
Instead: After installation, watch for the browser authentication prompt. Complete the OAuth flow, verify the Connector shows 'Connected' in the sidebar, and only then start querying data.
Common Mistake
Assuming that installing a Google Drive Connector gives Claude access to every file in the organisation's shared drives, team folders, and other users' documents.
Instead: Permissions are scoped to exactly what you authorised during the OAuth flow. If you only granted access to 'My Drive,' shared drives are invisible. Review and adjust permissions in Connector settings if broader access is needed.
Common Mistake
Granting full read-write access to every Connector 'just in case' — even when your current workflow only requires read access.
Instead: Start with the most restrictive permission set that your task actually needs. Upgrade to read-write only when a specific workflow requires writing or posting to the external service.
Querying an external service
Before
Claude, go find my login for Salesforce and tell me the latest lead.
After
Using my Salesforce Connector, pull all leads created this week and highlight any that haven't been contacted yet.
Posting to a team channel
Before
Send something to my team on Slack about the project.
After
Using the Slack Connector, post a status update to #project-alpha summarising the three action items from today's meeting notes in my Cowork folder.
Hands-On Activity
Hands-On Activity
Connect and Interact with a Productivity Tool
Install a Connector, complete the OAuth authentication flow, test both read and write operations, and verify the results in the external service. This activity walks you through the complete Connector lifecycle — from installation to live data retrieval to outbound action.
What you will learn
- Complete the full OAuth authentication flow for an MCP Connector
- Verify that read operations retrieve live data from the external service
- Test a write operation and confirm the result appears in the external service
- Understand the confirmation prompt that Cowork shows before taking external actions
- 01
In Claude Cowork, navigate to Customise > Browse Plugins and search for Slack (or another tool you use daily — Google Calendar, Notion, or Jira all work).
Why: Starting with a tool you already use makes the Connector's value immediately tangible — you'll see real data you recognise.
Expected: The Connector listing with its description, required permissions, and an Install button.
- 02
Install the Connector and complete the browser-based OAuth authentication flow. Review the permissions being requested before clicking Allow.
Why: This is the security checkpoint. Understanding exactly what you're granting — read access, write access, which channels or calendars — is a core exam topic and a real-world best practice.
Expected: A browser tab showing the service's OAuth consent screen with specific permission requests listed. After granting, the Connector shows Connected in your sidebar.
- 03
Return to Claude and ask: Show me my recent mentions in Slack (or the equivalent for your chosen tool — List my meetings this week for Calendar, Show my recent pages for Notion).
Why: This tests the Connector end-to-end: authentication, data retrieval, and presentation. If the Connector is MCP App-enabled, you may see interactive elements rather than plain text.
Expected: Claude returns real data from your external service — data it couldn't access before the Connector was installed and authenticated.
- 04
Try a write operation: Post a message to #general saying: Testing my Cowork connector setup. Then check the actual channel or app to verify.
Why: Read access alone is only half the picture. Testing a write operation confirms the permission scope and shows you the confirmation flow Cowork uses before taking external actions.
Expected: Claude asks for confirmation before posting. After you approve, the message appears in the actual channel. If your permissions are read-only, Claude will tell you it lacks write access — that's the permission model working correctly.
Practice Question
Practice Question
A Marketing Manager needs to update a campaign timeline in Asana. They have the Asana Connector installed with MCP App support. What is the primary benefit of using the MCP App-enabled Asana Connector over a plain text Connector?
Sources
- Use plugins in Cowork — Anthropic
- Get started with Cowork — Anthropic
- Claude Cowork Guide 2026: Skills, Plugins, Connectors — FindSkill.ai