Capability

Integrations

The installer. Browse the catalog, click Install, authenticate, and the integration's actions appear on the Actions page.

Integrations is the installer. It's separate from Actions on purpose: Actions is the runtime surface (what operators can do right now), Integrations is the setup surface (how new actions get there).

The catalog lives at /integrations. Pick a provider, click Install, do the OAuth dance or paste an API key, and you're done — the integration's actions register into the flat Actions list automatically.

Three flavours

1. HTTP integrations (first-party / curated)

REST APIs Guilde has wrapped: HubSpot, Stripe, Linear, GitHub (the HTTP variant), Brevo, Mercury, etc. Most use OAuth, a few use API keys.

2. MCP integrations

MCP servers — remote tool catalogs over the open Model Context Protocol. Install one MCP server and you get dozens or hundreds of actions at once (the GitHub MCP server adds 90+).

3. Built-in

Browser, Canvas, Knowledge, Work Items, Vault — first-party providers that don't need installation; they're always on. They show up in the Actions list under the Built-in filter.

Installing an integration

Common path:

  1. Find it — search the catalog, or pick from a category (CRM, Payments, Code, Comms, Drive, Calendar, Analytics, Ads, Cloud, Database).
  2. Install — most integrations are one OAuth click. A few paste an API key or service-account JSON.
  3. Scope — pick which actions are enabled (you don't have to enable everything; the OAuth scope and the action allowlist are independent).
  4. Wire to operators — by default no operator has access; grant per-operator or per-role from the Actions page.

User vs guild ownership

An integration belongs to you (the user who installed it). To use it in a guild, attach it from the guild's integrations page. This separation matters because the OAuth grant lives at the user level; the guild attachment is the policy layer.

For org-level shared integrations (where multiple guilds in an org should all use the same provider credentials), use the org settings → Connectors tab. Org-level integrations are inherited by every guild in the org.

OAuth vs API key vs service account

Most modern providers use OAuth — the scoped, revocable, modern path.

A few legacy services (SMTP, custom internal APIs) need a manual API key. Paste it in the install dialog; it's stored encrypted at rest.

A handful (Google Cloud, AWS) support service-account JSON when OAuth isn't a fit. Same encrypted storage.

The integration page tells you which method it needs.

Refreshing & revoking

OAuth tokens auto-refresh while they're valid. If a refresh fails (you revoked from the SaaS side, scope change, etc.) the integration's status flips to expired and operators using its actions surface an error in the conversation. Re-authenticate from the integration row's Reconnect.

To revoke entirely: integration row → Revoke. Guilde deletes its tokens. The third-party still remembers the grant — revoke from their side too if you're being thorough.

What's next

Actions

The flat list of every tool method your operators can run — built-in, MCP, and integration-provided, side by side.

MCP servers

Use Model Context Protocol servers as a capability source. Bring your own tools, or pull from the open ecosystem.

On this page

Three flavoursInstalling an integrationUser vs guild ownershipOAuth vs API key vs service accountRefreshing & revokingWhat's next