Connect Saviqo to ChatGPT or any MCP client
Saviqo exposes your finance workspace as a protected remote MCP server. ChatGPT and other MCP-supported clients can connect with OAuth, open the Saviqo consent screen, receive scoped MCP tokens, and refresh access without asking you to paste short-lived session tokens.
Use this page as the single public setup guide for Saviqo finance auth in ChatGPT, custom ChatGPT MCP connectors, developer-mode clients, and other remote MCP clients that support OAuth authorization code flow.
Production endpoints
Remote MCP server URL:
https://api.saviqo.in/mcpOAuth and discovery metadata:
https://api.saviqo.in/.well-known/oauth-protected-resource
https://api.saviqo.in/.well-known/oauth-authorization-serverOAuth endpoints advertised by Saviqo:
https://www.saviqo.in/oauth/authorize
https://api.saviqo.in/oauth/register
https://api.saviqo.in/oauth/token
https://api.saviqo.in/oauth/revokeUser access management:
https://www.saviqo.in/settings/agentsConnect in ChatGPT
OpenAI supports remote MCP servers in ChatGPT connectors and documents OAuth-backed custom MCP setup in its MCP and developer-mode guidance:
To connect Saviqo:
- Open ChatGPT settings.
- Open Apps & Connectors or Connectors.
- If your plan or workspace requires it, enable Developer mode from the advanced connector settings.
- Create or add a custom remote MCP connector.
- Enter
https://api.saviqo.in/mcpas the MCP server URL. - Choose OAuth authentication if ChatGPT asks for an authentication method.
- Let ChatGPT open the Saviqo authorization screen.
- Sign in to Saviqo, review the requested scopes, and approve access.
- Return to ChatGPT and enable the Saviqo connector for a conversation.
- Test with a read-only prompt such as:
Summarize my monthly budget from Saviqo.
If you are in a Business, Enterprise, or Edu workspace, an admin or owner may need to create, review, or publish the custom connector before other members can use it. ChatGPT UI labels can change, but the required Saviqo value is the same remote MCP URL: https://api.saviqo.in/mcp.
Connect from any OAuth-capable MCP client
Use these settings for any MCP client that supports remote Streamable HTTP MCP plus OAuth:
| Setting | Value |
|---|---|
| Transport | Streamable HTTP |
| MCP server URL | https://api.saviqo.in/mcp |
| Protected resource metadata | https://api.saviqo.in/.well-known/oauth-protected-resource |
| Authorization server metadata | https://api.saviqo.in/.well-known/oauth-authorization-server |
| OAuth flow | Authorization code with PKCE |
| Dynamic client registration | Supported at https://api.saviqo.in/oauth/register |
| Token endpoint auth | Public client, none |
| Refresh tokens | Supported with rotation |
| Revocation | Supported at https://api.saviqo.in/oauth/revoke |
Recommended client flow:
- Fetch the protected resource metadata.
- Read the advertised authorization server.
- Register a client dynamically, or use an already registered client ID.
- Open the Saviqo authorization URL with the requested scopes and PKCE challenge.
- Exchange the authorization code at
https://api.saviqo.in/oauth/token. - Call
https://api.saviqo.in/mcpwith the returned bearer access token. - Refresh tokens through
grant_type=refresh_tokenbefore or after access token expiry. - Send the user through authorization again if refresh fails.
Available scopes
The public OAuth metadata advertises read scopes first:
budget.readanalytics.readstatements.readgoals.readplans.read
When write tools are enabled for a deployment, Saviqo may also expose guarded write tools that require write scopes such as expenses.write. Write tools are not plain background automation. They use preview-and-apply inputs, idempotency keys, audit metadata, and explicit user approval before applying financial changes.
What connected clients can do
Read tools can summarize and inspect Saviqo finance data for the signed-in user, including budgets, cashflow, spending categories, statement imports, bank transactions, savings goals, and plans.
If write tools are available, clients can request guarded expense actions such as creating, updating, deleting, or restarting an expense. Use preview mode first. Do not ask a client to apply a write unless you understand the proposed change and intentionally approve it.
Token renewal
Saviqo issues short-lived opaque MCP access tokens and refresh tokens for approved OAuth clients. Compatible clients should call the token endpoint to refresh access:
https://api.saviqo.in/oauth/tokenRefresh tokens rotate. Store the latest refresh token returned by Saviqo and replace the old one immediately. If a token is revoked, expired, or rejected, open the Saviqo authorization screen again.
Revoke access
Open Saviqo and go to Settings > Connected Agents:
https://www.saviqo.in/settings/agentsFrom there you can review connected clients and revoke an agent that should no longer access your Saviqo account. Revocation prevents the client from refreshing access and invalidates the connection.
Manual token fallback
OAuth is the recommended path for ChatGPT and remote MCP clients.
Manual MCP bearer tokens are only for trusted local bridges or clients that cannot complete OAuth. Treat a manual token like an account credential, do not paste it into untrusted tools, and prefer revoking or regenerating it if it may have been exposed.
Troubleshooting
If ChatGPT says custom connectors are disabled, enable developer mode or ask your workspace admin to enable custom MCP connector creation.
If ChatGPT or another client reports an MCP specification error, verify the server URL is exactly https://api.saviqo.in/mcp, then refresh the connector so the client reloads Saviqo tool metadata.
If authorization succeeds but the connector later expires, reconnect from the Saviqo authorization link. A compatible client should use refresh-token rotation automatically, but reconnecting creates a new approved connection when refresh is no longer possible.
If write tools do not appear, the Saviqo deployment may have write tools disabled or the client may not have requested the needed write scope. Read tools are the default public surface.