Connector onboarding

Any LLM can be the brain. Mission owns the permission layer.

A user can work through Claude, ChatGPT, Gemini, or another model surface while Mission owns the workspace, connector vault, approval gates, and receipts. Each connector belongs to that user's own workspace. Mission reads and prepares work; external actions stay approval-gated.

1. Connect an LLM surface

Claude, ChatGPT/OpenAI, and future model clients can ask Mission for workspace status, missing connectors, approval packets, and draft preparation.

2. Open setup link

Mission returns a workspace-scoped link when Gmail, X, IG, LinkedIn, Calendar, or Drive is missing.

3. Approve consequences

Read and draft can happen after authorization. Send, post, DM, follow, delete, schedule, and spend require approval receipts.

Google OAuth

Gmail

Read inbox/sent context so Mission can find stale loops and prepare email drafts. Sending remains gated.

Google OAuth

Calendar

Read upcoming and recent events into meeting memory. Creating, moving, or deleting events requires explicit approval.

Google OAuth

Drive

Read file metadata and links for project context. File edits, sharing, and deletes stay blocked unless separately approved.

X OAuth or local browser

X

Read public/social context and prepare post or reply drafts. Posting, DMs, follows, likes, and deletes are approval-only.

Meta Business or local browser

Instagram

Use Meta/Graph APIs where available. Personal account automation should stay local, reviewed, and approval-gated.

OAuth or local browser

LinkedIn

Read profile/network context and prepare drafts. Connection requests, DMs, comments, reactions, and posts require approval.

Current product boundary: the MCP/API layer now exposes connector status, setup-link creation, connector listing, prepare-only email drafts, prepare-only social replies, and approval packet opening. Claude and ChatGPT are the current proof surfaces; Gemini and other LLM clients can follow the same account, connector, and Trust Graduation contract later. Provider OAuth credentials and write-capable social connectors are separate deployment gates; Mission should not fake them or reuse gomission's credentials for user workspaces.