Skip to main content

Managing access

Open Settings → Connected apps in the web app to see every assistant currently connected to your account and revoke any you no longer want. Revoking takes effect immediately.

Need to write data back to Slothbox? That's the REST API's job. For light, occasional scripting a person can use their own seat key; for headless automation at scale, put the organization on the API plan and use an org-level service-account key. Either way, start with the Quickstart and the API reference.

:::info MCP is human-bound, not for headless automation Connected apps reach Slothbox through your own OAuth sign-in, and MCP access is read-only. It is not a channel for unattended automation at scale — there is no human OAuth session behind a CI job or an agent loop. For headless, no-human-present access, put the organization on the API plan and use an org-level service-account key; see the headless guide for how to authenticate. :::