Airlock includes 50+ pre-built integrations that let you connect AI agents to popular services without writing an OpenAPI spec. Most are MCP proxies that route tool calls to the service's own upstream MCP server; a couple of services that don't offer their own MCP server yet are proxied through an Airlock-hosted MCP server instead.
The categories below highlight commonly-used integrations. The complete, up-to-date list is what you see under Integrations in the Control Room.
Available Integrations
Code & Project Management
| Integration | Auth Type | Description |
|---|---|---|
| GitHub | Built-in OAuth | Repository, pull request, and issue management |
| GitLab | OAuth | Repository, merge request, and CI/CD management |
| Linear | OAuth | Issue and project tracking |
| Atlassian | OAuth | Jira issues and Confluence pages |
| Todoist | OAuth | Task and project management |
| CodeRabbit | OAuth | AI code reviews, reports, and review metrics |
| Figma | OAuth | Design files, components, styles, and project data |
| Holmes | OAuth | AI QA — inspect test runs, file issues, and surface pipeline suggestions |
CRM & Sales
| Integration | Auth Type | Description |
|---|---|---|
| HubSpot | OAuth (manual setup) | CRM contacts, deals, and sales pipeline |
| Showpad | OAuth (manual setup) | Sales content and enablement |
| Lemlist | OAuth | Sales engagement, outreach campaigns, and sequences |
| Apollo.io | OAuth | Prospect search, contact and company enrichment, and outbound sequences |
| Attio | OAuth | CRM contacts, companies, deals, and custom objects |
| FullEnrich | OAuth | B2B contact enrichment — verified emails and phone numbers via waterfall enrichment |
| HeyReach | API Key | LinkedIn outreach automation — campaigns, leads, and sender accounts |
| Instantly | API Key | Cold email outreach — campaigns, leads, email accounts, and analytics |
| Coresignal | API Key | Firmographic, technographic, and employee data for B2B intelligence |
| Sumble | API Key | Sales intelligence and B2B prospecting data |
Meetings & Communication
| Integration | Auth Type | Description |
|---|---|---|
| Slack | Built-in OAuth | Search messages, files, channels, and users; send messages; manage canvases; and add reactions |
| Google Calendar | Built-in OAuth | Calendar events and scheduling |
| Gmail | Built-in OAuth | Read, send, and manage emails |
| Zoom | OAuth (manual setup) | Meetings, recordings, and participants |
| Fathom | OAuth | Meeting recordings and transcripts |
| Granola | OAuth | Meeting notes and action items |
| Krisp | OAuth | Meeting transcripts and summaries |
Infrastructure & Deployment
| Integration | Auth Type | Description |
|---|---|---|
| Vercel | Built-in OAuth | Deployments, projects, domains, and build logs |
| Supabase | OAuth | Databases, storage, and edge functions |
| Dagster+ | API Key | Data orchestration — assets, pipeline runs, and job launches |
| AWS | SigV4 (not yet supported) | 15,000+ AWS APIs, documentation, and guidance (coming soon) |
Monitoring & Analytics
| Integration | Auth Type | Description |
|---|---|---|
| Sentry | OAuth | Error monitoring and performance tracking |
| PostHog | OAuth | Product analytics and feature flags |
| Datadog | API Key | Logs, metrics, alerts, and incident management |
| Aikido | API Key | Security issue tracking across code, cloud accounts, and containers |
Payments
| Integration | Auth Type | Description |
|---|---|---|
| Stripe | OAuth | Payments, subscriptions, invoices, and customers |
| Polar | OAuth | Products, pricing, checkouts, and license keys |
Documentation & Data
| Integration | Auth Type | Description |
|---|---|---|
| Google Drive | Built-in OAuth | Files, folders, and Docs/Sheets content |
| Dropbox | OAuth | Files and folders in your Dropbox account |
| Notion | OAuth | Pages, databases, and workspace content |
| Context7 | OAuth | Library and framework documentation |
| Ref | OAuth | API and library documentation |
| Airbyte | OAuth | Data integration documentation and guides |
| Google Workspace | OAuth | Google Workspace developer documentation, APIs, and code samples |
| Bright Data | API Key | Web scraping, search, and data extraction |
| Firecrawl | API Key | Web scraping, crawling, search, and structured data extraction |
| Apify | OAuth | Web scraping, data extraction, and ready-made Actors from the Apify Store |
| RapidAPI | API Key | Thousands of APIs from the RapidAPI Hub |
| Cognee | API Key | Persistent AI memory — knowledge graphs and cross-conversation context |
| Unblocked | API Key | Team context across Slack, Jira, Confluence, and GitHub |
Automation
| Integration | Auth Type | Description |
|---|---|---|
| Zapier | OAuth | Run your connected Zapier actions across 8,000+ apps (Gmail, Slack, Google Sheets, HubSpot, and more) as MCP tools |
HR & Recruiting
| Integration | Auth Type | Description |
|---|---|---|
| Ashby | API Key | Candidates, jobs, applications, interviews, and offers |
ERP
| Integration | Auth Type | Description |
|---|---|---|
| Dynamics 365 | OAuth (manual setup) | Microsoft Dynamics 365 finance, supply chain, and operations data |
| Odoo | API Key | Odoo ERP/CRM — contacts, leads, sales orders, products, and any model across Sales, Inventory, Accounting, and Project |
Forms & Email Validation
| Integration | Auth Type | Description |
|---|---|---|
| Tally | OAuth | Form creation and submission management across workspaces |
| ZeroBounce | API Key | Email validation, deliverability checks, and contact discovery |
Airlock-hosted MCP Integrations
A few services don't expose their own MCP server yet, so Airlock hosts one for them. These are still MCP proxies — they forward tool calls to an Airlock-hosted MCP server rather than a vendor-run one — and you connect them with an API key entered on the integration's detail page.
| Integration | Auth Type | Description |
|---|---|---|
| PhantomBuster | API Key | Browser automation — manage agents, containers, leads, and scripts |
| BounceBan | API Key | Email verification — deliverability, disposable detection, and bulk validation |
| Odoo | API Key | Odoo ERP/CRM — record management over any Odoo model (connect with your Odoo login and an API key) |
Authentication Types
Built-in OAuth
Integrations marked Built-in OAuth (GitHub, Slack, Google Calendar, Gmail, Google Drive, Vercel) have pre-configured OAuth credentials managed by Airlock. Users simply click Connect and complete the authorization flow — no setup required.
Standard OAuth
Most integrations use standard OAuth. When you add the integration, Airlock handles the OAuth flow with the upstream service. Users click Connect on the integration's detail page to authorize access.
Manual OAuth Setup
HubSpot, Showpad, Zoom, and Dynamics 365 require you to create your own OAuth application in the service's developer portal first, then enter the client credentials in Airlock. For Dynamics 365, this is a Microsoft Entra ID app registration with Dynamics 365 API permissions. The wizard shows the redirect URI to register and links to each provider's setup guide.
API Key
Many integrations — including Datadog, Firecrawl, RapidAPI, Dagster+, Aikido, ZeroBounce, PhantomBuster, BounceBan, and Odoo — use API key or bearer token authentication. Generate a key in the service's settings and enter it on the integration's detail page.
Additional Setup
Some integrations need one extra detail when you add them, on top of credentials:
- Showpad and Cognee ask for your workspace subdomain (for example,
your-companyforyour-company.showpad.com). - Dynamics 365 asks for your environment name.
- Odoo asks for your instance host and database name.
- Dagster+ asks for your deployment URL.
- RapidAPI asks for the API host of the specific API you want to call.
Airlock prompts for these when you add the integration.
Adding an Integration
- Open Integrations in the Control Room
- Select the integration from the catalog
- Follow the prompts to add it — the integration is ready to configure
- Go to the integration's detail page and connect your account (OAuth flow or API key)
- Configure policies for the tools
- Copy the MCP URL and add it to your AI client
Syncing Tools
Airlock keeps each integration's tool list aligned with its upstream MCP server, both automatically and on demand.
Automatic detection. On a schedule, Airlock checks your connected integrations for upstream tool changes — tools that were added, removed, or changed. When it finds any, it records a notification and auto-hides newly-added tools until an admin reviews them, so new capabilities never reach agents without sign-off.
Where it shows up. Admins see a notification in the bell menu in the top navigation bar, with an unread count. Opening it lists each integration that changed, along with the added / removed / changed counts; clicking an entry opens that integration's Tools tab, where you review the changes, unhide tools, and re-sync. (The bell is shown to admins only.)
Manual sync. You can refresh an integration's tools yourself at any time: open its detail page, go to the Tools tab, and click Sync Tools. Do this after editing a custom OpenAPI spec, or whenever you want to pull the latest upstream tools immediately.
GitHub is synced manually. Automatic detection isn't available for GitHub integrations — GitHub issues single-use connection tokens that Airlock can't safely reuse from a background job, so it never syncs GitHub on a schedule. After connecting GitHub, and whenever its tools change, refresh them yourself with Sync Tools on the integration's Tools tab.