Connect Forigi to Claude Code
Build apps by chatting with Claude.
One command to connect, then describe what you want. Claude builds the app, deploys it inside your Microsoft tenant, and gives you a URL to share with your team.
“Build me a one-page CRM that pulls our contacts from the SharePoint file Sales Team / Active Accounts, lets me add a private note for each contact, and share it with everyone on the sales team.”
Claude figures out which Forigi tools to call, builds the bundle, ships it. You get a working URL like sales-crm-a4f.app.forigi.com in under a minute.
Install Claude Code
Skip if you already have it (try `claude --version` to check).
npm install -g @anthropic-ai/claude-codeNo npm? Install Node.js LTS from nodejs.org first. macOS users can brew install anthropic/tap/claude-code instead.
Connect Forigi
One command. A browser tab will pop open for you to sign in with Microsoft and approve the scopes — same flow you'd use to grant any business app access to your account.
claude mcp add --scope user --transport http forigi https://app.forigi.com/api/mcpWhen you run that, Claude Code opens app.forigi.com in your browser. You sign in with the same Microsoft account you use for SharePoint, see exactly what Claude is asking to do, click Approve, and you’re done. The token never touches your terminal or shell history.
The --scope user flag makes Forigi available in every Claude Code session, regardless of which directory you run it from. Restart any open Claude Code sessions to pick it up.
You’re wired in. Try it.
Open Claude Code from any folder (just type claude) and ask one of these out loud:
- “Use Forigi to tell me who I am and what apps I have.”
- “Build a quick page that lists every active project from our SharePoint Projects file, with a search box. Deploy it to Forigi and share it with the engineering team.”
- “Pause my Q4 sales dashboard while I migrate the data — I'll resume it later today.”
- “Look at my Customer Notes app. Connect the SharePoint contacts file to it as 'contacts' and approve the schema if it's still pending.”
You don’t need to know which Forigi tools to invoke — Claude picks based on what you ask. Watch the terminal: you’ll see “Calling forigi_deploy_app…” etc. as it works.
The 12 things Claude can do for youReference — you don’t need to memorize this.▾
| Tool | What it does |
|---|---|
forigi_whoami | Confirms the connection and shows your workspace. |
forigi_list_apps | List your apps (or all of them, admin-only). |
forigi_get_app | Full details for one app: wirings, database tables, who has access. |
forigi_deploy_app | Ship a bundle to a new URL. Optional database manifest. |
forigi_redeploy_app | Replace an existing app's files. Keeps URL, wirings, database, and access intact. |
forigi_share_app | Grant access by email, Microsoft Object ID, or workspace-wide. |
forigi_set_app_chrome | Top-bar mode: full / popups-only / hidden (kiosk). |
forigi_pause_app | Show maintenance message; viewers can't open it. |
forigi_resume_app | Undo a pause. |
forigi_list_data_sources | See SharePoint and OneDrive sources you can wire into apps. |
forigi_wire_data_source | Connect a source to an app under a logical name like 'contacts'. |
forigi_approve_app_database | Provision a proposed database schema (admin-only). |
What Claude can’t do (yet)Things that need the dashboard or an admin.▾
Register a brand-new SharePoint or OneDrive file. That requires a Microsoft Graph token, which only your browser session has. Link the file once via the dashboard, then Claude can wire it into any number of apps.
Approve a database schema as a non-admin. App bundles can declare a database in forigi.json; provisioning needs a workspace admin to approve via the dashboard or call forigi_approve_app_database.
Touch apps you don’t own. Even with a token, Claude operates as you — same permissions, same access. Workspace admins can manage anything; everyone else manages their own apps.
TroubleshootingCommon stumbles and how to fix them.▾
claude. MCP servers added to user scope only load on session start. If a new session still doesn’t see Forigi, run claude mcp list — Forigi should appear in the user-scoped section.claude mcp remove forigi and re-add.npm install -g @anthropic-ai/claude-code, not npm run claude. The latter looks for a script in the local package.json — none exists, so it’s a safe no-op.Security & auditWhat happens to your token, what gets logged.▾
Tokens. Access tokens are short-lived (1 hour) and signed JWTs. Refresh tokens are 90-day, single-use, and rotate on every refresh — replay triggers immediate chain revocation. Both live only in your local Claude Code config (~/.claude.json).
Audit trail. Every tool call writes to your workspace audit log tagged via: mcp with the client name, so admins can see exactly what was done from where.
Bundle safety. Bundles deployed via MCP go through the same validation and security policy as dashboard uploads — zip-bomb defense, SVG-XSS blocking, and your workspace’s bundle-pattern policy.
Revocation. Instant from API tokens. Any tool using a revoked token loses access on its next request.
Headless / CI: connect with a Personal Access TokenFor automation environments where a browser-based sign-in isn’t practical.▾
For interactive use, the OAuth flow above is the right path — shorter-lived tokens, automatic refresh, browser-confirmed consent. But CI runners, build agents, and pre-shared bot accounts can’t pop a browser; for those, we issue long-lived Personal Access Tokens.
- Open Settings → API tokens, click Create token, name it (e.g. “CI: deploy-bot”), pick the minimum scopes the job needs, and copy the value.
- Paste it below. We’ll generate the exact
claude mcp addcommand:
claude mcp add --scope user --transport http forigi \
https://app.forigi.com/api/mcp \
--header "Authorization: Bearer forg_pat_…"Paste the copied line into your terminal and hit Enter. Claude Code will report “Added HTTP MCP server forigi…” — that’s the success signal.
Treat the token like a password. Required expiry is 90 days, max — pre-rotation is your problem.