Skip to content
MCP · Claude · ChatGPT · Cursor · Gemini

MCP Servers for Claude, ChatGPT, Cursor & Gemini — PII-Safe by Default

Six hosted MCP servers that give any MCP-compatible AI client read-and-act access to email, calendar, drive, docs, sheets, and tasks — with redaction, scoped tokens, and a full audit log enforced on every tool call.

See pricing

Free tier · No credit card required

Maps to
SOC 2
GDPR
HIPAA
CCPA
EU AI Act
Drop-In Configuration

Six Servers, One JSON Block.

claude_desktop_config.json
{ 
  "mcpServers": { 
    "porteden-email": { 
      "url": "https://mcp.porteden.com/email", 
      "headers": { "Authorization": "Bearer ${PE_API_KEY}" } 
    }, 
    "porteden-calendar": { 
      "url": "https://mcp.porteden.com/calendar", 
      "headers": { "Authorization": "Bearer ${PE_API_KEY}" } 
    }, 
    "porteden-drive": { 
      "url": "https://mcp.porteden.com/drive", 
      "headers": { "Authorization": "Bearer ${PE_API_KEY}" } 
    } 
  } 
}
Same shape works for Claude Desktop, Cursor, and any MCP-compatible client. ChatGPT and Gemini use Connectors; setup is one click. Read the MCP docs
Connect From Any AI Client

Six Servers, Every Way to Reach Them.

claude_desktop_config.json
{ 
  "mcpServers": { 
    "porteden-email": { 
      "url": "https://mcp.porteden.com/email", 
      "headers": { "Authorization": "Bearer ${PE_API_KEY}" } 
    }, 
    "porteden-calendar": { 
      "url": "https://mcp.porteden.com/calendar", 
      "headers": { "Authorization": "Bearer ${PE_API_KEY}" } 
    }, 
    "porteden-drive": { 
      "url": "https://mcp.porteden.com/drive", 
      "headers": { "Authorization": "Bearer ${PE_API_KEY}" } 
    } 
  } 
}

Edit ~/Library/Application Support/Claude/claude_desktop_config.json (macOS) or %APPDATA%\Claude\claude_desktop_config.json (Windows), then restart.

All connect-to-X guides →
The Risk

What Goes Wrong Without PortEden

The Default MCP Server Hands Over Raw Inbox Content

Most reference MCP servers proxy Gmail or Microsoft Graph as-is. The model gets every reply, every attachment, every PII string in the clear — and you've effectively given Anthropic or OpenAI a copy of your customer's mailbox.

Each AI Client Wants a Different Connector Spec

Claude Desktop wants `mcpServers` JSON. ChatGPT wants Connectors. Cursor wants its own MCP config. Gemini wants Vertex extensions. Copilot wants M365 plugins. Six configs, six auth flows, six sets of tool descriptions to keep in sync.

Tool-Use Has No Audit Trail You'd Show a Compliance Reviewer

Once Claude or ChatGPT decides to call a tool, you have a transcript at best. You can't reconstruct what arguments the model passed, what the tool returned, or whether redaction fired — let alone export it to your SIEM as part of a quarterly review.

How MCP Calls Stay Safe

Tool Inputs and Outputs, Redacted at the Server.

PortEden's MCP servers run the redaction classifier on every tool response before the model sees it. The model reasons over placeholders; raw PII never reaches Anthropic, OpenAI, or Google.

Your data
PortEdenRedact
Your AI
Claude
ChatGPT
Copilot
Gemini
Grok
Safe
Sensitive
Redacted
The Solution

Built For MCP Servers

Redaction Inside Every Tool Response

Before the MCP server hands a result back to the model, the response body passes through the same 50+ identifier classifier as the REST API. The model reasons over placeholders; the underlying values never enter Anthropic's or OpenAI's context window.

Six Hosted Servers — Email, Calendar, Drive, Docs, Sheets, Tasks

Gmail + Outlook in one server. Google Calendar + Microsoft Calendar in one. Google Drive + OneDrive + SharePoint in one. Google Docs, Google Sheets, and a cross-tool tasks server (Jira, Asana, Monday, Linear, Notion) round out the set.

Per-Server, Per-User Tokens — Not One Big OAuth Grant

Each MCP connection uses a JWT scoped to the user, the server, the verbs (read / write / delete), and an expiry. Revocation is server-side and instant — no waiting for the user to revisit their Google account.

Tool-Call Audit Log With the Exact Arguments and Results

Every tool call is recorded: which client, which user, which tool, the input arguments, the redacted response, and the policy outcome. Stream to Splunk, Datadog, or S3. The audit your compliance reviewer wanted finally exists.

MCP Server Catalog

Six Servers, Every Productivity Surface.

GET/emailGmail + Outlook search, read, send, label — PII-redacted.GET/calendarGoogle + Microsoft Calendar — events, free/busy, contacts.GET/driveGoogle Drive, OneDrive, and SharePoint files — folder-scoped.GET/google-docsRead, edit, and comment on Google Docs with a redacted view.GET/google-sheetsRange read + write on Sheets — column-level redaction.GET/tasksJira, Asana, Monday, Linear, and Notion in one server.
All MCP server docs →
With and Without PortEden

The Same Workflow, Two Very Different Outcomes

Connecting Claude Desktop to Gmail
Without
Run a community MCP server on localhost, paste a refresh token into a config file, every message reaches Anthropic in plain text.
With
Drop a hosted MCP URL into `claude_desktop_config.json`. PII is redacted server-side; Claude sees placeholders.
Letting ChatGPT Search a User's Drive
Without
Build a Connector against Google Drive, store refresh tokens, write your own scoping, hope OpenAI's logs don't leak file contents.
With
Hosted Connector points at PortEden's Drive MCP. Folder-scoped tokens; redacted file bodies; full audit log.
A Cursor Agent Editing a Google Sheet
Without
The agent reads + writes raw cell values; if the sheet has SSNs or salary data, those flow through OpenAI as context.
With
Column-level redaction policies; the agent sees `[REDACTED]` for sensitive columns and writes succeed when policy allows.
Switching the Org From Claude to Gemini
Without
Rebuild every connector against Vertex extensions and re-test the entire tool surface.
With
Same MCP servers behind the scenes — only the client config changes.
Compliance Asks 'What Did Claude Read Yesterday?'
Without
Best you can do is the Claude transcript — no record of arguments, results, or what was redacted.
With
Per-tool audit log with arguments, redacted response payloads, and policy outcome. Export as CSV or stream to SIEM.
Connect in Five Minutes

Hosted MCP. Free Tier, No Credit Card.

Drop the JSON config into Claude Desktop, paste the Connector URL into ChatGPT, or wire Cursor to the hosted endpoint. Free tier covers 1,000 tool calls/month.

See pricing

Frequently Asked Questions

Which MCP-compatible clients does this work with?
Claude Desktop, Claude Web (via Cowork), Claude Cowork, ChatGPT (via Connectors), Cursor, Gemini (via Vertex extensions), and Microsoft Copilot. Any MCP-spec client should work — drop the URL into the client's config and authenticate. See /docs/guides/connect-to-claude/ and the sibling connect-to-* guides.
What's the difference between PortEden's MCP servers and a community-built MCP server?
Community MCP servers usually proxy a provider's API one-to-one — useful for hobby agents, dangerous for production. PortEden adds the parts you'd otherwise build yourself: redaction on every response, scoped tokens, a tool-call audit log, rate limiting, and a single auth flow across all six servers. Plus we host them, so you don't run a sidecar process per workstation.
Does redaction break the agent's reasoning?
No — and this is the key design decision. PortEden replaces sensitive values with stable placeholders (`<SSN_1>`, `<EMAIL_2>`) rather than scrubbing them. The agent can refer to them by handle, sort by them, deduplicate them, and produce summaries that name them — without ever holding the underlying value. Round-trip writes (e.g. 'send a reply to <EMAIL_2>') are de-redacted server-side.
How does authentication work?
You mint a JWT in the PortEden dashboard or via the REST API; the JWT is scoped to a user, a set of MCP servers, and a set of verbs. The agent presents the JWT as a Bearer token on every MCP call. Tokens can be revoked instantly server-side. The end user OAuths into PortEden once for each underlying provider; agents never hold the underlying refresh token.
Does this work with HIPAA, GDPR, EU AI Act?
The redaction layer means PHI/PII never reaches the LLM provider, so the threat model is much smaller than 'OpenAI under contract'. PortEden processes data under a DPA, with GDPR Art. 28 processor terms available. The audit log produces the per-tool-call evidence EU AI Act Article 12 logging programs typically need. Compliance with HIPAA, GDPR, and the EU AI Act remains your responsibility — PortEden provides the technical controls.
Can I add my own MCP tools or extend an existing server?
Custom tools are on the roadmap; today the six hosted servers cover the most-asked surface. If you have a specific tool you'd add (e.g. an internal CRM, a billing system), file a request and we'll prioritize. Self-hosted MCP plus PortEden as a redaction sidecar is supported on Enterprise.
What about latency? MCP calls are blocking on tool use.
p50 across the six servers is under 250 ms; p95 under 600 ms. Redaction adds 30–80 ms. We run active-active across two regions; status lives at status.porteden.com.
How does pricing work for tool calls?
Free tier: 1,000 tool calls/month. Team: 100k/month, $49/seat. Enterprise: unmetered with custom SLA. A tool call is one MCP request — `email.search` returning 50 messages is one call, not 50. Full pricing on /pricing/.

Keep Exploring

Ready to Wire Claude or ChatGPT to the Real Inbox?

Five-minute setup. Free tier covers 1,000 tool calls/month. Same JSON config works in Claude Desktop, Cursor, and any MCP client.

See pricing

Self-hosting MCP or 50k+ users? Talk to sales →