{"name":"Posview","description":"Plan, preview, draft, and request human-reviewed changes for social media posts in Posview workspaces.","connector_url":"https://posview.app/api/mcp","transport":"streamable_http","auth":{"type":"oauth2","authorization_url":"https://posview.app/oauth/authorize","token_url":"https://posview.app/oauth/token","registration_url":"https://posview.app/oauth/register","protected_resource_metadata_url":"https://posview.app/.well-known/oauth-protected-resource","authorization_server_metadata_url":"https://posview.app/.well-known/oauth-authorization-server","token_endpoint_auth_method":"none","code_challenge_method":"S256","scopes":["agent:read","agent:draft","agent:schedule:prepare","agent:confirm:create"]},"safety":{"direct_publishing":false,"requires_human_confirmation":true,"exposes_oauth_tokens":false,"exposes_billing_details":false},"data_handling":{"policy_version":"2026-06-07","workspace_scoped":true,"least_privilege_scopes":true,"stores_plaintext_tokens":false,"stores_refresh_token_hashes":true,"sends_to_ai_client":["workspace context","post metadata","post captions and scheduled times","preview-safe post details","draft/proposal/confirmation request results"],"never_sends_to_ai_client":["SNS OAuth tokens","Agent API keys","preview passcodes","Stripe billing secrets","other workspaces"],"response_field_denylist":["accessToken","refreshToken","tokenHash","apiKey","secret","password","mfaSecret","totpSecret","passcode","previewPasscode","billingAccountId","stripeCustomerId","stripeSubscriptionId","paymentMethodId","cardNumber","cvv","ssn","taxId","medicalRecord"],"minimization_rules":["Return only the workspace, post, platform, preview-safe, draft, proposal, and confirmation fields needed for the requested action.","Do not return credentials, OAuth tokens, API keys, preview passcodes, payment identifiers, MFA secrets, or unrelated workspace data.","Use stable post/workspace identifiers only when the AI client needs them for the next authorized Agent API or MCP call."],"log_retention":{"prompt_response_transcripts_visible_to_service_admins":false,"retained_records":["OAuth grant status","refresh token hashes","connected editor attribution","OAuth client attribution","Agent API/MCP operation metadata","post history and audit summaries for write-side actions"],"summary":"External Agent API and MCP tool prompt/response transcripts are not exposed to service admins as raw transcript logs. Posview retains the minimal connection, token hash, attribution, operation, post history, and audit records needed for revoke, security, usage, and workspace audit flows."},"retention_deletion":{"summary":"AI connector data retention is scoped to the minimum records needed for revoke, security, usage, and workspace audit flows. Posview does not keep a separate AI-owned copy of workspace content; post, draft, proposal, and confirmation data remain governed by the normal workspace, post, account deletion, and legal retention processes.","items":[{"id":"tool_payloads_and_raw_transcripts","data_category":"Raw AI prompt/response transcripts and transient tool payloads","retained_records":["No Service Admin raw prompt/response transcript view for external Agent API / MCP tool activity","No repository-stored ChatGPT screenshot or transcript evidence"],"retention_purpose":"Avoid retaining more prompt or response content than the current authorized request and external review evidence process require.","deletion_trigger":"Normal request completion, approved evidence cleanup, or legal/support review of externally stored evidence.","deletion_behavior":"Do not treat raw AI transcripts as a retained Posview admin log. External review evidence is kept outside the repository and removed or redacted through the approved evidence process.","public_policy_surface":"/en/privacy, /jp/privacy, /en/apps/ai-agents, /jp/apps/ai-agents, /llms.txt","reviewer_checks":["Confirm public pages say raw external Agent API / MCP prompt-response transcripts are not exposed as Service Admin raw log views.","Confirm generated review packets contain placeholders and policy text only, not screenshots or raw transcript dumps."]},{"id":"oauth_grants_and_refresh_hashes","data_category":"AI OAuth grants, grant status, and refresh token hashes","retained_records":["OAuth grant status","refresh token hashes","connected editor attribution","OAuth client attribution"],"retention_purpose":"Support reconnect, revoke, stale-token rejection, scope enforcement, security investigation, and workspace audit trails without storing plaintext tokens.","deletion_trigger":"Connected AI Apps revoke, token expiry or rotation, account deletion request, workspace closure, or security/legal retention review.","deletion_behavior":"Deactivate or revoke the grant, invalidate token hashes, reject stale access, and retain only token-free audit summaries when needed for security or legal obligations.","public_policy_surface":"/ai-connector.json data_handling, /mcp-tools.json dataHandling, /openapi.json x-posview-data-handling","reviewer_checks":["Confirm the revoke-and-stale-token recovery flow rejects old access tokens.","Confirm dataHandling storesPlaintextTokens is false and storesRefreshTokenHashes is true."]},{"id":"operation_metadata_audit","data_category":"Agent API / MCP operation metadata and audit summaries","retained_records":["tool name or action id","timestamp and status","workspace and actor attribution","post history and audit summaries for write-side actions"],"retention_purpose":"Provide security, usage, support, and workspace auditability while avoiding raw prompt text and restricted credential fields.","deletion_trigger":"Account deletion request, workspace closure, support/legal retention review, or end of the operational need for the audit record.","deletion_behavior":"Delete or anonymize records that are no longer needed, while preserving legally required, security-critical, or aggregated audit records without credential material.","public_policy_surface":"/en/privacy, /jp/privacy, /llms.txt, /openapi.json x-posview-data-handling","reviewer_checks":["Confirm Response Data Inventory excludes restricted credentials and billing identifiers.","Confirm operation metadata is described as minimal audit data rather than raw transcript logging."]},{"id":"workspace_content_drafts_proposals_confirmations","data_category":"Workspace posts, drafts, proposals, and confirmation requests","retained_records":["canonical workspace posts","draft posts created by authorized AI calls","pending proposals","pending confirmation requests"],"retention_purpose":"Keep Posview as the canonical workspace source of truth while ensuring AI-created items remain drafts, proposals, or pending human confirmation.","deletion_trigger":"Post deletion, proposal cleanup, confirmation resolution, workspace closure, account deletion request, or normal workspace data lifecycle.","deletion_behavior":"Use the normal Posview workspace/post deletion and anonymization flows. The AI connector does not keep a separate workspace-content copy outside those records.","public_policy_surface":"/en/privacy, /jp/privacy, /en/terms, /jp/terms, /en/apps/ai-agents, /jp/apps/ai-agents","reviewer_checks":["Confirm draft/proposal/confirmation tools do not directly approve, schedule, publish, or delete posts.","Confirm the review packet maps these records to human confirmation and workspace deletion processes."]},{"id":"reviewer_credentials_external_evidence","data_category":"OpenAI review credentials and ChatGPT screenshot evidence","retained_records":["no review account credentials in generated packets","no OAuth tokens, OTP codes, preview passcodes, or SNS provider tokens in repository evidence","external screenshots or notes only in the approved evidence location"],"retention_purpose":"Let OpenAI reviewers reproduce the connector safely without committing secrets or private review workspace data.","deletion_trigger":"Post-review credential rotation, evidence retention review, reviewer account cleanup, or failed credential-safety preflight.","deletion_behavior":"Keep credentials in the approved secure channel only, rotate or revoke review access after review, and redact or remove external screenshots according to the approved evidence process.","public_policy_surface":"docs/ai-app-submission-review-packet.md, docs/ai-app-submission-evidence.md, todo.md manual evidence markers","reviewer_checks":["Confirm static preflight rejects credential-like material in generated and handoff docs.","Confirm Screenshot Evidence Matrix redaction rules are followed before storing external review evidence."]}]},"retention_summary":"External Agent API and MCP tool prompt/response transcripts are not exposed to service admins as raw transcript logs. Posview retains the minimal connection, token hash, attribution, operation, post history, and audit records needed for revoke, security, usage, and workspace audit flows."},"runtime_availability":{"policy_version":"2026-06-07","summary":"AI OAuth and Agent API access is rechecked on every token exchange and runtime request. Posview blocks AI access for Free workspaces, global or workspace emergency mode, closed workspaces, inactive grants or memberships, unavailable connected editors, and insufficient OAuth scopes.","allowed_plans":["pro","agency"],"checked_on":["OAuth authorization code exchange","OAuth refresh token rotation","Agent API bearer authentication","MCP bearer authentication","MCP runtime tool calls"],"blocks":[{"code":"oauth_plan_required","condition":"The workspace effective plan is Free.","recovery":"Move the workspace to Pro or Agency, then reconnect or retry the AI app."},{"code":"emergency_mode","condition":"Global or workspace emergency mode is active.","recovery":"Resolve emergency mode in Posview before retrying the AI operation."},{"code":"workspace_closed","condition":"The workspace is closed or scheduled for deletion.","recovery":"Use an active workspace or reopen the workspace before connecting AI clients."},{"code":"oauth_grant_inactive","condition":"The OAuth grant, OAuth client, workspace membership, or connected editor is no longer active.","recovery":"Reconnect Posview from the AI client and confirm the workspace membership is active."},{"code":"insufficient_scope","condition":"The OAuth access token is missing the scope required by a tool.","recovery":"Re-authorize Posview with the required scope, then retry the same operation."}]},"docs_url":"https://posview.app/en/apps/ai-agents","privacy_url":"https://posview.app/en/privacy","terms_url":"https://posview.app/en/terms","support_url":"https://posview.app/support"}