Clients

The three first-party PrivacyFlow clients — MCP server for LLM tools, Agent Zero channel for autonomous replies, and the n8n node for visual workflows.

PrivacyFlow ships three first-party clients. They all talk to the same public API and authenticate with the same API key model; the differences are in how you install them and where the work happens.

The three clients

ClientLanguageTransportBest for
MCP serverTypeScript (Node)stdio (MCP)Letting an LLM (Claude Desktop, Cursor, OpenCode) poll and send on your behalf.
Agent Zero channelPythonA0 extension hooksAutonomous bi-directional chat — your agent replies back automatically.
n8n nodeTypeScriptn8n community nodeVisual workflow automation with no code.

How to choose

  • You want an AI agent to read your inbox and reply. Use Agent Zero. It runs a 3-second poller, forwards inbound messages to an Agent Zero context, and ships the agent’s reply back through PrivacyFlow’s send endpoint with per-messenger message splitting.
  • You want a chat-style LLM client (Claude, Cursor) to call PrivacyFlow as a tool. Use the MCP server. It exposes four tools (health, verify, poll, send) plus two prompts (reply-to-message, broadcast) and two resources (API docs, contact formats). The LLM decides when to poll and what to send.
  • You want to build automation with no code. Use n8n. The Send node sends messages; the Trigger node polls and emits each message as an n8n item you can route through any other node.

Shared conventions

All three clients:

  • Authenticate with a single PrivacyFlow API key in the Authorization: Bearer <key> header by default (the MCP server switches to X-API-Key if you set PRIVACYFLOW_API_KEY_HEADER=x-api-key).
  • Default to the public API at https://privacyflow.app; override the base URL per-client if you run a self-hosted instance.
  • Treat polling as a destructive read — once a message is polled, it’s gone. They all persist before processing.
  • Preserve the messenger, contactId, and groupId from polled messages when sending replies. The n8n trigger node surfaces this caveat in its UI; the others do it in code.

Note

One API key per client is the safest setup. Issue separate credentials from the dashboard Credentials section so a compromise of one client’s key does not leak the others’ rate budgets or app scopes.

Last updated: