Get startedCLIAPIMCPWebDesktopAgentsSupportBillingChangelog
Connect
claude-cowork logo

Claude Cowork

Dock works inside Claude Cowork as a custom remote connector. No local bridge, no stdio bridge, no special flags. Dock is remote by design, which means it bypasses the sandbox limitations that block local MCP servers in Cowork mode.

Client
Claude Cowork
Runs inside a sandboxed VM. Remote MCP is the supported path.
HTTP JSON-RPC (streamable-http)
Dock MCP
trydock.ai/api/mcp
37 tools · OAuth 2.1 + DCR · Bearer
Auth path
1
Client fetches /.well-known/oauth-authorization-server.
2
Self-registers via DCR, opens your browser to Dock consent.
3
Dock returns an access token, client uses it on every request.

Why remote, not local

Cowork mode runs your agent inside a sandboxed virtual machine that can't reach processes on your host. This breaks any MCP server that spawns as a local stdio child (the command + args config pattern). Remote MCP servers over HTTPS sidestep the restriction entirely. The agent inside the VM fetches Dock over the public internet, same as loading a website.

Dock has always been remote-first: https://trydock.ai/api/mcp. Paste that URL into Cowork's custom-connector dialog and you're done.

Prerequisites

  • Claude desktop app with Cowork enabled (Pro, Max, Team, or Enterprise plan). macOS or Windows.
  • A Dock account. Dock is invite-only during beta. If you don't have access, request an invite.

Setup (under two minutes)

Step 1. Open the Cowork connector settings

In the Claude desktop app, open Settings → Connectors → Add custom connector. You'll see a single input for the remote MCP server URL.

trydock.ai
Settings
Connectors
Add custom connector
Connect Claude to a remote MCP server. Paste the server URL below. Claude will authenticate in your browser on first use.
Claude desktop · Settings → Connectors

Step 2. Paste Dock's MCP URL

Remote MCP server URLtext
https://trydock.ai/api/mcp

Click Connect.

Step 3. Authorize in the browser

Claude opens a browser window to Dock's OAuth consent screen. Sign in if you're not already (magic link), click Approve on the "Claude wants to connect to your Dock account" page. The tab closes itself.

Claude stores the access token securely and uses it on every subsequent call. No token ever touches your filesystem.

Step 4. Verify

Open any Claude Cowork session. Ask:

Prompttext
Using the Dock connector, list my workspaces.

You should see your workspace slugs within a few seconds. The agent now has the 13 Dock tools at its disposal: read and write rows, create workspaces, get billing, file support tickets, ask for limit increases.

What Cowork can and can't do with Dock

Cowork runs every tool call from Anthropic's cloud, not from your machine. That has two implications worth knowing:

  • Your laptop can be asleep. Cowork tasks keep running, Dock keeps accepting reads and writes, because both live in the cloud. You come back to a workspace that has been updated while you were away.
  • No on-host side-effects. The agent can edit Dock rows and docs all day, but it can't simultaneously touch your local files. That's what Claude Code is for. A common pattern: Cowork does the collaborative workspace work, Claude Code picks up the git/file work on your machine, both read the same Dock workspace.

Troubleshooting

Symptom
Fix
"Connector failed to add" after clicking Connect
Claude couldn't reach trydock.ai/api/mcp. Check status.trydock.ai. If Dock is green and the error persists, you probably pasted a Claude Code config URL instead of the remote MCP URL. The URL field only accepts https://.
Browser opens to OAuth, but tab just loads forever
Your browser's third-party-cookie blocker is interfering with Dock's session cookie. Open trydock.ai/login manually in the same browser, sign in once, then retry the Cowork Connect flow.
Tools appear but return "no workspaces"
You authorized as a Dock account with no workspaces yet. Sign in to trydock.ai and create a workspace (the welcome workspace alone is enough for a smoke test), then ask the agent to list again.
Cowork says "permission denied" on write tools
The account you authorized has viewer-only role on the target workspace. Either share the workspace with yourself as editor, or switch workspaces.
Want to revoke Cowork's access
Dock Settings → OAuth clients → find "Claude" entry → click Revoke. Cowork's next tool call returns 401 and prompts re-authorization.

Frequently asked questions

How do I connect Dock to Claude Cowork?
Add Dock as a remote MCP server in Claude Cowork. Either let Claude Cowork's OAuth 2.1 + DCR flow handle auth (recommended; no credential ceremony), or paste a scoped Dock `dk_` API key in Claude Cowork's MCP config under the `Authorization: Bearer dk_…` header.
Does Claude Cowork work with Dock's MCP server?
Yes. Dock exposes 43 MCP tools at `https://trydock.ai/api/mcp` over HTTP transport with OAuth 2.1 + DCR and Bearer-token auth. Any MCP-spec-compliant client, including Claude Cowork, discovers them via the standard `tools/list` handshake. Learn more →
How do I limit which Dock workspaces Claude Cowork can write to?
When you mint the `dk_` key for Claude Cowork in Settings → API keys, pick the workspace from the dropdown. The key returns 403 on every other workspace regardless of what the prompt asks. To scope across multiple, mint multiple keys or add the agent as an explicit member of each. Learn more →
How do I see what Claude Cowork did in my Dock workspace?
Open the workspace in your browser. Every row Claude Cowork created or updated is stamped with the agent's identity (orb + name) in the createdBy / updatedBy field. The workspace activity feed shows every action chronologically. Learn more →
How do I undo a row Claude Cowork wrote to Dock?
Open the row, click the kebab menu, choose Delete (soft-delete preserves history). For bulk reverts use the activity feed to find the agent's session and delete its rows in batch. To prevent future writes, revoke Claude Cowork's `dk_` key in Settings → API keys.
Can multiple Claude Cowork sessions share state through Dock?
Yes. Every Claude Cowork session reads and writes the same workspace, so handoffs across machines or across long-running multi-session workflows just work. The Dock workspace IS the shared state; no separate message bus required.
Does Claude Cowork need OAuth or a dk_ API key for Dock?
Either works. OAuth 2.1 + DCR is the recommended path: Claude Cowork hits Dock's discovery endpoint at `/.well-known/oauth-authorization-server` and auto-registers as a client. The `dk_` Bearer token path is fine for owned-code agents and CI scripts; pick whichever fits your stack. Learn more →
What is Claude Cowork and how does it work with Dock?
Claude Cowork is Anthropic's desktop coding-agent variant that supports MCP via standard `claude mcp add`. Connect Dock the same way as Claude Code; the workspace your Cowork agent writes to is visible to your team in the Dock web UI.
How is Claude Cowork different from Claude Code for Dock integration?
Both connect to Dock via MCP with identical auth flows. Cowork's UX is more multi-agent / project-oriented (project-scoped contexts), so the typical Dock setup pairs Cowork with workspace-scoped `dk_` keys, one per project.
Can I run Claude Cowork and Claude Code on the same Dock workspace?
Yes. Both agents auth as separate signed agents (their own `dk_` keys), so attribution is preserved per agent. Real-time SSE updates mean each one sees the other's writes within ~400ms.
Updated