SocialHub.AI

AI & Brand · MCP & API

Your retention stack as governed tools AI agents can call.

Loyalty, campaigns, members, and segments — made available as MCP tools that AI assistants like Claude, Cursor, and Copilot can discover and use under your governance. MCP is the open standard that lets AI assistants securely use your tools — so this is no fragile custom integration, and no access keys pasted into a chat window.

AI assistant → Flash · secure MCP call
POST /api/mcp
Authorization: Bearer fl_live_•••
{
"method": "tools/call",
"name": "earn_points"
}
Success · points added, kept to your data

The problem

Your team is adopting AI assistants faster than your systems can safely open up to them.

Fragile one-off integrations

Every new integration means custom-built connections that someone has to keep fixing as things change.

Ungoverned access

Handing an AI assistant a raw access key usually means handing it everything — no permission limits, no data boundaries, no record of what it did.

Assistants can't discover what you do

A traditional integration is invisible to an AI assistant until someone hand-codes it in. Your capabilities stay locked away.

How it works

14 inbound tools, every call governed.

Flash speaks the open MCP standard at a single secure address (/api/mcp). An AI assistant first asks what Flash can do (tools/list), then calls the specific tool it needs (tools/call) to act — and every call is authenticated, permission-checked, kept to your own data, and logged.

Inbound MCP tools

14 total
list_membersget_memberearn_pointsredeem_pointsget_points_balanceget_member_tierlist_coupon_poolsget_member_couponsredeem_points_for_couponget_dashboard_stats+4 more

Each tool has a clearly defined set of inputs and a strict boundary that keeps it to your own data. The same capabilities are also available as a standard API for systems that aren't AI assistants.

Authentication

Authorization: Bearer fl_live_••••••••

Keys are encrypted at rest and shown in full only once, when you create them. Each key carries its own permission scopes and can be revoked at any time. Full access to every tool (/api/mcp) requires a key with all permissions.

One governed path, every agent

Whether the caller is Claude, Cursor, or Copilot, every tool call passes the same four checks before it touches your data.

01

Identity

secure API key

02

Permission

8 fine-grained scopes

03

Isolation

your data, kept separate

04

Audit

every call logged

Permission scopes

stores:readmembers:readmembers:writecaptures:readcoupons:readcoupons:writepoints:write*

Two-way MCP

The same standard, the other direction.

In one direction, AI assistants call Flash. In the other, Flash connects out to your other customer-data tools — pulling each member's details to personalize their email as it's built. The whole connection is built in-house, with no extra third-party software to depend on.

Automatic fail-safe

backs off when a tool is down, retries as it recovers

Controlled load

never overwhelms your connected tools

Healthy connections

reuses healthy connections, routes around bad ones

Always-valid access

refreshes credentials automatically before they expire

Into email personalization

Nine ready-made connectors (including AWS Personalize, Recombee, Algolia, Bloomreach, and Shopify) feed personalized content into each email as it's built. If one source is unavailable, that recipient simply falls back gracefully — the email still goes out, never broken.

Your data toolsconnectoreach member's datapersonalized email
Early accessOutbound data connection

This connection is built and ready, but switched on only once you add your credentials — until then it simply stays disconnected and emails fall back gracefully. We don't present it as proven at large scale yet.

Why it's different

Beyond traditional integrations and Zapier.

A traditional integration is a fixed, custom-built connection. Zapier runs pre-set automations when something happens. MCP is the open standard AI assistants discover and use on demand— and it's what the industry is consolidating around.

Typical approach

Traditional integrations

Hand-built connections an AI assistant can't discover; you maintain them.

Flash, by design

Self-describing MCP tools that AI assistants find and use on demand.

Typical approach

Zapier & similar tools

Pre-set triggers, not on-demand action by an AI assistant.

Flash, by design

AI assistants use your capabilities in the moment, under your permissions and audit log.

Typical approach

Raw access keys in a chat

All-or-nothing access, no boundaries, no record.

Flash, by design

Permission-scoped keys, your data kept isolated, and a logged audit trail on every call.

AI & innovation

On the standard the whole industry is converging on.

MCP — introduced by Anthropic, donated to the Linux Foundation's Agentic AI Foundation, and now generally available inside Microsoft Copilot Studio — is becoming the standard way businesses make their capabilities available to AI assistants, with governance and audit built in. Flash was built around MCP from the start, in both directions.

AI-discoverable capabilities

AI assistants discover what Flash can do on their own, instead of waiting for someone to hand-code a connection.

Governance built in

Secure identity, fine-grained permissions, data isolation, and a full audit trail — exactly the enterprise gap 2025's MCP work closed.

Built in-house, fewer parts to trust

The fail-safes, load controls, and credential handling are all built in-house — fewer outside parts to depend on.

What changes for the business

Your retention capabilities become safe, ready-to-use tools for the AI assistants your team already uses.

14 tools

loyalty, members, coupons & more, AI-ready

8 scopes

fine-grained permissions, enforced per key

Two-way

AI assistants call in, Flash connects out to your data tools

Your retention stack as governed tools an AI agent can call.

Use your retention stack from your favorite AI assistant.

400M+
50+
12+