IT
Connecting Todoist (setup checklist)
Step-by-step checklist for connecting the Todoist connector, including the OAuth scope and the authorize/token URL overrides.
- integrations
- mcp
- todoist
- oauth
This checklist walks you through connecting Todoist to Harriet.
You'll need: a Todoist account, and access to Harriet's Company settings → Integrations.
How access works (before you start)
Setup registers an OAuth app — Harriet does not act with the admin's Todoist account. Each user connects their own Todoist account under Profile → Integrations and Harriet works with that user's own tasks and projects.
Step 1 — Create a Todoist app
- Go to the Todoist App Management Console: https://developer.todoist.com/appconsole.html
- Sign in and click Create a new app.
- Name it (e.g. Harriet) and create it.
Step 2 — Set the OAuth redirect URL
In the app, set the OAuth redirect URL to:
https://harriethq.com/bots/integrations/mcp/oauth/callback/
(If your tenant uses hrharriet.com, use https://hrharriet.com/bots/integrations/mcp/oauth/callback/ instead.) The match must be exact, including the trailing slash.
Save the app — it will now show your Client ID and Client secret. Treat the client secret like a password.
Step 3 — Enter the credentials and settings in Harriet
On the Todoist connector's configuration, fill in:
| Field | Value |
|---|---|
| OAuth client ID | (from your Todoist app) |
| OAuth client secret | (from your Todoist app) |
| OAuth scope | data:read_write |
| OAuth authorize URL (override) | https://todoist.com/oauth/authorize |
| OAuth token URL (override) | https://todoist.com/oauth/access_token |
The overrides point Harriet at Todoist's authorization server, where your app is registered. The connection will not work without them. Save your changes.
Step 4 — Connect and verify
- Click Connect — you'll be taken to Todoist's consent screen. Click Allow.
- Use Sync tools to load the Todoist actions and enable the tools you want.
- Attach the connector to a skill and assign the skill.
- Verify: ask Harriet something like "show me my Todoist tasks due today."
Todoist access tokens don't expire, so once a user connects, the connection stays valid without re-authorizing.
Troubleshooting
| Symptom | Most likely cause |
|---|---|
| OAuth error at Todoist sign-in | Redirect URL missing or inexact (Step 2), or Client ID/secret mismatch. |
| Consent screen never appears | OAuth URL overrides not set (Step 3). |
| Connected but actions fail | OAuth scope missing — it must be data:read_write (Step 3). |
See also How to create an MCP connector (Company settings).
Use Harriet in your organisation for searchable help, AI assistance, and your company knowledge base.
Log in to Harriet