Bot users are non-interactive service accounts that represent automations in your workspace. Unlike regular team members, bots can't log into the Leadtime app — they operate exclusively through the API and MCP (Model Context Protocol).
Bots are ideal for connecting external tools like n8n, Zapier, Make, or AI coding assistants (Cursor, Claude Code, etc.) to your Leadtime workspace. Each bot has its own identity, role, and access tokens, so you can track which automation performed an action and control what it's allowed to do.
Workflow automation: Connect n8n, Zapier, or custom scripts that create tasks, update projects, or sync data with external systems.
AI assistants / MCP: Let an AI coding assistant (e.g. Cursor with MCP) read and write tasks and projects on behalf of the bot rather than a personal account.
CI/CD pipelines: Have your deployment pipeline create or update tasks automatically.
Dedicated audit trail: Actions performed by a bot are attributed to the bot's name, keeping the activity log clear about what was done by a human vs. an automation.
Bots are managed in Workspace Settings → Bots. This page is visible only to users who have the Manage bots permission and when the API feature is enabled for the workspace.
Go to Workspace Settings → Bots.
Click Create bot.
Enter a name (must be unique within the workspace).
Choose a role that defines what the bot is allowed to do (see Roles below).
Optionally upload an avatar to make the bot visually distinguishable.
Click Save.
The bot is created in Enabled status and is ready to use.
On the bot detail page you can:
Action | Description |
|---|---|
Edit | Change the bot's name, role, or avatar. |
Enable / Disable | Toggle the bot's status. A disabled bot cannot authenticate — its tokens and MCP sessions stop working until re-enabled. |
Create token | Issue a new personal access token (PAT) for API access. |
Revoke token | Permanently invalidate an existing token. |
Each bot can have one or more personal access tokens. Tokens are used as Authorization: Bearer <token> when calling the Leadtime Public API.
When you create a token you choose:
Name — a label to remember what the token is used for (e.g. "n8n production").
Expiry date — when the token should stop working.
Scopes — api:read (read-only) and/or api:write (read + write).
Instead of using a PAT token, you can authorize an AI assistant to act as a bot through the OAuth / MCP consent flow:
When an MCP client (e.g. Cursor) starts the OAuth consent flow, the consent page shows a list of accounts to authorize as.
If you have the Authenticate MCP as bots permission, the list also includes enabled bots from your workspace.
Select the desired bot and approve. The MCP session now runs with the bot's identity and role.
This is useful when you want the AI assistant to operate under a controlled service account instead of your personal account.
Every bot is assigned a role that determines its permissions. Leadtime provides a built-in Bot role with the following characteristics:
Broad operational access: tasks, projects, organizations, time tracking, invoices, insights, dashboards, and more.
No workspace administration access (cannot change settings, manage staff, etc.).
Includes API and MCP usage permissions.
The Bot role is a system role and cannot be edited.
You can also assign any other workspace role to a bot if you need different permission levels — for example a more restricted role for a bot that should only read data.
Two permissions control bot-related functionality:
Permission | Who has it by default | What it does |
|---|---|---|
Manage bots | Admin | Create, edit, enable/disable bots and manage their PAT tokens in workspace settings. |
Authenticate MCP as bots | Admin | Allows the MCP consent screen to show enabled bots as selectable identities. |
Both permissions are part of the Public API permission group and require the workspace API feature to be enabled.
