Reltio

Connect Zoë to the Reltio AgentFlow MCP server — Reltio's hosted MCP endpoint for AgentFlow tool orchestration — so she can search entities, explore relationships, and invoke other AgentFlow tools against your Reltio tenant directly from Zenlytic chats. Authenticate with a static Authorization header containing a Reltio OAuth 2.0 access token minted from a service account's client credentials.

What Zoë can access

Through the Reltio AgentFlow MCP server, Zoë can call the tools Reltio exposes for your tenant — typically entity search and lookup, relationship traversal, match candidate retrieval, activity history, and other AgentFlow operations against the data Reltio manages. The exact tool surface is set by Reltio and may grow over time; retrieve the current list with the MCP Metadata API or by clicking Test Connection in Zenlytic.

Every tool call runs as the Reltio identity attached to the access token, so Zoë's permissions in Reltio are whatever that identity can see and do.

Prerequisites

Before you start, confirm the following:

• A Reltio tenant with AgentFlow and the MCP server enabled. If you don't see the MCP endpoint at https://<namespace>.reltio.com/ai/tools/mcp/, contact Reltio Support to turn it on.

• Your assigned Reltio namespace (the subdomain that prefixes .reltio.com in your tenant URL).

• A dedicated service account in Reltio scoped to the least-privileged set of permissions Zoë needs. You'll mint client credentials against this account.

• Zenlytic requirements. The mcp-client flag enabled on your workspace and admin role. See the MCP overview for the full list.

Create Reltio client credentials

The Reltio AgentFlow MCP server uses OAuth 2.0 client credentials. Each client ID/secret pair is tied to a Reltio service account, and the role assigned to that account is the role Zoë will run as in Reltio.

1. In Reltio, follow Creating client credentials to generate a client_id and client_secret for the service account you want Zoë to run as. Avoid using a personal user account so you can rotate or revoke Zoë's access independently.

2. Scope the service account's role to the minimum permissions Zoë needs — read-only on entities and relationships is enough for search and exploration workflows.

3. Copy the generated client secret immediately — Reltio only shows it once. Store it in your secrets manager.

Mint an access token

Zenlytic doesn't run the OAuth client credentials flow on your behalf, so you mint the access token outside Zenlytic and paste it into the connection.

Exchange the client credentials for an access token:

The response is a JSON document with an access_token field. Copy that value — it's what you'll paste into the Authorization header in the next step.

Reltio does not support refresh tokens. Access tokens expire and must be regenerated by re-running the request above. Plan a rotation cadence that matches the token lifetime and update the Zenlytic connection each time you mint a fresh token.

Set up the connection in Zenlytic

1. Open Workspace Settings → Extensions → MCP and click Add Connection.

2. Fill out the form:

• Name — a label that will appear in the chat tool menu, for example Reltio (prod).

• URL — the Reltio AgentFlow MCP endpoint for your tenant: https://<namespace>.reltio.com/ai/tools/mcp/. Replace <namespace> with your assigned Reltio namespace. Must use https://.

1. Add the required header (see Configure request headers).

2. Click Test Connection. Zenlytic opens an MCP session against the Reltio server and lists the tools it advertises.

3. Review the tool list and toggle off any tools Zoë shouldn't be able to call. Newly-discovered tools are pre-selected.

4. Click Add Connection to save.

Configure request headers

Add the following in the Headers section of the Zenlytic connection modal. Header values are masked in the UI and encrypted at rest.

Verify the token

Before saving the connection, sanity-check the token against the Reltio MCP endpoint:

A 200 response that lists your tools means the token, service account permissions, and namespace are wired up correctly — the MCP server will accept the same credentials.

Use the connection in chat

Once the connection has at least one selected tool, it appears in the chat tool menu. Toggle it on for any conversation where you want Zoë to use Reltio tools. The toggle is per-conversation, so different chats can mix Reltio with other MCP connections as needed.

A few specifics to share with your users:

• One service account, one permission set. Every user sharing the connection sees whatever Reltio data the service account's role can see. If you need different access for different teams, mint a separate access token from a separate service account scoped to a different role and wire it up as its own Zenlytic connection.

• Be specific in prompts. Naming the entity type, attribute, or tool explicitly produces more reliable tool calls than vague references — for example, "Search for contacts with last name Smith in the California region."

• Tokens expire. When Zoë starts returning 401 Unauthorized errors mid-conversation, the token has expired. Mint a new one and update the connection's Authorization header.

Manage the integration

• Rotate the access token: Re-run the curl command in Mint an access token, then Edit the connection in Zenlytic and overwrite the Authorization header value with the fresh token. Because Reltio doesn't issue refresh tokens, this is a routine operation rather than an exception — script it on the cadence that matches your token lifetime.

• Rotate the client secret: In Reltio, generate a new client secret for the service account, mint a fresh access token with the new credentials, and update the Zenlytic Authorization header. Revoke the old client secret in Reltio once you've confirmed the new one works.

• Refresh tools: If Reltio adds new tools or changes existing tool schemas, the next call may fail with a "tools have changed" error. Open the connection, click Refresh Tools, review the new set of tools, and Save Changes.

• Adjust permissions: Edit the role attached to the service account in Reltio if you need to broaden or restrict what Zoë can do. The change takes effect on the next request — no Zenlytic update needed.

• Disable the integration: Click Delete on the connection card to remove it immediately. Zoë stops seeing the Reltio tools in any new conversation. For belt-and-suspenders, also revoke the client credentials in Reltio.

Troubleshoot

• 401 Unauthorized from Reltio: The access token is missing, malformed, or expired. Confirm the Authorization header includes the Bearer scheme with a single space, and mint a fresh token if it's been longer than the token lifetime since you last set it. Reltio doesn't support refresh tokens, so expired tokens must be regenerated from the client credentials.

• 403 Forbidden on a tool call: The role attached to the service account doesn't have permission for the action Zoë attempted. Either tighten the tool list in the Zenlytic connection modal so Zoë can't call that tool, or expand the role's permissions in Reltio.

• Tool list looks short or empty: AgentFlow or the MCP server may not be enabled on your Reltio tenant, or the service account's role has limited permissions. Contact Reltio Support to confirm the MCP server is on, and double-check the role's permissions.

• Invalid namespace or DNS errors when saving: The <namespace> in the URL doesn't match a Reltio tenant. Confirm the value with your Reltio administrator and ensure the URL is exactly https://<namespace>.reltio.com/ai/tools/mcp/ (trailing slash included).

• Connection works in Test Connection but fails in chat: Either the access token expired between test and use, or Reltio's tool surface has changed since you saved. Mint a fresh token, then open the connection in workspace settings and click Refresh Tools.

• Can't reach the MCP endpoint: Confirm outbound HTTPS to <namespace>.reltio.com and auth.reltio.com is allowed from Zenlytic's network. If your Reltio tenant is on a private VPC or restricted egress, contact Reltio Support — the public AgentFlow MCP endpoint must be reachable from Zenlytic.