Documentation

Dijin Connector for Claude

Dijin is the Memory Layer — an open, owner-signed, cite-or-refuse store of your captured segments, extracted decisions, action items, entities, and evidence citations. Capture sources (Teams, Gmail, Notion, share-sheet, email forward) POST DMF segments into Dijin's ingestion gateway; the Dijin Connector lets Claude (and other MCP-compatible AI clients) query that memory on your behalf with explicit per-scope consent and a tamper-evident audit ledger.

Quick start

Dijin is a standard OAuth + MCP connector. Any spec-compliant AI client discovers our endpoints automatically — no manual config, no copy-paste, no per-platform install steps. The flow is the same as Notion or Linear in Claude's Connectors Directory.

In your AI client (Claude Desktop / Claude.ai / Cursor / Zed), open the Connectors or MCP Servers UI.
Add Dijin from the Directory (once listed) or paste the MCP URL https://rwxqzunzxwqqwtnjirab.supabase.co/functions/v1/mcp-connector into the "Add by URL" field.
Your AI client discovers Dijin's OAuth metadata via RFC 9728 + RFC 8414 well-known endpoints and redirects you to https://dijin.co/oauth/authorize.
You see a Notion-style consent screen showing your Dijin email and the scopes the AI client is asking for. Click Allow.
Your AI client receives the Bearer token via PKCE token exchange. Dijin tools are live. Try "List my Dijin sessions" or "What did I decide last week?".

Manual client setup

Until Dijin appears in Claude's Connectors Directory, you can add it manually to any spec-compliant MCP client. The same OAuth + PKCE flow runs in your browser on first use.

Claude Desktop (macOS / Windows)

Edit ~/Library/Application Support/Claude/claude_desktop_config.json (macOS) or %APPDATA%\Claude\claude_desktop_config.json (Windows):

{
  "mcpServers": {
    "Dijin": {
      "url": "https://rwxqzunzxwqqwtnjirab.supabase.co/functions/v1/mcp-connector"
    }
  }
}

Restart Claude Desktop. Open Settings → Connectors → Dijin → sign in via the magic-link prompt.

Cursor

Edit ~/.cursor/mcp.json:

{
  "mcpServers": {
    "Dijin": {
      "url": "https://rwxqzunzxwqqwtnjirab.supabase.co/functions/v1/mcp-connector"
    }
  }
}

Zed

In ~/.config/zed/settings.json, add to context_servers:

{
  "context_servers": {
    "Dijin": {
      "command": {
        "url": "https://rwxqzunzxwqqwtnjirab.supabase.co/functions/v1/mcp-connector"
      }
    }
  }
}

Claude Code

Run from your project root:

claude mcp add Dijin --transport http --url https://rwxqzunzxwqqwtnjirab.supabase.co/functions/v1/mcp-connector

Sanity check (no client install)

Visit https://dijin.co/oauth/test in any browser to run the full OAuth + listSessions flow end-to-end. Useful before you commit to a config edit.

OAuth discovery

Dijin implements the full MCP OAuth discovery spec so AI clients can self-configure from a single URL.

Protected Resource Metadata (RFC 9728): https://dijin.co/.well-known/oauth-protected-resource
Authorization Server Metadata (RFC 8414): https://dijin.co/.well-known/oauth-authorization-server
WWW-Authenticate header on every MCP 401 response points clients at the Protected Resource Metadata so discovery works on the first probe.
PKCE S256 required for all OAuth flows. code_challenge_method=S256.

Endpoints

MCP server	https://rwxqzunzxwqqwtnjirab.supabase.co/functions/v1/mcp-connector
OAuth authorize	https://dijin.co/oauth/authorize
OAuth token	https://rwxqzunzxwqqwtnjirab.supabase.co/functions/v1/dijin-oauth-token
PKCE	S256 required
Transport	HTTPS + Server-Sent Events (Streamable HTTP, MCP spec 2025-06-18)

Scopes

Connectors request a subset of the catalogue below. The user sees and selects scopes on Dijin's OAuth consent screen — defaults pre-check the cloud-resolvable ones; raw-transcript requires explicit opt-in.

memory.summary.readSummaries, decisions, action items
Daily/weekly summaries, action items, decisions extracted from the user’s memory.
memory.evidence.readEvidence snippets (short quotes)
Short quoted passages tied to specific insights and decisions.
memory.entities.readEntities (people, projects, places)
People, organisations, places, concepts extracted across sessions.
memory.audit.readAccess log (who-touched-what)
The user’s connector access ledger — every OAuth grant, scope-denied event, rate-limit hit, tool call.
memory.conflicts.readDetected contradictions
Flagged contradictions across the user’s memory (same subject + same predicate but different facts).
memory.transcript.read.rawRaw transcript text (verbatim)
Verbatim word-for-word text. Routed via the user’s device (not the cloud) — each request prompts the device for explicit approval. Decryption key never leaves the device.

Tools

All 12 tools below are read-only and idempotent — they never modify the user's memory, and the same arguments always produce the same result. None are destructive. All carry MCP-spec annotations (readOnlyHint=true, destructiveHint=false, idempotentHint=true, openWorldHint=true).

listSessionsrequires memory.summary.read
List the user’s recent Dijin memory sessions (ingested capture batches — one per DMF segment POST).
{ limit?: int (1–200), since?: ISO datetime }
getSessionrequires memory.evidence.read
Full details of a single ingestion session, plus up to N transcript segments.
{ session_id: UUID, segment_limit?: int (0–1000) }
searchTranscriptsrequires memory.evidence.read
Literal text search across ingested transcript segments (case-insensitive). Returns snippets ranked by recency.
{ query: string (2–200), limit?: int (1–100), session_id?: UUID }
listActionItemsrequires memory.summary.read
Action items extracted from the user’s memory. Optional status filter.
{ status?: "open" | "done" | "dismissed", limit?: int (1–200) }
listEntitiesrequires memory.entities.read
Entities (people, orgs, places, concepts). Free-text query matches display_name and aliases.
{ query?: string, type?: string, limit?: int (1–200) }
getDecisionsrequires memory.summary.read
Decision-type claims with optional date range filter.
{ date_from?: ISO datetime, date_to?: ISO datetime, limit?: int (1–200) }
getDailySummaryrequires memory.summary.read
Pre-computed daily summary for a given calendar date.
{ date: "YYYY-MM-DD" }
getAuditLogrequires memory.audit.read
The connector access ledger entries belonging to the user. Hash-chained for tamper-evidence.
{ event_category?: string, date_from?: ISO, date_to?: ISO, limit?: int (1–200) }
getConflictsrequires memory.conflicts.read
Groups of active claims that contradict each other (same subject + predicate, different objects).
{ limit?: int (1–100) }
whoamirequires memory.summary.read
Connected user identity (user_id + email if available) and the scopes granted to this connector. Health check / token validation.
{ }
getEntityMentionsrequires memory.entities.read
Single entity record + the transcript segments that mention it across sessions. Companion to listEntities for cross-session timeline.
{ entity_code: string, segment_limit?: int (0–200) }
getWeeklyReviewrequires memory.summary.read
Pre-computed weekly memory summary (7-day window). Sibling of getDailySummary at the weekly aggregation level.
{ week_start?: "YYYY-MM-DD" }

Usage examples

Realistic conversational prompts a user might give Claude (or any MCP-compatible client) and how the connector resolves them. The agent picks tools automatically based on the question.

"What did I decide last week, and which decisions are still open as action items?"
Claude calls getDecisions with date_from set to 7 days ago and date_to set to now to find decisions, then calls listActionItems(status="open") to cross-reference which decisions have outstanding follow-ups. Returns a synthesised answer that ties the two together.
getDecisionslistActionItems
"Find every mention of Ali in my last month’s meetings and tell me what was discussed."
Claude calls listEntities(query="Ali", type="person") to find the canonical entity record, then searchTranscripts(query="Ali") to surface segment snippets that mention them. For deeper context, Claude can call getSession on the parent sessions for each snippet.
listEntitiessearchTranscriptsgetSession
"Are there any contradictions in what I’ve said about Project Phoenix’s deadline?"
Claude calls getConflicts to surface groups of claims with the same subject + predicate but different objects, then filters or follows up with listEntities(query="Project Phoenix") to scope the search. Returns a structured comparison of the conflicting claims.
getConflictslistEntities
"Show me everything Claude has accessed from my Dijin memory in the last 7 days."
Claude calls getAuditLog(event_category="connector_access", date_from=...) to list every tool call made by this OAuth grant. The user can use this for accountability questions like “which AI session pulled my Q3 OKRs?”
getAuditLog

For developers

Coming next · alpha this quarter

Dijin is expanding beyond voice memory into Code Why Memory: a project memory layer that links decisions, commits, tests, and conversations so AI tools can answer “where did we leave off?” with evidence.

Cursor knows your code. Sourcegraph searches your codebase. Dijin remembers why your code exists, which decision locked it, which commit implemented it, and whether that decision is still active.

Developer layer is in alpha. The voice-memory layer below is live and shipping today; the Code Why Memory tools (getProjectState, getCommitContext, getActiveDecisions) ship as a separate mcp__dijin_dev__* namespace once the Dijin connect <repo> agent ships.

Today: voice-memory connector (live)

Dijin is the personal-memory layer you don't have to build. Drop the MCP URL into any spec-compliant AI client, OAuth handles user binding, and your app gets 16 read-only tools over a user's captured sessions, decisions, action items, entity mentions, and three new evolution-query tools (getDecisionLineage, getEntityTimeline, getTopicEvolution) that answer “how did topic X evolve over Q1 vs Q2” style questions. Stop reinventing storage + embeddings + OAuth + audit + sync; ship the product on top.

Why pay for this instead of rolling your own

Building a Memory Layer from scratch for your AI app means owning, forever:

DMF (owner-signed segment format) + ingestion gateway + replay tooling.
kg.* graph schema (claims · entities · evidence · relationships) with RLS per user.
Embedding pipeline + pgvector index + cosine maintenance.
Cloud worker for cite-or-refuse synthesis (Gemini / Claude / OpenAI adapters).
Insight extraction (decisions, action items, entities) with calibrated precision/recall per language.
OAuth 2.0 (PKCE, dynamic client registration, scope catalog, consent UI, token rotation, revocation).
Cross-device sync, encryption at rest, GDPR export & deletion.
Hash-chained audit ledger so users can trust what AI agents actually accessed.
Cross-platform clients: macOS, iOS, Windows, Android, Web — and the support burden of all of them.

That's roughly 6–12 months of focused engineering before you ship the feature your users actually came for. Most teams either don't build it (their AI ships goldfish-brained) or build it wrong (no audit, no encryption, no sync, gets called creepy on Hacker News).

Dijin runs that stack as infrastructure. Your app gets:

Production-grade memory the day you integrate.
Compliance-ready posture (OAuth scopes, audit ledger, GDPR export, privacy policy) without writing the lawyer-facing docs yourself.
Cross-client portability — if your users also use Claude / Cursor / Zed, the same memory shows up everywhere they want it, with one consent flow.
Open standard (DMF) underneath so you're not locked in — the protocol is forkable, multi-vendor, with conformance vectors.

Result: your developer/team-tier users pay you for a product that feels like magic, you pay Dijin for the substrate that would have cost you 6+ months of headcount to recreate (badly). Both economics work because both sides only build the part they uniquely care about.

Want a working starter? The 30-minute Quickstart walks you from zero to a daily-standup bot calling Dijin + Claude (paste-and-run code). Sample code on GitHub: examples/daily-standup-bot.

App ideas (each buildable in a day)

Daily standup bot
Slack message every morning: yesterday's Dijin summary + open action items.
getDailySummary + listActionItems
Meeting prep agent
Calendar webhook → 1 hour before a meeting, AI emails: “last time you talked with this person, here's what was decided and what's still open.”
listEntities + getEntityMentions + getDecisions
CRM auto-summary
After every customer call captured in Dijin, write a per-contact rolling summary back to your CRM (HubSpot, Attio, etc.).
listSessions + getSession + searchTranscripts
Voice journal companion
Cursor / Zed / Claude Code agent that pulls your voice notes mid-coding when you ask “what did I decide about the auth refactor last week?”.
searchTranscripts + getDecisions
Decision audit dashboard
Web view that lists every decision your team has made this quarter and flags contradictions across sessions.
getDecisions + getConflicts
AI productivity coach
Weekly nudge: “you took 5 decisions, shipped 3, here are the 2 still open and blocking — want me to draft a follow-up?”
getWeeklyReview + listActionItems(status=open)
Therapy / coaching session helper
With user consent, surface relevant past-session context to the practitioner before each appointment. Read-only, scoped, audit-logged.
getDailySummary + listEntities + getAuditLog

Quick start (30 minutes to first call)

Add the MCP URL to your AI client of choice (Claude Desktop, Cursor, Zed, Claude Code — snippets above).
Run the OAuth flow in your browser the first time. Your app or AI client receives an opaque dijin_pat_* bearer token via PKCE token exchange.
Use that token on every subsequent POST to https://rwxqzunzxwqqwtnjirab.supabase.co/functions/v1/mcp-connector. Standard MCP JSON-RPC 2.0 over Streamable HTTP — tools/list, tools/call, initialize.
Build features on top: daily summaries, semantic-style search via searchTranscripts, entity mention timelines, contradiction surfacing — all over a single user's consented memory.

Building your own MCP server (DMF adoption)

Dijin is one implementation of the open Dijin Memory Format (DMF) standard. Any product that adopts the DMF schema can ship its own MCP server and get the same Claude / Cursor / Zed integration for free.

Spec + conformance vectors: github.com/dijin-company/dijin-memory-protocol — 27+ test vectors, schema, signing rules.
Reference implementations: Swift (Dijin macOS / iOS), TypeScript (@dijin/mcp-server), Rust (crates/dmf), CLI (dijin-cli).
Drop-in MCP server: fork dijin-memory-protocol/packages/mcp-server, swap the storage adapter, deploy to any edge runtime.
Cross-impl byte parity: the same DMF archive verifies against Swift, TypeScript, and Rust readers. Your implementation is interoperable from day one.

Building something? Email [email protected] — we'll seed test data, review your integration, and amplify the launch.

Privacy & security

End-to-end protected raw transcript: When a connector requests the memory.transcript.read.raw scope, the resolution never happens in Dijin's cloud. Each request is forwarded to the user's device, which decrypts in-process and returns plaintext. The decryption key (BIP39 → HKDF, in Keychain) never leaves the device.
Cloud-resolvable scopes (summaries, entities, action items, decisions, audit log, contradictions) are served from the user's Supabase account using row-level security. The connector token authenticates the request to the user's row, never anyone else's.
Access ledger: Every OAuth issuance, scope-denied event, rate-limit hit, and tool call appends a row to the user's audit_logs table. Hash-chained (row_hash + prev_hash + seq) for tamper-evidence.
Revoke at any time: Users revoke a grant via Settings → Privacy → Connected Apps. Revocation takes effect within one second (token validation hits a read on api_tokens per request).
Tokens never round-trip in URL fragments: OAuth codes pass through redirect URI query params (per RFC 6749); the access token is delivered server-to- server via the token endpoint response body. SHA-256-hashed at rest.

Full privacy policy: dijin.co/en/privacy

Troubleshooting

Tools return empty arrays
You haven't recorded any sessions yet. Open the Dijin macOS / iOS app, capture a session, and the tools will surface that data immediately. New accounts get an onboarding sample on request — email [email protected].
401 Unauthorized after a while
Magic-link OTP tokens expire ~1 hour after issue. Your AI client should auto-trigger the OAuth flow again — if it doesn't, sign back in at https://dijin.co/login and reconnect from your client's Connectors UI.
OAuth flow opens then nothing happens
Check that third-party cookies are enabled for dijin.co in your browser. Some Brave / Firefox strict modes block the PKCE callback. The redirect URI on Dijin's side accepts https://claude.ai, https://claude.com, and https://*.anthropic.com.
"Server not responding" from client
Verify the MCP URL is reachable: curl -i https://rwxqzunzxwqqwtnjirab.supabase.co/functions/v1/mcp-connector should return HTTP 401 with a WWW-Authenticate header. If you get a different response, the URL was mistyped.
Wrong account showing
Each magic-link binds the connector to the email address that signed in. To switch accounts, revoke the connector from the AI client's Connectors UI, then re-add and sign in with the desired email.
Tool call returns "scope not granted"
The connector requested fewer scopes than the tool requires. Disconnect, reconnect, and check the additional scope on the consent screen. See the Scopes section above for the full list.
Still stuck?
Email [email protected] with your AI client name + version + browser and we'll respond within 24 hours.

Support & contact

Issues / questions: [email protected]
Self-serve end-to-end test page: dijin.co/oauth/test — runs the entire OAuth + MCP flow from a logged-in browser, useful for verifying connectivity and inspecting tool responses before configuring an external client.