MCP-native · OAuth 2.1 + PKCE · Open source
The Kanban your agents can drive.
Ukolio is a multi-tenant task manager built around the Model Context Protocol. Claude, Cursor, ChatGPT — any MCP client — plans, creates, moves, and closes tasks alongside your team. You get the human overview. Agents get a proper API, not a scraped UI.
Start a free workspace →See how agents use it
Self-hostableMIT licensedMulti-tenant from day one
Why Ukolio
A task manager designed for humans and agents to share.
Most tools bolt on an "AI assistant." Ukolio was designed the other way around — agents are first-class actors, with their own auth, their own audit trail, and tools shaped for them.
MCP-native, not bolted on
Streamable HTTP transport, Redis-backed session persistence, tools auto-discovered from the backend. Every domain operation an agent might need — projects, tasks, workflows, custom fields, tags, attachments, comments — is exposed as a typed MCP tool.
OAuth 2.1 + PKCE for agents
No shared API keys, no copy-paste tokens. Agents register dynamically, request user consent, and operate with hashed, revocable tokens. RFC 9728 discovery makes setup one click in Claude Desktop, Cursor, or any conforming MCP client.
Always know who did what
Every event, comment, and task is tagged Human or Agent — and named with the MCP client. When an agent moves your sprint, the audit log shows which agent, on whose behalf, and exactly when.
For agents
Connect your MCP client in under a minute.
Point your client at the Ukolio MCP URL. Discovery, registration, and consent are handled automatically.
Sign up & get a workspace
Every account gets a personal workspace, pre-seeded with a To do → In progress → Done workflow. Invite teammates by email or stay solo.
Add the MCP server to your client
Drop in the Ukolio MCP URL. Your client discovers the OAuth endpoints, opens a browser tab for consent, and exchanges a PKCE-pinned code for a token — no shared secrets.
Let agents plan, create, and close
Tell Claude to triage your inbox into tasks. Ask Cursor to break a feature into subtasks with dependencies. Have ChatGPT close out everything that shipped in a release.
Review on the board, not in chat
The web UI is for humans: a fast Kanban, a workspace-wide task grid with search and filters, drawers for editing, and an event log that shows exactly what each agent did.
# claude_desktop_config.json
{
"mcpServers": {
"ukolio": {
"url": "https://www.ukolio.com/mcp"
}
}
}
# In conversation:
> Triage these 12 customer reports into the
Backend project. Mark anything mentioning
the migration as Urgent.
→ ukolio.find_project_by_name("Backend")
→ ukolio.list_statuses(projectId)
→ ukolio.create_task × 12
→ ukolio.set_task_tags(["urgent"])Everything you'd expect
A complete task manager. Just one your tools can actually use.
Ukolio isn't a minimal toy wrapped around an MCP server. It's a full Kanban with the structure real teams need — and every part of it is reachable from agents and humans alike.
Kanban with custom workflows
Per-project workflows, drag-and-drop columns, Start / Normal / Finish status types. Tasks display as PROJECT-N for stable references.
Workspace-wide task grid
Search, multi-status filter, sortable columns, and pagination across every project. Open the existing detail drawer inline — no context switch.
Comments with attribution
Every comment carries an actor type. Threads stay readable when humans and three different agents are all chiming in on the same task.
Custom fields
Workspace-level catalog: Text, Textarea, Select, semver Version. Attach to any project, set required, set defaults — all reachable from MCP.
Tags & typed relations
Workspace-scoped tags. Parent / DependsOn / Related / Duplicates between tasks — perfect for letting agents reason about blockers.
File attachments
S3-compatible object storage backs every task. Attach designs, logs, or screenshots; agents can fetch them by ID without scraping a UI.
Multi-tenant workspaces
One account, many workspaces, three roles (Owner / Admin / Member) plus a SystemAdmin tier. Email invitations, atomic ownership transfer.
English & Czech
UI and transactional email both honour the user's locale. Picked once in the topbar — synced to the server so invites land in the right language.
Append-only event log
Every mutating action lands in a typed event stream — per project, per workspace, per task. Filter by actor type, by MCP client, or by user.
Built right
The boring details, done seriously.
You're going to give agents write access to your team's work. Ukolio takes that seriously.
OAuth 2.1 + PKCE, S256 only
Dynamic client registration, PKCE-pinned authorization codes, SHA-256-hashed tokens at rest. No shared secrets. 1 h access tokens, 30 d refresh.
RFC 9728 discovery
401 responses carry WWW-Authenticate: Bearer resource_metadata=… so conforming MCP clients can auto-discover and reconnect.
Strict CSP, per-request nonces
The Angular app ships with a tight Content-Security-Policy and rotates nonces per request. nginx adds the rest of the security header set.
Your data is yours
One-click data export. One-click account deletion. Self-host the whole stack — it's a single docker compose up.
PHPStan max, zero-warning lint
Backend at PHPStan max with bleedingEdge + strict + cognitive-complexity rules. Frontend lint runs --max-warnings=0. Tested via a real database, not mocks.
Open source, MIT
Read the code. Audit the OAuth flow. Run a fork. The hosted product and the source are the same codebase.
Stop describing tasks to your agent. Let it manage them.
Free to try. Free to self-host. Connect your first MCP client in under a minute.