decoy logodecoy
for consumer agents that act through real accounts

give your agent the info it needs.
not your user's whole life story.

Decoy gives your agent the password, email code, passkey or personal detail the task needs. not all of the user's emails and passwords.

Decoy lets users choose what it can access, when it can access it, and for how long. Decoy records every data access.

add to your agent
# add Decoy to any MCP client
$ npx decoy-mcp-server

ready http://localhost:3001/mcp
your agent requestsNike login + inbox
Decoy on iPhoneAllow for 1 month
approvedagent can continue

the user sees exactly what your agent requested and decides what to allow.

the usual shortcut asks users to trust too much.

connecting Google or a password manager can expose far more than the task actually needs.

G Sign in with Google

Your AI app wants access to your Google Account

This can let the app:

  • read every message in Gmail
  • send and delete email
  • keep access until the user removes it
convenient for the app. a lot to ask from the user.

integrate Decoy once. complete the whole authenticated task.

Decoy handles passwords, email codes, passkeys and autofill through one MCP server or API.

passwords

give the agent an approved username and password.

email and 2fa

read an emailed code, generate a TOTP or send from a disposable address.

passkeys

sign on the user's phone without releasing the private key.

autofill

use an approved name, address, phone number or card.

users see the access and the activity.

clear before the task. reviewable after it.

Claude CodeConnected App
Claude Code can
use 2 selected accounts
read the Nike inbox
use saved info · expires Aug 10
ActivityToday · 3 actions
Used your Nike loginClaude Code · 2m ago
Unlocked an email for NikeClaude Code · 1m ago
Used your saved addressClaude Code · just now

Decoy records every data access so users can see what happened and revoke access.

stored in Decoyonly what the user adds or imports
allowed for the agentonly what the user approves
received by the agentonly what it requests within that access
seen by Decoy's serverencrypted data, never plaintext

what your agent can do with decoy.

sign into a website

use an approved password or passkey.

complete 2FA

read an emailed code or generate a live TOTP.

finish checkout

use an approved name, address and card.

read and reply to email

use a service-specific inbox without connecting Gmail.

what developers ask.

users install Decoy, add or import only what they need, and approve your agent. typical setup takes under one minute.

no. they can add only the accounts your agent needs. Decoy imports from Apple Passwords. passwords exported as CSV from other managers can be saved through the Decoy API. native CSV import is coming soon.

yes. after approval, the phone decrypts the password and encrypts it directly to the agent. the agent receives the plaintext password; Decoy's server never does. passkeys work differently: the phone signs the challenge and the private key never leaves the device.

Decoy keeps approved access working until it expires or the user revokes it. the phone is needed for new access and every passkey sign-in.

your agent gets a clear denied, expired or retryable error. it can ask the user, pause the task or take another path instead of failing silently.

let your agent act. let your user stay in control.

Decoy helps your agent complete authenticated tasks without asking for all of a user's emails, passwords and personal data.