Built to make permissions disappear,
Soda Straw is how agents access your data.

Request access
Inspired by A Sunday on La Grande Jatte·Georges Seurat, 1886
Soda Straw · Acme Labs
Home
MR
Hey Marisol, here's what's happening in Acme Labs
Activity feed
Request inbox
Today
10:42
Alex Chen requested read access to snowflake-prod
Straws
10:15
analytics-agent completed a run
Agents · 24 rows returned from notion-docs
09:58
You approved read access to postgres-main for Alex Chen
Straws · Approved
09:41
notion-docs completed a sync
Straws · 128 pages indexed
No access requests
Name Type Agents Users Owner Connection
warehouse-prod
Database · OAuth 3 agents 8 users Marisol Reyes Active
notion-docs
MCP · OAuth 5 agents 12 users Alex Kim Active
postgres-main
Database · Basic auth 2 agents 4 users Marisol Reyes Active
salesforce
API · OAuth 1 agent 6 users Priya Shah Authorization required
data-lake
API · API key 1 agent 3 users Alex Kim Active
team-workspace
MCP · OAuth 2 agents 18 users Marisol Reyes Paused
Name Straws Owner Status
A
analytics-agent
Answers data questions from Slack
3 straws Marisol Reyes Healthy
C
claude-code
Your pair programmer, acting on your behalf
5 straws Marisol Reyes Running
S
support-bot
Triages incoming support tickets
2 straws Alex Kim Healthy
M
meeting-summarizer
Summarizes the weekly leadership sync
1 straw Priya Shah Failing
F
forecast-pipeline
Nightly revenue forecasts from warehouse
2 straws Marisol Reyes No runs

Settings

Account
API keys
Users
Profile
Name
Email
marisol@acme.com
Role
Admin
API keys
sk_prod_••••••••••4a72
Created Mar 12 · Last used 2h ago
sk_dev_••••••••••9c01
Created Apr 02 · Last used 12d ago
Team members
MR
Admin
AC
Member
SK
Member
Home
⌘J
Claude Code
Ghostty

Fast for builders.
Safe for admins.

Connect every source in one place.

Postgres, Snowflake, Salesforce, MCP servers — drop in whatever your team uses. Soda Straw holds the credential once so nobody pastes keys into a Slack DM again.

Inspired by Paris Street; Rainy Day·Gustave Caillebotte, 1877
Soda Straw · Straws
Name Type Agents Users Connection
warehouse-prod Snowflake 3 8 Active
postgres-main Postgres 2 4 Active
gmail Gmail 1 5 Active
linear Linear 1 3 Auth required
stripe Stripe 2 6 Active
salesforce Salesforce 1 6 Auth required
notion-docs Notion 0 1 Active

Add a straw

Popular integrations
Authorize Notion

Soda Straw will read the pages and databases you grant access to. You can revoke anytime.

Read pages and databases
No writes, no deletes
Connecting to Notion…
notion-docs connected

Available to all team members with access.

Inspired by Luncheon of the Boating Party·Pierre-Auguste Renoir, 1881
Soda Straw · Straws
NameTypeAgentsUsersConnection
warehouse-prodSnowflake 3 8 Active
postgres-mainPostgres 2 4 Active
gmailGmail 1 5 Active
linearLinear 1 3 Auth required
stripeStripe 2 6 Active
salesforceSalesforce 1 3 Auth required
User access for salesforce
Grant or revoke access as an admin.
ACCESS (3)
MR Marisol Reyes
AK Alex Kim
PS Priya Shah
NO ACCESS (2)
CC Claude Code
RS Raj Srinivasan

Share access without guesswork.

Grant read, write, or full permission per person, per agent, per straw. Revoke in a click. Every change lands in the feed — no more "who gave prod to the intern bot?"

Plug into any agent, any tool.

Claude Code, Cursor, your own backend — anything that speaks MCP pours through the same straws, under the same permissions. No secrets in prompts, no keys in env files.

Inspired by Apple Harvest·Camille Pissarro, 1888
iTerm
iTerm2
Inspired by Bathers at Asnières·Georges Seurat, 1884
Soda Straw · Agent
W
weekly-top-accounts
Created just now · runs weekly
Active
Claude Managed Agents Every Monday · 09:00
Scoped identity agent_wta_7gx4k
Locked to only the straws and access levels below.
salesforce read
notion write
3 successful runs Next run in 3d 18h

Turn a session into an agent.

One prompt ships the work you just did as a scheduled agent on Claude Managed Agents or wherever else you run things. Soda Straw gives it a dedicated identity, scoped to only the straws and access levels you used. Least-privilege, by default.