Connect Looker to ChatGPT: Query data and manage BI user accounts

Giving a Large Language Model (LLM) read and write access to your primary Business Intelligence platform is a significant engineering challenge. If you need to connect Looker to ChatGPT to run ad-hoc data queries, manage BI user access, or extract dashboard metrics, you need a Model Context Protocol (MCP) server. This server acts as the translation layer between ChatGPT's tool calls and Looker's REST APIs.

If your team uses Claude, check out our guide on connecting Looker to Claude or explore our broader architectural overview on connecting Looker to AI Agents.

You can either build and maintain this infrastructure yourself, or use a managed integration platform like Truto to dynamically generate a secure, authenticated MCP server URL. This guide breaks down exactly how to use Truto to generate a secure MCP server for Looker, connect it natively to ChatGPT, and execute complex analytics and administrative workflows using natural language.

The Engineering Reality of the Looker API

A custom MCP server is a self-hosted integration layer. While the open MCP standard provides a predictable way for models to discover tools, the reality of implementing it against Looker's API is painful. You aren't just integrating standard REST resources - you are interfacing with a complex semantic layer (LookML), asynchronous execution queues, and strict RBAC models.

If you decide to build a custom MCP server for Looker, you own the entire API lifecycle. Here are the specific integration challenges that break standard CRUD assumptions when working with Looker:

Query Immutability and the LookML Semantic Layer

Looker does not let you just GET /data. Queries in Looker are treated as immutable objects. To get data out of Looker, you typically create a query object that specifies a LookML model, an explore (view), fields, filters, and sorts. The API returns a query_id. If you want to change a filter, you cannot update the existing query - you must create a new one. Your MCP server must understand how to construct these complex JSON query definitions and map LLM intents to the correct underlying LookML models. If the LLM hallucinates a field name that does not exist in the LookML model, the query fails entirely.

Asynchronous Tasks and Rendering Queues

When an LLM asks to generate a report or render a dashboard as an image, that process is rarely synchronous. Dashboards with multiple elements can take minutes to compute. The Looker API handles this via asynchronous render tasks (create_a_looker_dashboard_render_task). Your MCP server must be built to handle polling mechanisms, checking the status of a render_task_id until it completes, and then fetching the binary document. If your MCP server forces a synchronous timeout, the LLM will assume the action failed.

Managing Rate Limits and 429 Errors

Looker enforces rate limits to protect database performance. If an AI agent gets stuck in a loop and tries to run 50 heavy queries at once, Looker will return a 429 Too Many Requests error. It is critical to understand how this is handled in a managed infrastructure. Factual note on rate limits: Truto does not retry, throttle, or apply backoff on rate limit errors. When an upstream API like Looker returns an HTTP 429, Truto passes that error directly to the caller. Truto normalizes upstream rate limit info into standardized headers (ratelimit-limit, ratelimit-remaining, ratelimit-reset) per the IETF spec. The AI client or caller is responsible for implementing appropriate retry and exponential backoff logic.

How to Create the Looker MCP Server

Instead of building a translation layer from scratch, you can use Truto to dynamically generate an MCP server scoped specifically to your connected Looker instance. Truto derives the tool schemas directly from the Looker API documentation, meaning as endpoints update, your tools stay accurate.

You can generate this server using the Truto UI or programmatically via the API.

Method 1: Via the Truto UI

For teams who want to provision access manually without writing code, the UI is the fastest path.

1. Navigate to your Truto dashboard and select the Integrated Accounts section.
2. Click on the specific Looker integrated account you want the LLM to access.
3. Navigate to the MCP Servers tab.
4. Click Create MCP Server.
5. Configure the server. You can name it (e.g., "Looker Data Operations"), apply tag filters (e.g., only include tools tagged with "queries"), and set an expiration date.
6. Click Create and immediately copy the generated MCP server URL. This URL contains the cryptographic token needed for authentication.

Method 2: Via the Truto API

For platform engineering teams automating agent infrastructure, you can generate MCP servers programmatically. This is ideal for provisioning ephemeral access to Looker for a specific automated script.

Make a POST request to the /integrated-account/:id/mcp endpoint:

curl -X POST "https://api.truto.one/api/integrated-account/YOUR_ACCOUNT_ID/mcp" \
  -H "Authorization: Bearer YOUR_TRUTO_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "Looker Admin Agent",
    "config": {
      "methods": ["read", "write"],
      "tags": ["users", "roles", "queries"]
    },
    "expires_at": "2026-12-31T23:59:59Z"
  }'

The response will contain the secure URL you need to pass to ChatGPT:

{
  "id": "mcp_abc123",
  "name": "Looker Admin Agent",
  "config": {
    "methods": ["read", "write"],
    "tags": ["users", "roles", "queries"]
  },
  "url": "https://api.truto.one/mcp/TOKEN_STRING"
}

How to Connect the MCP Server to ChatGPT

Once you have the Truto MCP server URL, you must register it with your ChatGPT environment. You can do this via the native ChatGPT UI or through a manual configuration file for local development.

Method A: Via the ChatGPT UI

If you are using ChatGPT Enterprise or Pro with Custom Connectors enabled:

1. In ChatGPT, navigate to Settings -> Apps -> Advanced settings.
2. Toggle Developer mode to ON.
3. Under the MCP servers / Custom connectors section, click Add new server.
4. Set the Name (e.g., "Looker Analytics Engine").
5. Paste the Truto MCP server URL generated in the previous step.
6. Click Save. ChatGPT will immediately ping the server, execute the handshake, and ingest the Looker tool schemas.

Method B: Via Manual Config File (Local Agents & Desktop)

If you are running local agents, testing via Claude Desktop, or using an open-source framework, you configure the connection via a JSON file using the SSE transport.

Add the following to your MCP configuration file (e.g., mcp_config.json):

{
  "mcpServers": {
    "looker_integration": {
      "command": "npx",
      "args": [
        "-y",
        "@modelcontextprotocol/server-sse",
        "--url",
        "https://api.truto.one/mcp/TOKEN_STRING"
      ]
    }
  }
}

This configuration instructs your local MCP client to connect to Truto's JSON-RPC 2.0 endpoint.

Looker Hero Tools

Truto exposes over a hundred Looker API endpoints as tools. When configuring your MCP server, you should restrict access to the specific domain your agent needs to operate in. Here are the highest-leverage hero tools for querying data and managing BI environments.

looker_query_run_inline

Instead of fetching a pre-saved Look, this tool allows ChatGPT to construct and execute ad-hoc LookML queries dynamically. It requires the LLM to know the model and view names, making it incredibly powerful for data exploration.

Usage note: The LLM must pass the result format (e.g., json) and the query body containing fields and filters. This bypasses the need to create a permanent query object in the Looker database.

"Run an inline query against the 'sales_metrics' model and 'orders' view. Return the total revenue and order count grouped by month for the last 12 months. Return the results in JSON format."

get_single_looker_dashboard_by_id

This tool retrieves the full metadata configuration of a Looker dashboard, including its layout, applied filters, and underlying dashboard elements.

Usage note: This is critical when an LLM needs to understand what data a specific executive is looking at. By analyzing the dashboard elements, the LLM can extract the underlying query IDs to fetch the actual raw data later.

"Fetch the configuration for dashboard ID 142. Tell me what filters are currently applied and list the titles of the individual dashboard elements."

create_a_looker_user

Provisioning BI access is a common IT helpdesk task. This tool allows the AI agent to create a new user record in Looker, setting up their initial profile.

Usage note: This only creates the core user record. To give the user actual access to data models, the LLM must follow up by assigning roles or adding them to a specific group.

"Create a new Looker user for Sarah Connor. Her email is sconnor@company.com, and her first and last names are Sarah and Connor. Make sure the account is enabled."

update_a_looker_user_role_by_id

Looker relies heavily on RBAC to ensure users only see data they are authorized to view. This tool overwrites the roles assigned to a specific user.

Usage note: The LLM must supply an array of role IDs. It is best practice to have the LLM call list_all_looker_roles first to ensure it assigns the correct integer IDs.

"Update the roles for user ID 89. Assign them the 'Financial Analyst' role and the 'Standard User' role. Please double-check the role IDs before applying the update."

looker_looks_run

This tool executes a saved Look (a pre-configured report) and returns the data payload.

Usage note: This is the safest way to give an LLM access to data, as the Look is pre-vetted by data engineering. The LLM only needs the look_id and the desired result_format.

"Run Look ID 512, which contains our weekly churn metrics. Give me the results in JSON and write a two-paragraph summary of the week-over-week changes."

looker_sql_runner_query_run

For advanced analytical agents, this tool bypasses LookML entirely and executes raw SQL against a specified database connection configured in Looker.

Usage note: This is a high-risk operation that should be restricted to highly trusted internal agents. The LLM must pass the exact SQL syntax and the slug of a previously created SQL runner query.

"Run the SQL runner query with slug 'xyz123' to fetch the raw database logs from our Snowflake connection. Format the output as JSON."

For the complete schema definitions and the full list of available Looker operations, visit the Looker integration page.

Workflows in Action

Exposing tools individually is helpful, but the true power of MCP lies in allowing ChatGPT to chain these tools together to execute multi-step workflows. Here are real-world examples of how AI agents interact with Looker.

Scenario 1: IT Helpdesk Provisioning a New Data Analyst

An IT administrator asks ChatGPT to set up a new employee in the BI platform.

"We just hired John Doe (jdoe@company.com). Please create a Looker account for him. He needs access to the 'Marketing Analytics' role and should be added to the 'Growth Team' group."

Step-by-step execution:

1. The agent calls create_a_looker_user with John's email and name, receiving user_id: 145 in the response.
2. The agent calls list_all_looker_roles to find the integer ID for "Marketing Analytics" (e.g., role_id: 12).
3. The agent calls update_a_looker_user_role_by_id passing user_id: 145 and [12].
4. The agent calls looker_groups_search with the query "Growth Team" to find group_id: 8.
5. The agent calls create_a_looker_group_user passing the group ID and user ID to finalize the onboarding.

Result: The LLM successfully provisions the user, assigns the correct permissions, and confirms back to the IT admin that the account is ready, all in under 10 seconds.

Scenario 2: Executive Requesting Ad-Hoc Revenue Metrics

A VP of Sales asks their AI assistant for specific numbers that aren't on the standard dashboard.

"I need to know our total closed-won revenue from enterprise accounts in Q3, broken down by region. Please query Looker for this data."

Step-by-step execution:

1. The agent calls looker_query_run_inline.
2. It constructs a JSON payload specifying the model as "salesforce_data", the view as "opportunities", and adds filters for opportunities.stage = 'Closed Won', opportunities.type = 'Enterprise', and a date filter for Q3.
3. It specifies the fields opportunities.total_revenue and accounts.region.
4. Looker processes the query and returns a JSON array of the aggregated data.
5. The agent reads the JSON and formats it into a markdown table for the VP.

Result: The VP gets immediate, accurate data directly from the LookML semantic layer without waiting for a data analyst to write a custom query.

Scenario 3: Auditing Dashboard Permissions

A security officer wants to verify who has access to a highly sensitive financial dashboard.

"Audit the 'Q4 Board Financials' dashboard. Tell me who created it, what folder it lives in, and what roles have access to that folder."

Step-by-step execution:

1. The agent calls looker_dashboards_search with the title "Q4 Board Financials" to retrieve the dashboard_id and the parent folder_id.
2. The agent calls get_single_looker_folder_by_id to inspect the folder's access control metadata.
3. The agent calls list_all_looker_content_metadata_access passing the folder's content_metadata_id to retrieve the exact user and group IDs that have view or edit rights.
4. The agent synthesizes this data into an audit report.

Result: The security officer receives a clear map of exactly who can view the financial data, ensuring compliance without digging through Looker's admin panels manually.

Security and Access Control

Giving an LLM access to your company's core BI platform requires strict governance. Truto's MCP servers are designed with infrastructure-level access controls to limit blast radius.

• Method Filtering: You can restrict a Looker MCP server to only execute read operations (e.g., running queries, listing users). If the LLM hallucinates an attempt to delete_a_looker_user_by_id, the MCP server rejects the request at the protocol layer before it ever reaches Looker.
• Tag Filtering: Truto allows you to generate MCP servers scoped to specific tool tags. You can create a "Reporting MCP" that only contains query and look execution tools, ensuring the agent has zero access to user administration endpoints.
• require_api_token_auth: By default, the MCP server URL contains a secure cryptographic hash. For enterprise deployments, you can enable this flag, requiring the client to also pass a valid Truto API token in the Authorization header, adding a strict second factor of authentication.
• expires_at: For temporary audits or contractor agents, you can set an ISO timestamp on the MCP server. Truto's infrastructure will automatically schedule a cleanup alarm, purging the server, its tokens, and KV storage exactly when time expires.