Fully Autonomous Deck Extraction: Let Claude Read the Verification Code Itself

Pair the DeckExtract MCP with a mail connector — Claude's built-in Gmail or Microsoft 365, or AnyMailMCP for any IMAP inbox — and email-verified decks extract end to end without you touching an inbox.

DeckExtract

You ask Claude to extract a deck, and half a minute later there's a PDF in the conversation. That's the normal DeckExtract MCP experience — until the deck is locked to your email address. Then Papermark emails you a 6-digit verification code, or DocSend emails you a confirmation link, and suddenly you're the slowest component in the pipeline: tab over to the inbox, find the email, copy the code, paste it back.

This guide removes that last manual step. Give Claude access to the same inbox the code lands in — via the built-in Gmail or Microsoft 365 connectors, or AnyMailMCP for everything else — and the whole flow runs hands-free: Claude requests the deck, reads the verification email, passes the code back to DeckExtract, and hands you the PDF.

What's already automatic (and what wasn't)

Most protected decks never needed your help in the first place. The deckextract tool already handles:

  • Passcode-protected decks — pass the password and it's entered for you.
  • "Any email" gates — when a deck just wants an address, the server generates an ephemeral one, receives DocSend's verification email itself, and clicks the link. Fully server-side, nothing to do.

The exception was decks that only accept a specific address — yours, because the sender allowlisted it or enabled strict email verification. The code or link goes to your real inbox, and no amount of server-side cleverness can read your mail for you. That step used to mean a human round-trip.

The two verification gates, now resumable over MCP

As of v1.3.0, the hosted MCP server exposes the same two-step resume flow the website has always had:

  • Papermark (6-digit code): the tool replies with requires_email_otp and an otpSessionId — the live viewer session is parked server-side for about 5 minutes. Retry with the same url and email, plus otp (the code) and otpSessionId.
  • DocSend (confirmation link): the tool replies with requires_email_confirmation and a sessionId. Retry with url set to the confirmation link from the email, the same email, and the sessionId.

The gate replies aren't dead-end errors — they include the exact retry call as machine-readable JSON, written for the agent rather than for you:

{
  "status": "requires_email_otp",
  "email": "maxime@yourfund.com",
  "otpSessionId": "f3a9c2…",
  "expiresInSeconds": 300,
  "retryWith": {
    "url": "https://papermark.com/view/…",
    "email": "maxime@yourfund.com",
    "otp": "<6-digit code from the verification email>",
    "otpSessionId": "f3a9c2…"
  }
}

All that's missing is a way for Claude to read the verification email. That's the mail connector's job.

Give Claude eyes on the inbox (pick one)

Option 1: Gmail — built into Claude

If the deck is locked to a Gmail or Google Workspace address, use Claude's native connector: Settings → Connectors → Gmail → Connect, sign in with Google, and grant access (setup guide). It's included on paid plans; on Team and Enterprise an admin enables it org-wide first. Claude gets search-and-read access to your mail — which is exactly enough for this flow, since it only ever needs to find one verification email.

Option 2: Microsoft 365 / Outlook — built into Claude

For inboxes on Exchange Online, the Microsoft 365 connector covers Outlook mail the same way. Two caveats: it requires a Microsoft work or school account (an Entra tenant) — personal @outlook.com mailboxes can't connect — and on Team/Enterprise plans an owner has to enable the connector in organization settings before members can link their accounts.

Option 3: Any other inbox — AnyMailMCP

Plenty of deal-flow inboxes live on neither Google nor Microsoft: a custom domain hosted at OVH, Gandi, Infomaniak, IONOS, one.com, Zoho, Fastmail, Titan, mailbox.org, or a cPanel/Plesk box. Claude has no native connector for those — but AnyMailMCP does, over plain IMAP.

It's set up exactly like DeckExtract itself: Settings → Connectors → Add custom connector, paste https://anymailmcp.com/mcp, and link your mailbox. Claude then gets search_emails and read_email tools against that inbox — and the free tier (150 calls/month) is more than enough when each verification round-trip costs a couple of calls.

Your inboxUseNotes
Gmail / Google WorkspaceBuilt-in Gmail connectorPaid plans; OAuth, no credentials shared
Exchange Online / OutlookBuilt-in Microsoft 365 connectorWork/school accounts only; admin-enabled on Team/Enterprise
Custom domain (OVH, Gandi, Zoho, Fastmail, …)AnyMailMCPIMAP; add https://anymailmcp.com/mcp as a custom connector

Run the whole thing with one prompt

With both connectors active, this is the entire workflow:

Extract https://papermark.com/view/8b3k… as a PDF. Use maxime@yourfund.com as the viewer email. If it asks for a verification code, check my inbox for it and continue — don't ask me.

What Claude does, unattended:

  1. Calls deckextract with the link and your email → gets requires_email_otp with an otpSessionId.
  2. Searches the connected inbox for the newest verification email and reads the 6-digit code.
  3. Calls deckextract again with otp + otpSessionId → gets the download link (and, on Pro, the structured analysis if you asked for one).

The DocSend variant differs only in step 3: instead of a code, Claude copies the confirmation URL out of the email and retries with that link as the url, echoing the sessionId.

If you extract decks all day, make the instruction standing instead of repeating it: add a line like "When a DeckExtract extraction returns an email-verification gate for maxime@yourfund.com, look up the code in my inbox and retry — don't ask" to your Claude project instructions. From then on, pasting a link is the whole job. (For collecting decks at scale, see our guide on automating pitch deck collection with MCP.)

Timing, limits, and the honest caveats

  • The OTP window is ~5 minutes. The parked viewer session expires after that (the platform's code usually does too). Claude's retry loop fits comfortably; a coffee break does not.
  • Email delivery can lag. If the inbox search comes up empty, have Claude wait a moment and search again — codes typically land within a minute.
  • A wrong code isn't fatal. The gate comes back with a fresh otpSessionId; the retry instructions tell the agent to always use the newest one.
  • Quota is charged once. A two-step verified extraction counts as a single extraction against the free plan's monthly 5 — the gate reply itself is free.
  • This automates typing, not authorization. If a deck is allowlisted to someone else's address, connecting your own inbox changes nothing — you can only automate verification for email addresses whose mail you can legitimately read.
  • Least privilege applies. The flow only ever reads one verification email. The built-in connectors use OAuth (no passwords shared); AnyMailMCP stores IMAP credentials encrypted. DeckExtract itself never sees your mailbox — it only receives the code or link you would have typed.

Set it up

  1. Connect the DeckExtract MCP server — https://deckextract.com/mcp — following the setup page.
  2. Connect your inbox: Gmail or Microsoft 365 from Claude's connector settings, or AnyMailMCP for any IMAP mailbox.
  3. Paste a deck link and let the agent do the round-trip.

New to the MCP server? Start with Extract DocSend decks without leaving Claude, or see which MCPs are worth a VC's time.