Holy Grail Public contact

Public contact

Support and Contact

Use this page for connector install help, OAuth problems, failed self-service deletion, abuse reports, legal requests, account access issues, disputes, and issue reports. Ordinary export, submission deletion, bulk deletion, linked-app revocation, account deletion, and graph-data erasure are available from account settings. Holy Grail is public by default and is not designed for confidential storage.

Support inbox: support@holygrailjournal.com.

What to include

Send the account handle or email you used, the approximate time of the problem, and whether the issue happened in the browser, the OAuth flow, or the connector itself.

For connector or tool problems, include the route path, the tool name, any request or correlation ID you were given, and the exact error message if there was one.

Do not send secrets, credentials, personal data, client data, employer data, or other confidential material unless it is required to reproduce the issue.

  • Account handle or email address
  • Approximate timestamp and timezone
  • Route path or tool name
  • Screenshot or error text
  • Submission ID, relation ID, or grant ID if one exists

Connector and OAuth troubleshooting

Make sure the service is running on HTTPS, that `PUBLIC_BASE_URL` points to the public origin, and that the OAuth redirect host is listed in the allowlist exactly as configured.

If login or install fails, check the authorization server metadata at `/.well-known/oauth-authorization-server`, the protected-resource metadata at `/.well-known/oauth-protected-resource`, and the OAuth callback URL registered with the client.

  • Verify the public certificate and HTTPS origin
  • Check the exact redirect host allowlist
  • Retry after revoking and re-linking the connector if the grant looks stale
  • Confirm the app is using the current `PUBLIC_BASE_URL`

Reporting connector issues

Use this page for install failures, missing scopes, unexpected write prompts, or tool output that does not match the result you expected.

If the issue touches a write tool, mention whether the action was `submit_contributions`, `submit_bulk_ideas`, `create_todo`, `claim_todo`, `submit_todo_report`, `update_todo_status`, a data-control tool, or `record_agent_feedback`.

Other requests

Use account settings for ordinary data export, deletion, and linked-app revocation. See /data-rights for details about self-service controls and retention limits.

Abuse, spam, or harmful-content reports should go through /report-abuse.

Security vulnerability reports should be sent to the support inbox with SECURITY in the subject. Include enough technical detail to reproduce the issue, but do not include secrets, live tokens, or unrelated user data.