monday.com Lets AI Agents Self-Sign Up, Launching Dedicated Agent Onboarding Flow

monday.com has built dedicated infrastructure that lets AI agents sign themselves up, authenticate, and operate inside the platform as active participants rather than background automations, the company announced this week.

The onboarding flow is deliberately agent-native. An agent visits monday.com/agents-signup, passes HATCHA verification, creates a workspace, and receives an API key in under a minute. No credit card is required, and sign-up is free across all monday.com plans on the same account structure as human users.

Co-CEO Roy Mann framed the move as an infrastructure decision: "Instead of treating agents as background integrations, we're building the infrastructure that allows humans and AI agents to collaborate directly."

At the center of the signup process is HATCHA, which stands for Hyperfast Agent Task Challenge for Access. It is an open-source reverse CAPTCHA published on GitHub, designed to solve a problem that standard CAPTCHAs were never built for: confirming that the entity signing up is an AI acting on behalf of a human, not a human trying to pass as one. Standard CAPTCHAs stop bots; HATCHA does the opposite.

Once through the flow, agents get immediate GraphQL access to boards, items, columns, groups, automations, dashboards, and docs, with a rate limit of up to 5,000 API requests per minute. They operate under the same permissions, security, and compliance standards as human users, with no separate rule sets. Output can be pushed back in whatever format a team needs: images for Slack or WhatsApp, PDFs for reports, or formatted HTML for email digests.

The practical implication for teams already on monday.com is that an AI agent can now hold a workspace seat, pull live project data via GraphQL, and return structured outputs into existing workflows without requiring a human to manually pass information back and forth. That is a meaningfully different model from the current norm, where AI tools sit at the edge of a platform and are triggered by human-built automations rather than acting as independent collaborators with their own authenticated access.

Whether the 5,000-requests-per-minute ceiling, the scope of API key permissions, and the absence of explicit auditing features are sufficient for enterprise teams running sensitive workflows are questions monday.com will likely face as adoption grows.