Scenarios as tools access control

By default, the mcp:use scope of your MCP token allows AI systems to access all active and on-demand scenarios across all of your Make organizations. To restrict access, you can append query parameters to the connection URL according to these levels: organization, team, and scenario.

Scenarios must be active with on-demand scheduling to be discoverable as MCP tools.

The following MCP token access control applies to scenario tools only. It does not restrict access to management tools and other tool types.

Organization level

https://<MAKE_ZONE>/mcp/api/v1/u/<MCP_TOKEN>/stateless?organizationId=<id>

The AI system can see all scenarios in any team within the specified organization.

Team level

https://<MAKE_ZONE>/mcp/api/v1/u/<MCP_TOKEN>/stateless?teamId=<id>

The AI system can see all scenarios within the specified team.

Scenario level

https://<MAKE_ZONE>/mcp/api/v1/u/<MCP_TOKEN>/stateless?scenarioId=<id>

The AI system can only see the specified scenario.

Alternatively, you can add /stream instead of /stateless in the connection URL. For SSE, add /sse .

You can also specify multiple values for each of the entities above using the following syntax: ?scenarioId[]=<id1>&scenarioId[]=<id2>

Currently, these levels are mutually exclusive and can't be combined.

PreviousConnect using MCP token NextUsage with Cursor

Last updated 5 days ago