MCP role-based access control
MCP role-based access control
MCP now enforces the Ada dashboard role on every OAuth-authenticated tool call. Owners and Admins can call every tool, while Agents and Read Only users can call read-only tools only — write tools like propose_change are blocked with a permission error and hidden from the assistant’s tool list. Read Only users can now connect to MCP; previously they were blocked at sign-in.
Learn more in the MCP authentication documentation.