Skip to content

docs: add Restricting Tool Access section for MCP server#863

Merged
Matovidlo merged 3 commits intomainfrom
devin/1768896618-mcp-tool-authorization-docs
Jan 26, 2026
Merged

docs: add Restricting Tool Access section for MCP server#863
Matovidlo merged 3 commits intomainfrom
devin/1768896618-mcp-tool-authorization-docs

Conversation

@Matovidlo
Copy link
Contributor

@Matovidlo Matovidlo commented Jan 20, 2026

Jira issue(s): N/A

Changes:

  • Add new "Restricting Tool Access" section to MCP server documentation
  • Document three HTTP headers for tool authorization: X-Allowed-Tools, X-Disallowed-Tools, and X-Read-Only-Mode
  • Include use cases for AI agent restrictions, compliance/security, and customer-specific access
  • Link to developers-docs for detailed technical documentation

Updates since last revision:

  • Added clarification that headers are set by the client (e.g., AI agent integration or custom MCP client) when making HTTP requests, not through Keboola project settings

Link to Devin run: https://app.devin.ai/sessions/4ccc6d6f64aa49a6823bf2e09c8a5091
Requested by: Martin Vasko (@Matovidlo)

Related PRs:

Human Review Checklist:

  • Verify the link to developers-docs (https://developers.keboola.com/integrate/mcp/#tool-authorization-and-access-control) will work after the corresponding developers-docs PR is merged
  • Confirm header names match the implementation in mcp-server PR Add azure datalake gen 2 docs #350
  • Verify placement after "Available Tools" section is appropriate
  • Verify the client-side header clarification is accurate per the implementation

@devin-ai-integration
Copy link
Contributor

🤖 Devin AI Engineer

I'll be helping with this pull request! Here's what you should know:

✅ I will automatically:

  • Address comments on this PR. Add '(aside)' to your comment to have me ignore it.
  • Look at CI failures and help fix them

Note: I can only respond to comments from users who have write access to this repository.

⚙️ Control Options:

  • Disable automatic comment and CI monitoring

Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This pull request adds documentation for a new "Restricting Tool Access" feature in the Keboola MCP server, allowing users to control which tools are available to AI agents through HTTP headers.

Changes:

  • Adds a new "Restricting Tool Access" section documenting three HTTP headers for tool authorization (X-Allowed-Tools, X-Disallowed-Tools, X-Read-Only-Mode)
  • Documents use cases for AI agent restrictions, compliance/security controls, and customer-specific access profiles
  • Links to external developer documentation for detailed technical specifications

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@Matovidlo Matovidlo marked this pull request as ready for review January 22, 2026 15:18
devin-ai-integration bot and others added 3 commits January 26, 2026 15:06
Co-Authored-By: Martin Vasko <Matovidlo2@gmail.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-Authored-By: Martin Vasko <Matovidlo2@gmail.com>
@Matovidlo Matovidlo force-pushed the devin/1768896618-mcp-tool-authorization-docs branch from 63eb676 to baaad47 Compare January 26, 2026 14:06
@Matovidlo Matovidlo merged commit ceb02c4 into main Jan 26, 2026
1 check passed
@Matovidlo Matovidlo deleted the devin/1768896618-mcp-tool-authorization-docs branch January 26, 2026 14:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants