Archestra Logo
Star us on GitHub ⭐

Archestra MCP Server

Built-in MCP server providing tools for managing Archestra platform resources

63 min read

The Archestra MCP Server is a built-in MCP server that ships with the platform and requires no installation. It exposes tools for managing platform resources such as agents, MCP servers, policies, and limits.

Most tools require explicit assignment to Agents or MCP Gateways before they can be used. The following tools are pre-installed on all new agents by default: artifact_write, todo_write.

Additionally, query_knowledge_sources is automatically assigned to Agents and MCP Gateways that have at least one knowledge base or knowledge connector attached. To use it, the user must have knowledgeSource:query.

All Archestra tools are prefixed with archestra__ and are always trusted — they bypass tool invocation and trusted data policies.

Auth

Archestra tools are trusted, meaning they bypass tool invocation policies and trusted data policies — the tool will always execute without policy evaluation.

However, RBAC (role-based access control) is still enforced. Every tool is mapped to a required permission (resource + action). The tools/list endpoint dynamically filters tools so users only see tools they have permission to use. For example, a user without knowledgeSource:create permission will not see create_knowledge_base in their tool list and cannot execute it.

Tools Reference

Identity

ToolDescriptionRequired RBAC Permission
whoamiReturns the name and ID of the current agent.None (no additional RBAC permission required)

whoami

Required RBAC permission: None (no additional RBAC permission required)

This tool takes no arguments.

Output
FieldTypeRequiredDescription
agentIdstringYesThe ID of the current agent.
agentNamestringYesThe display name of the current agent.

Agents

ToolDescriptionRequired RBAC Permission
create_agentCreate a new agent with the specified name, optional description, labels, prompts, icon emoji, explicit tool assignments, and sub-agent delegations.agent:create
get_agentGet a specific agent by ID or name.agent:read
list_agentsList agents with optional filtering by name.agent:read
edit_agentEdit an existing agent.agent:update

create_agent

Required RBAC permission: agent:create

Input
ParameterTypeRequiredDescription
namestringYesName for the new resource.
scope"personal" | "team" | "org"NoVisibility scope. Defaults to personal for agents and org for LLM proxies/MCP gateways unless teams are provided.
labelsobject[]NoOptional key-value labels for organization and categorization.
labels[].keystringYes
labels[].valuestringYes
teamsstring[]NoTeam IDs to attach when creating a team-scoped resource.
toolExposureMode"full" | "search_and_run_only"NoHow tools should be exposed to MCP clients and models. Use 'search_and_run_only' to expose only search_tools and run_tool while keeping the full assigned tool set searchable and runnable.
descriptionstring | nullNoOptional human-readable description of the agent.
iconstring | nullNoOptional emoji icon for the agent.
knowledgeBaseIdsstring[]NoKnowledge base IDs to assign to the agent. Use get_knowledge_bases first when you need to look up IDs by name.
connectorIdsstring[]NoKnowledge connector IDs to assign directly to the agent. Use get_knowledge_connectors first when you need to look up IDs by name.
subAgentIdsstring[]NoAgent IDs to delegate to from this newly created agent.
suggestedPromptsobject[]NoOptional suggested prompts that appear in the chat UI.
suggestedPrompts[].summaryTitlestringYesShort title shown to users for this suggested prompt.
suggestedPrompts[].promptstringYesSuggested prompt text users can click to start a conversation.
systemPromptstring | nullNoThe system prompt that defines the agent's behavior.
toolAssignmentsobject[]NoExplicit tool assignments to create immediately after the agent is created.
toolAssignments[].toolIdstringYesThe ID of the tool to assign to the agent.
toolAssignments[].resolveAtCallTimebooleanNoWhen true, resolve credentials and execution target at tool call time. Prefer this for builder flows.
toolAssignments[].credentialResolutionMode"static" | "dynamic" | "enterprise_managed"No
toolAssignments[].mcpServerIdstring | nullNoOptional MCP server installation to pin the tool to when using static credential resolution.

get_agent

Required RBAC permission: agent:read

Input
ParameterTypeRequiredDescription
idstringNoThe ID of the agent to fetch. Prefer the ID when you already have it.
namestringNoThe exact name of the agent to fetch when you do not already have the ID.
Output
FieldTypeRequiredDescription
idstringYesThe resource ID.
namestringYesThe resource name.
descriptionstring | nullYesThe resource description, if any.
iconstring | nullYesThe emoji icon, if configured.
scope"personal" | "team" | "org"YesThe visibility scope.
toolExposureMode"full" | "search_and_run_only"YesHow tools are exposed to MCP clients and models.
agentType"agent" | "llm_proxy" | "mcp_gateway" | "profile"YesThe resource type.
systemPromptstring | nullNo
teamsobject[]YesThe teams attached to it.
teams[].idstringYesThe team ID.
teams[].namestringYesThe team name.
labelsobject[]YesAssigned labels.
labels[].keystringYesThe label key.
labels[].valuestringYesThe label value.
toolsobject[]YesAssigned tools.
tools[].idstringYesThe assigned tool ID.
tools[].namestringYesThe tool name.
tools[].descriptionstring | nullYesThe tool description, if any.
tools[].catalogIdstring | nullYesThe MCP catalog ID the tool comes from, if any.
knowledgeBaseIdsstring[]YesAssigned knowledge base IDs.
connectorIdsstring[]YesAssigned knowledge connector IDs.
suggestedPromptsobject[]YesConfigured suggested prompts.
suggestedPrompts[].summaryTitlestringYesThe short title shown in the chat UI.
suggestedPrompts[].promptstringYesThe suggested prompt text.

list_agents

Required RBAC permission: agent:read

Input
ParameterTypeRequiredDescription
limitintegerNoMaximum number of agents to return.
namestringNoOptional agent name filter. Use this when the user names an agent but you still need to look up the ID.
Output
FieldTypeRequiredDescription
totalnumberYesThe total number of matching agents.
agentsobject[]Yes
agents[].idstringYesThe agent ID.
agents[].namestringYesThe agent name.
agents[].scope"personal" | "team" | "org"YesThe agent scope.
agents[].descriptionstring | nullYesThe agent description, if any.
agents[].teamsobject[]YesTeams attached to it.
agents[].teams[].idstringYesThe team ID.
agents[].teams[].namestringYesThe team name.
agents[].labelsobject[]YesAssigned labels.
agents[].labels[].keystringYesThe label key.
agents[].labels[].valuestringYesThe label value.
agents[].toolsobject[]Yes
agents[].tools[].namestringYesThe tool name.
agents[].tools[].descriptionstring | nullYesThe tool description, if any.
agents[].knowledgeSourcesobject[]YesAssigned knowledge bases and connectors.
agents[].knowledgeSources[].namestringYesThe knowledge source name.
agents[].knowledgeSources[].descriptionstring | nullYesThe knowledge source description, if any.
agents[].knowledgeSources[].type"knowledge_base" | "knowledge_connector"YesWhether this source is a knowledge base or connector.

edit_agent

Required RBAC permission: agent:update

Input
ParameterTypeRequiredDescription
idstringYesThe ID of the agent to edit. Use get_agent or list_agents to look it up by name.
subAgentIdsstring[]NoAgent IDs to add as delegation targets.
toolAssignmentsobject[]NoExplicit tool assignments to add or update on the agent.
toolAssignments[].toolIdstringYesThe ID of the tool to assign to the agent.
toolAssignments[].resolveAtCallTimebooleanNoWhen true, resolve credentials and execution target at tool call time. Prefer this for builder flows.
toolAssignments[].credentialResolutionMode"static" | "dynamic" | "enterprise_managed"No
toolAssignments[].mcpServerIdstring | nullNoOptional MCP server installation to pin the tool to when using static credential resolution.
descriptionstring | nullNoNew description for the agent.
iconstring | nullNoNew emoji icon for the agent.
knowledgeBaseIdsstring[]NoReplace the agent's assigned knowledge bases with this set.
labelsobject[]NoReplace the agent's labels with this set.
labels[].keystringYes
labels[].valuestringYes
namestringNoNew name for the agent.
connectorIdsstring[]NoReplace the agent's directly assigned knowledge connectors with this set.
scope"personal" | "team" | "org"NoUpdated visibility scope for the agent.
toolExposureMode"full" | "search_and_run_only"NoHow tools should be exposed to MCP clients and models.
suggestedPromptsobject[]NoReplace the agent's suggested prompts.
suggestedPrompts[].summaryTitlestringYesShort title shown to users for this suggested prompt.
suggestedPrompts[].promptstringYesSuggested prompt text users can click to start a conversation.
systemPromptstring | nullNoNew system prompt for the agent.
teamsstring[]NoReplace the teams attached to a team-scoped agent.

LLM Proxies

ToolDescriptionRequired RBAC Permission
create_llm_proxyCreate a new LLM proxy with the specified name and optional labels.llmProxy:create
get_llm_proxyGet a specific LLM proxy by ID or name.llmProxy:read
edit_llm_proxyEdit an existing LLM proxy.llmProxy:update

create_llm_proxy

Required RBAC permission: llmProxy:create

Input
ParameterTypeRequiredDescription
namestringYesName for the new resource.
scope"personal" | "team" | "org"NoVisibility scope. Defaults to personal for agents and org for LLM proxies/MCP gateways unless teams are provided.
labelsobject[]NoOptional key-value labels for organization and categorization.
labels[].keystringYes
labels[].valuestringYes
teamsstring[]NoTeam IDs to attach when creating a team-scoped resource.
toolExposureMode"full" | "search_and_run_only"NoHow tools should be exposed to MCP clients and models. Use 'search_and_run_only' to expose only search_tools and run_tool while keeping the full assigned tool set searchable and runnable.

get_llm_proxy

Required RBAC permission: llmProxy:read

Input
ParameterTypeRequiredDescription
idstringNoThe ID of the LLM proxy to fetch. Prefer the ID when you already have it.
namestringNoThe exact name of the LLM proxy to fetch when you do not already have the ID.
Output
FieldTypeRequiredDescription
idstringYesThe resource ID.
namestringYesThe resource name.
descriptionstring | nullYesThe resource description, if any.
iconstring | nullYesThe emoji icon, if configured.
scope"personal" | "team" | "org"YesThe visibility scope.
toolExposureMode"full" | "search_and_run_only"YesHow tools are exposed to MCP clients and models.
agentType"agent" | "llm_proxy" | "mcp_gateway" | "profile"YesThe resource type.
systemPromptstring | nullNo
teamsobject[]YesThe teams attached to it.
teams[].idstringYesThe team ID.
teams[].namestringYesThe team name.
labelsobject[]YesAssigned labels.
labels[].keystringYesThe label key.
labels[].valuestringYesThe label value.
toolsobject[]YesAssigned tools.
tools[].idstringYesThe assigned tool ID.
tools[].namestringYesThe tool name.
tools[].descriptionstring | nullYesThe tool description, if any.
tools[].catalogIdstring | nullYesThe MCP catalog ID the tool comes from, if any.
knowledgeBaseIdsstring[]YesAssigned knowledge base IDs.
connectorIdsstring[]YesAssigned knowledge connector IDs.
suggestedPromptsobject[]YesConfigured suggested prompts.
suggestedPrompts[].summaryTitlestringYesThe short title shown in the chat UI.
suggestedPrompts[].promptstringYesThe suggested prompt text.

edit_llm_proxy

Required RBAC permission: llmProxy:update

Input
ParameterTypeRequiredDescription
idstringYesThe ID of the LLM proxy to edit. Use get_llm_proxy to look it up by name first if needed.
descriptionstring | nullNoNew description for the LLM proxy.
iconstring | nullNoNew emoji icon for the LLM proxy.
labelsobject[]NoReplace the LLM proxy's labels with this set.
labels[].keystringYes
labels[].valuestringYes
namestringNoNew name for the LLM proxy.
scope"personal" | "team" | "org"NoUpdated visibility scope for the LLM proxy.
toolExposureMode"full" | "search_and_run_only"NoHow tools should be exposed to MCP clients and models.
teamsstring[]NoReplace the teams attached to a team-scoped LLM proxy.

MCP Gateways

ToolDescriptionRequired RBAC Permission
create_mcp_gatewayCreate a new MCP gateway with the specified name, optional labels, and optional assigned knowledge bases or knowledge connectors.mcpGateway:create
get_mcp_gatewayGet a specific MCP gateway by ID or name.mcpGateway:read
edit_mcp_gatewayEdit an existing MCP gateway.mcpGateway:update

create_mcp_gateway

Required RBAC permission: mcpGateway:create

Input
ParameterTypeRequiredDescription
namestringYesName for the new resource.
scope"personal" | "team" | "org"NoVisibility scope. Defaults to personal for agents and org for LLM proxies/MCP gateways unless teams are provided.
labelsobject[]NoOptional key-value labels for organization and categorization.
labels[].keystringYes
labels[].valuestringYes
teamsstring[]NoTeam IDs to attach when creating a team-scoped resource.
toolExposureMode"full" | "search_and_run_only"NoHow tools should be exposed to MCP clients and models. Use 'search_and_run_only' to expose only search_tools and run_tool while keeping the full assigned tool set searchable and runnable.
knowledgeBaseIdsstring[]NoKnowledge base IDs to assign to the agent. Use get_knowledge_bases first when you need to look up IDs by name.
connectorIdsstring[]NoKnowledge connector IDs to assign directly to the agent. Use get_knowledge_connectors first when you need to look up IDs by name.
toolAssignmentMode"automatic" | "manual"NoHow tools are assigned to this gateway. 'manual' (default) lets an admin pick tools individually. 'automatic' derives the gateway's tools from catalog entries whose labels match the gateway's labels (key-value pairs, OR semantics).

get_mcp_gateway

Required RBAC permission: mcpGateway:read

Input
ParameterTypeRequiredDescription
idstringNoThe ID of the MCP gateway to fetch. Prefer the ID when you already have it.
namestringNoThe exact name of the MCP gateway to fetch when you do not already have the ID.
Output
FieldTypeRequiredDescription
idstringYesThe resource ID.
namestringYesThe resource name.
descriptionstring | nullYesThe resource description, if any.
iconstring | nullYesThe emoji icon, if configured.
scope"personal" | "team" | "org"YesThe visibility scope.
toolExposureMode"full" | "search_and_run_only"YesHow tools are exposed to MCP clients and models.
agentType"agent" | "llm_proxy" | "mcp_gateway" | "profile"YesThe resource type.
systemPromptstring | nullNo
teamsobject[]YesThe teams attached to it.
teams[].idstringYesThe team ID.
teams[].namestringYesThe team name.
labelsobject[]YesAssigned labels.
labels[].keystringYesThe label key.
labels[].valuestringYesThe label value.
toolsobject[]YesAssigned tools.
tools[].idstringYesThe assigned tool ID.
tools[].namestringYesThe tool name.
tools[].descriptionstring | nullYesThe tool description, if any.
tools[].catalogIdstring | nullYesThe MCP catalog ID the tool comes from, if any.
knowledgeBaseIdsstring[]YesAssigned knowledge base IDs.
connectorIdsstring[]YesAssigned knowledge connector IDs.
suggestedPromptsobject[]YesConfigured suggested prompts.
suggestedPrompts[].summaryTitlestringYesThe short title shown in the chat UI.
suggestedPrompts[].promptstringYesThe suggested prompt text.

edit_mcp_gateway

Required RBAC permission: mcpGateway:update

Input
ParameterTypeRequiredDescription
idstringYesThe ID of the MCP gateway to edit. Use get_mcp_gateway to look it up by name first if needed.
descriptionstring | nullNoNew description for the MCP gateway.
iconstring | nullNoNew emoji icon for the MCP gateway.
labelsobject[]NoReplace the MCP gateway's labels with this set.
labels[].keystringYes
labels[].valuestringYes
namestringNoNew name for the MCP gateway.
scope"personal" | "team" | "org"NoUpdated visibility scope for the MCP gateway.
toolExposureMode"full" | "search_and_run_only"NoHow tools should be exposed to MCP clients and models.
toolAssignmentMode"automatic" | "manual"NoHow tools are assigned to this gateway. 'manual' lets an admin pick tools individually. 'automatic' derives the gateway's tools from catalog entries whose labels match the gateway's labels (key-value pairs, OR semantics).
teamsstring[]NoReplace the teams attached to a team-scoped MCP gateway.
knowledgeBaseIdsstring[]NoReplace the MCP gateway's assigned knowledge bases with this set.
connectorIdsstring[]NoReplace the MCP gateway's directly assigned knowledge connectors with this set.

MCP Servers

ToolDescriptionRequired RBAC Permission
search_private_mcp_registrySearch the private MCP registry for available MCP servers.mcpRegistry:read
get_mcp_serversList all MCP servers from the catalog.mcpRegistry:read
get_mcp_server_toolsGet all tools available for a specific MCP server by its catalog ID (from get_mcp_servers).mcpRegistry:read
edit_mcp_descriptionEdit an MCP server's display information and metadata.mcpRegistry:update
edit_mcp_configEdit an MCP server's technical configuration.mcpRegistry:update
create_mcp_serverCreate a new MCP server in the private registry.mcpRegistry:create
deploy_mcp_serverDeploy (install) an MCP server from the catalog.mcpRegistry:update
list_mcp_server_deploymentsList all deployed (installed) MCP server instances accessible to the current user.mcpRegistry:read
get_mcp_server_logsGet recent container logs from a deployed local (K8s) MCP server.mcpRegistry:read
create_mcp_server_installation_requestAllows users from within the Archestra Platform chat UI to submit a request for an MCP server to be added to their Archestra Platform's internal MCP server registry.mcpServerInstallationRequest:create

search_private_mcp_registry

Required RBAC permission: mcpRegistry:read

Input
ParameterTypeRequiredDescription
querystringNoOptional search query to filter MCP servers by name or description.
Output
FieldTypeRequiredDescription
itemsobject[]YesCatalog items matching the search.
items[].idstringYesThe catalog item ID.
items[].namestringYesThe MCP server name.
items[].versionstring | nullYesThe version, if provided.
items[].descriptionstring | nullYesThe server description, if any.
items[].serverType"local" | "remote" | "builtin"YesWhether the server is local, remote, or builtin.
items[].serverUrlstring | nullYesThe remote server URL, if applicable.
items[].repositorystring | nullYesThe repository URL, if available.

get_mcp_servers

Required RBAC permission: mcpRegistry:read

This tool takes no arguments.

Output
FieldTypeRequiredDescription
itemsobject[]YesAvailable MCP servers.
items[].idstringYesThe catalog item ID.
items[].namestringYesThe MCP server name.
items[].iconstring | nullYesThe emoji icon, if any.
items[].descriptionstring | nullYesThe server description, if any.
items[].scope"personal" | "team" | "org"NoThe visibility scope of the server.
items[].teamsobject[]YesTeams attached to a team-scoped server.
items[].teams[].idstringYesThe team ID.
items[].teams[].namestringYesThe team name.

get_mcp_server_tools

Required RBAC permission: mcpRegistry:read

Input
ParameterTypeRequiredDescription
mcpServerIdstringYesThe catalog ID of the MCP server.
Output
FieldTypeRequiredDescription
toolsobject[]YesTools exposed by the selected MCP server.
tools[].idstringYesThe tool ID.
tools[].namestringYesThe tool name.
tools[].descriptionstring | nullNoThe tool description, if any.
tools[].catalogIdstring | nullNoThe MCP catalog ID this tool belongs to.

edit_mcp_description

Required RBAC permission: mcpRegistry:update

Input
ParameterTypeRequiredDescription
idstringYesThe catalog ID of the MCP server to edit. Use get_mcp_servers to look it up by name.
namestringNoDisplay name for the MCP server.
descriptionstring | nullNoDescription of the MCP server.
iconstring | nullNoEmoji icon for the MCP server.
docsUrlstring | nullNoDocumentation URL.
repositorystring | nullNoSource code repository URL.
versionstring | nullNoVersion string.
instructionsstring | nullNoSetup or usage instructions.
scope"personal" | "team" | "org"NoVisibility scope.
labelsobject[]NoKey-value labels for organization/categorization.
labels[].keystringYesLabel key.
labels[].valuestringYesLabel value.
teamsstring[]NoTeam IDs for team-scoped access control.

edit_mcp_config

Required RBAC permission: mcpRegistry:update

Input
ParameterTypeRequiredDescription
idstringYesThe catalog ID of the MCP server to edit. Use get_mcp_servers to look it up by name.
serverType"local" | "remote" | "builtin"NoServer type: local, remote, or builtin.
serverUrlstring | nullNo[Remote] The URL of the remote MCP server.
requiresAuthbooleanNo[Remote] Whether the server requires authentication.
authDescriptionstring | nullNo[Remote] How to set up authentication.
authFieldsobject[]No[Remote] Authentication field definitions.
authFields[].namestringYesAuth field name.
authFields[].labelstringYesHuman-readable auth field label.
authFields[].type"header" | "query" | "cookie"YesWhere to send this auth field.
authFields[].secretbooleanYesWhether this field contains secret data.
oauthConfigobjectNo[Remote] OAuth configuration for the server.
commandstringNo[Local] Command to run (for example npx, uvx, or node).
argumentsstring[]No[Local] Command-line arguments.
environmentobject[]No[Local] Environment variables for the server process.
environment[].keystringYesEnvironment variable name.
environment[].type"plain_text" | "secret" | "boolean" | "number"YesEnvironment variable value type.
environment[].valuestringNoLiteral environment variable value.
environment[].promptOnInstallationbooleanYesWhether to prompt for this value during installation.
environment[].requiredbooleanNoWhether the value is required.
environment[].descriptionstringNoDescription shown to users.
environment[].defaultanyNoDefault value.
environment[].mountedbooleanNoFor secret values, mount as a file instead of an env var.
envFromobject[]No[Local] Import env vars from Kubernetes Secrets or ConfigMaps.
envFrom[].type"secret" | "configMap"YesImport source type.
envFrom[].namestringYesSecret or ConfigMap name.
envFrom[].prefixstringNoOptional environment variable prefix.
dockerImagestringNo[Local] Custom Docker image.
serviceAccountstringNo[Local] Kubernetes ServiceAccount name.
transportType"stdio" | "streamable-http"No[Local] Transport type.
httpPortnumberNo[Local] HTTP port for streamable-http transport.
httpPathstringNo[Local] HTTP path for streamable-http transport.
nodePortnumberNo[Local] Kubernetes NodePort for local development.
imagePullSecretsobject[]No[Local] Image pull secrets for private registries.
imagePullSecrets[].source"existing"YesImage pull secret source.
imagePullSecrets[].namestringYesExisting Kubernetes secret name.
deploymentSpecYamlstringNo[Local] Custom Kubernetes deployment YAML override.
installationCommandstringNo[Local] Command to install the MCP server package.
userConfigobjectNoUser-configurable fields shown during installation.

create_mcp_server

Required RBAC permission: mcpRegistry:create

Input
ParameterTypeRequiredDescription
namestringYesDisplay name for the MCP server.
descriptionstring | nullNoDescription of the MCP server.
iconstring | nullNoEmoji icon for the MCP server.
docsUrlstring | nullNoDocumentation URL.
repositorystring | nullNoSource code repository URL.
versionstring | nullNoVersion string.
instructionsstring | nullNoSetup or usage instructions.
scope"personal" | "team" | "org"NoVisibility scope.
labelsobject[]NoKey-value labels for organization/categorization.
labels[].keystringYesLabel key.
labels[].valuestringYesLabel value.
teamsstring[]NoTeam IDs for team-scoped access control.
serverType"local" | "remote" | "builtin"NoServer type: local, remote, or builtin.
serverUrlstring | nullNo[Remote] The URL of the remote MCP server.
requiresAuthbooleanNo[Remote] Whether the server requires authentication.
authDescriptionstring | nullNo[Remote] How to set up authentication.
authFieldsobject[]No[Remote] Authentication field definitions.
authFields[].namestringYesAuth field name.
authFields[].labelstringYesHuman-readable auth field label.
authFields[].type"header" | "query" | "cookie"YesWhere to send this auth field.
authFields[].secretbooleanYesWhether this field contains secret data.
oauthConfigobjectNo[Remote] OAuth configuration for the server.
commandstringNo[Local] Command to run (for example npx, uvx, or node).
argumentsstring[]No[Local] Command-line arguments.
environmentobject[]No[Local] Environment variables for the server process.
environment[].keystringYesEnvironment variable name.
environment[].type"plain_text" | "secret" | "boolean" | "number"YesEnvironment variable value type.
environment[].valuestringNoLiteral environment variable value.
environment[].promptOnInstallationbooleanYesWhether to prompt for this value during installation.
environment[].requiredbooleanNoWhether the value is required.
environment[].descriptionstringNoDescription shown to users.
environment[].defaultanyNoDefault value.
environment[].mountedbooleanNoFor secret values, mount as a file instead of an env var.
envFromobject[]No[Local] Import env vars from Kubernetes Secrets or ConfigMaps.
envFrom[].type"secret" | "configMap"YesImport source type.
envFrom[].namestringYesSecret or ConfigMap name.
envFrom[].prefixstringNoOptional environment variable prefix.
dockerImagestringNo[Local] Custom Docker image.
serviceAccountstringNo[Local] Kubernetes ServiceAccount name.
transportType"stdio" | "streamable-http"No[Local] Transport type.
httpPortnumberNo[Local] HTTP port for streamable-http transport.
httpPathstringNo[Local] HTTP path for streamable-http transport.
nodePortnumberNo[Local] Kubernetes NodePort for local development.
imagePullSecretsobject[]No[Local] Image pull secrets for private registries.
imagePullSecrets[].source"existing"YesImage pull secret source.
imagePullSecrets[].namestringYesExisting Kubernetes secret name.
deploymentSpecYamlstringNo[Local] Custom Kubernetes deployment YAML override.
installationCommandstringNo[Local] Command to install the MCP server package.
userConfigobjectNoUser-configurable fields shown during installation.

deploy_mcp_server

Required RBAC permission: mcpRegistry:update

Input
ParameterTypeRequiredDescription
catalogIdstringYesThe catalog ID of the MCP server to deploy.
scope"personal" | "team" | "org"NoVisibility scope for the deployment: 'personal' (default), 'team' (requires teamId), or 'org' (admins only, visible to all org members).
teamIdstringNoOptional team ID for a team-scoped deployment (required when scope='team').
agentIdsstring[]NoOptional agent IDs to assign the server's tools to after deployment.

list_mcp_server_deployments

Required RBAC permission: mcpRegistry:read

This tool takes no arguments.

get_mcp_server_logs

Required RBAC permission: mcpRegistry:read

Input
ParameterTypeRequiredDescription
serverIdstringYesThe deployment ID of the MCP server.
linesintegerNoNumber of log lines to retrieve.

create_mcp_server_installation_request

Required RBAC permission: mcpServerInstallationRequest:create

This tool takes no arguments.

Limits

ToolDescriptionRequired RBAC Permission
create_limitCreate a new cost or usage limit for an organization, team, agent, LLM proxy, or MCP gateway.llmLimit:create
get_limitsRetrieve all limits, optionally filtered by entity type and/or entity ID.llmLimit:read
update_limitUpdate mutable fields on an existing limit.llmLimit:update
delete_limitDelete an existing limit by ID.llmLimit:delete
get_agent_token_usageGet the total token usage (input and output) for a specific agent.llmLimit:read
get_llm_proxy_token_usageGet the total token usage (input and output) for a specific LLM proxy.llmLimit:read

create_limit

Required RBAC permission: llmLimit:create

Input
ParameterTypeRequiredDescription
entity_type"organization" | "team" | "agent"YesThe type of entity to apply the limit to.
entity_idstringYesThe ID of the entity (organization, team, or agent).
limit_type"token_cost" | "mcp_server_calls" | "tool_calls"YesThe type of limit to apply.
limit_valuenumberYesThe limit value (tokens or count depending on limit type).
modelstring[]NoArray of model names. Required for token_cost limits.
mcp_server_namestringNoMCP server name. Required for mcp_server_calls and tool_calls limits.
tool_namestringNoTool name. Required for tool_calls limits.
Output
FieldTypeRequiredDescription
limitobjectYes
limit.idstringYesThe limit ID.
limit.entityType"organization" | "team" | "agent"YesThe limited entity type.
limit.entityIdstringYesThe limited entity ID.
limit.limitType"token_cost" | "mcp_server_calls" | "tool_calls"YesThe kind of limit.
limit.limitValuenumberYesThe configured limit value.
limit.modelstring[] | nullNoModels targeted by a token_cost limit, if any.
limit.mcpServerNamestring | nullNoMCP server name for MCP-specific limits, if any.
limit.toolNamestring | nullNoTool name for tool-specific limits, if any.

get_limits

Required RBAC permission: llmLimit:read

Input
ParameterTypeRequiredDescription
entity_type"organization" | "team" | "agent"NoOptional filter by entity type.
entity_idstringNoOptional filter by entity ID.
Output
FieldTypeRequiredDescription
limitsobject[]Yes
limits[].idstringYesThe limit ID.
limits[].entityType"organization" | "team" | "agent"YesThe limited entity type.
limits[].entityIdstringYesThe limited entity ID.
limits[].limitType"token_cost" | "mcp_server_calls" | "tool_calls"YesThe kind of limit.
limits[].limitValuenumberYesThe configured limit value.
limits[].modelstring[] | nullNoModels targeted by a token_cost limit, if any.
limits[].mcpServerNamestring | nullNoMCP server name for MCP-specific limits, if any.
limits[].toolNamestring | nullNoTool name for tool-specific limits, if any.

update_limit

Required RBAC permission: llmLimit:update

Input
ParameterTypeRequiredDescription
idstringYesThe ID of the limit to update.
limit_valuenumberNoOptional new limit value.
Output
FieldTypeRequiredDescription
limitobjectYes
limit.idstringYesThe limit ID.
limit.entityType"organization" | "team" | "agent"YesThe limited entity type.
limit.entityIdstringYesThe limited entity ID.
limit.limitType"token_cost" | "mcp_server_calls" | "tool_calls"YesThe kind of limit.
limit.limitValuenumberYesThe configured limit value.
limit.modelstring[] | nullNoModels targeted by a token_cost limit, if any.
limit.mcpServerNamestring | nullNoMCP server name for MCP-specific limits, if any.
limit.toolNamestring | nullNoTool name for tool-specific limits, if any.

delete_limit

Required RBAC permission: llmLimit:delete

Input
ParameterTypeRequiredDescription
idstringYesThe ID of the limit to delete.
Output
FieldTypeRequiredDescription
successbooleanYes
idstringYes

get_agent_token_usage

Required RBAC permission: llmLimit:read

Input
ParameterTypeRequiredDescription
idstringNoOptional agent ID. Defaults to the current agent.
Output
FieldTypeRequiredDescription
idstringYes
totalInputTokensnumberYes
totalOutputTokensnumberYes
totalTokensnumberYes

get_llm_proxy_token_usage

Required RBAC permission: llmLimit:read

Input
ParameterTypeRequiredDescription
idstringNoOptional LLM proxy ID. Defaults to the current agent.
Output
FieldTypeRequiredDescription
idstringYes
totalInputTokensnumberYes
totalOutputTokensnumberYes
totalTokensnumberYes

Policies

ToolDescriptionRequired RBAC Permission
get_autonomy_policy_operatorsGet all supported policy operators with their human-readable labelstoolPolicy:read
get_tool_invocation_policiesGet all tool invocation policiestoolPolicy:read
create_tool_invocation_policyCreate a new tool invocation policytoolPolicy:create
get_tool_invocation_policyGet a specific tool invocation policy by IDtoolPolicy:read
update_tool_invocation_policyUpdate a tool invocation policytoolPolicy:update
delete_tool_invocation_policyDelete a tool invocation policy by IDtoolPolicy:delete
get_trusted_data_policiesGet all trusted data policiestoolPolicy:read
create_trusted_data_policyCreate a new trusted data policytoolPolicy:create
get_trusted_data_policyGet a specific trusted data policy by IDtoolPolicy:read
update_trusted_data_policyUpdate a trusted data policytoolPolicy:update
delete_trusted_data_policyDelete a trusted data policy by IDtoolPolicy:delete

get_autonomy_policy_operators

Required RBAC permission: toolPolicy:read

This tool takes no arguments.

Output
FieldTypeRequiredDescription
operatorsobject[]YesSupported autonomy policy operators.
operators[].value"equal" | "notEqual" | "contains" | "notContains" | "startsWith" | "endsWith" | "regex"YesThe operator enum value.
operators[].labelstringYesThe human-readable label.

get_tool_invocation_policies

Required RBAC permission: toolPolicy:read

This tool takes no arguments.

Output
FieldTypeRequiredDescription
policiesobject[]YesTool invocation policies.
policies[].idstringYesThe policy ID.
policies[].toolIdstringYesThe tool ID this policy targets.
policies[].conditionsobject[]YesConditions evaluated for the policy.
policies[].conditions[].keystringYesThe evaluated argument or context key.
policies[].conditions[].operator"equal" | "notEqual" | "contains" | "notContains" | "startsWith" | "endsWith" | "regex"YesThe comparison operator.
policies[].conditions[].valuestringYesThe comparison value.
policies[].action"allow_when_context_is_untrusted" | "block_when_context_is_untrusted" | "block_always" | "require_approval"YesThe policy action.
policies[].reasonstring | nullYesThe policy reason, if any.

create_tool_invocation_policy

Required RBAC permission: toolPolicy:create

Input
ParameterTypeRequiredDescription
toolIdstringYesThe ID of the tool (UUID from the tools table).
conditionsobject[]YesArray of conditions that must all match. Empty array means unconditional.
conditions[].keystringYesThe argument name or context path to evaluate (for example url or context.externalAgentId).
conditions[].operator"equal" | "notEqual" | "contains" | "notContains" | "startsWith" | "endsWith" | "regex"YesThe comparison operator.
conditions[].valuestringYesThe value to compare against.
action"allow_when_context_is_untrusted" | "block_when_context_is_untrusted" | "block_always" | "require_approval"YesThe action to take when the policy matches.
reasonstringNoHuman-readable explanation for why this policy exists.
Output
FieldTypeRequiredDescription
policyobjectYesThe requested tool invocation policy.
policy.idstringYesThe policy ID.
policy.toolIdstringYesThe tool ID this policy targets.
policy.conditionsobject[]YesConditions evaluated for the policy.
policy.conditions[].keystringYesThe evaluated argument or context key.
policy.conditions[].operator"equal" | "notEqual" | "contains" | "notContains" | "startsWith" | "endsWith" | "regex"YesThe comparison operator.
policy.conditions[].valuestringYesThe comparison value.
policy.action"allow_when_context_is_untrusted" | "block_when_context_is_untrusted" | "block_always" | "require_approval"YesThe policy action.
policy.reasonstring | nullYesThe policy reason, if any.

get_tool_invocation_policy

Required RBAC permission: toolPolicy:read

Input
ParameterTypeRequiredDescription
idstringYesThe ID of the tool invocation policy.
Output
FieldTypeRequiredDescription
policyobjectYesThe requested tool invocation policy.
policy.idstringYesThe policy ID.
policy.toolIdstringYesThe tool ID this policy targets.
policy.conditionsobject[]YesConditions evaluated for the policy.
policy.conditions[].keystringYesThe evaluated argument or context key.
policy.conditions[].operator"equal" | "notEqual" | "contains" | "notContains" | "startsWith" | "endsWith" | "regex"YesThe comparison operator.
policy.conditions[].valuestringYesThe comparison value.
policy.action"allow_when_context_is_untrusted" | "block_when_context_is_untrusted" | "block_always" | "require_approval"YesThe policy action.
policy.reasonstring | nullYesThe policy reason, if any.

update_tool_invocation_policy

Required RBAC permission: toolPolicy:update

Input
ParameterTypeRequiredDescription
idstringYesThe ID of the tool invocation policy to update.
toolIdstringNoThe ID of the tool (UUID from the tools table).
conditionsobject[]NoUpdated array of conditions that must all match. Empty array means unconditional.
conditions[].keystringYesThe argument name or context path to evaluate (for example url or context.externalAgentId).
conditions[].operator"equal" | "notEqual" | "contains" | "notContains" | "startsWith" | "endsWith" | "regex"YesThe comparison operator.
conditions[].valuestringYesThe value to compare against.
action"allow_when_context_is_untrusted" | "block_when_context_is_untrusted" | "block_always" | "require_approval"NoUpdated action to take when the policy matches.
reasonstring | nullNoUpdated human-readable explanation for why this policy exists.
Output
FieldTypeRequiredDescription
policyobjectYesThe requested tool invocation policy.
policy.idstringYesThe policy ID.
policy.toolIdstringYesThe tool ID this policy targets.
policy.conditionsobject[]YesConditions evaluated for the policy.
policy.conditions[].keystringYesThe evaluated argument or context key.
policy.conditions[].operator"equal" | "notEqual" | "contains" | "notContains" | "startsWith" | "endsWith" | "regex"YesThe comparison operator.
policy.conditions[].valuestringYesThe comparison value.
policy.action"allow_when_context_is_untrusted" | "block_when_context_is_untrusted" | "block_always" | "require_approval"YesThe policy action.
policy.reasonstring | nullYesThe policy reason, if any.

delete_tool_invocation_policy

Required RBAC permission: toolPolicy:delete

Input
ParameterTypeRequiredDescription
idstringYesThe ID of the tool invocation policy.
Output
FieldTypeRequiredDescription
successbooleanYesWhether the delete succeeded.

get_trusted_data_policies

Required RBAC permission: toolPolicy:read

This tool takes no arguments.

Output
FieldTypeRequiredDescription
policiesobject[]YesTrusted data policies.
policies[].idstringYesThe policy ID.
policies[].toolIdstringYesThe tool ID this policy targets.
policies[].conditionsobject[]YesConditions evaluated for the policy.
policies[].conditions[].keystringYesThe evaluated result key or path.
policies[].conditions[].operator"equal" | "notEqual" | "contains" | "notContains" | "startsWith" | "endsWith" | "regex"YesThe comparison operator.
policies[].conditions[].valuestringYesThe comparison value.
policies[].action"block_always" | "mark_as_trusted" | "mark_as_untrusted" | "sanitize_with_dual_llm"YesThe policy action.
policies[].descriptionstring | nullYesThe policy description, if any.

create_trusted_data_policy

Required RBAC permission: toolPolicy:create

Input
ParameterTypeRequiredDescription
toolIdstringYesThe ID of the tool (UUID from the tools table).
conditionsobject[]YesArray of conditions that must all match. Empty array means unconditional.
conditions[].keystringYesThe attribute key or path in the tool result to evaluate (for example emails[*].from or source).
conditions[].operator"equal" | "notEqual" | "contains" | "notContains" | "startsWith" | "endsWith" | "regex"YesThe comparison operator.
conditions[].valuestringYesThe value to compare against.
action"block_always" | "mark_as_trusted" | "mark_as_untrusted" | "sanitize_with_dual_llm"YesThe action to take when the policy matches.
descriptionstringNoHuman-readable explanation for why this policy exists.
Output
FieldTypeRequiredDescription
policyobjectYesThe requested trusted data policy.
policy.idstringYesThe policy ID.
policy.toolIdstringYesThe tool ID this policy targets.
policy.conditionsobject[]YesConditions evaluated for the policy.
policy.conditions[].keystringYesThe evaluated result key or path.
policy.conditions[].operator"equal" | "notEqual" | "contains" | "notContains" | "startsWith" | "endsWith" | "regex"YesThe comparison operator.
policy.conditions[].valuestringYesThe comparison value.
policy.action"block_always" | "mark_as_trusted" | "mark_as_untrusted" | "sanitize_with_dual_llm"YesThe policy action.
policy.descriptionstring | nullYesThe policy description, if any.

get_trusted_data_policy

Required RBAC permission: toolPolicy:read

Input
ParameterTypeRequiredDescription
idstringYesThe ID of the trusted data policy.
Output
FieldTypeRequiredDescription
policyobjectYesThe requested trusted data policy.
policy.idstringYesThe policy ID.
policy.toolIdstringYesThe tool ID this policy targets.
policy.conditionsobject[]YesConditions evaluated for the policy.
policy.conditions[].keystringYesThe evaluated result key or path.
policy.conditions[].operator"equal" | "notEqual" | "contains" | "notContains" | "startsWith" | "endsWith" | "regex"YesThe comparison operator.
policy.conditions[].valuestringYesThe comparison value.
policy.action"block_always" | "mark_as_trusted" | "mark_as_untrusted" | "sanitize_with_dual_llm"YesThe policy action.
policy.descriptionstring | nullYesThe policy description, if any.

update_trusted_data_policy

Required RBAC permission: toolPolicy:update

Input
ParameterTypeRequiredDescription
idstringYesThe ID of the trusted data policy to update.
toolIdstringNoThe ID of the tool (UUID from the tools table).
conditionsobject[]NoUpdated array of conditions that must all match. Empty array means unconditional.
conditions[].keystringYesThe attribute key or path in the tool result to evaluate (for example emails[*].from or source).
conditions[].operator"equal" | "notEqual" | "contains" | "notContains" | "startsWith" | "endsWith" | "regex"YesThe comparison operator.
conditions[].valuestringYesThe value to compare against.
action"block_always" | "mark_as_trusted" | "mark_as_untrusted" | "sanitize_with_dual_llm"NoUpdated action to take when the policy matches.
descriptionstring | nullNoUpdated human-readable explanation for why this policy exists.
Output
FieldTypeRequiredDescription
policyobjectYesThe requested trusted data policy.
policy.idstringYesThe policy ID.
policy.toolIdstringYesThe tool ID this policy targets.
policy.conditionsobject[]YesConditions evaluated for the policy.
policy.conditions[].keystringYesThe evaluated result key or path.
policy.conditions[].operator"equal" | "notEqual" | "contains" | "notContains" | "startsWith" | "endsWith" | "regex"YesThe comparison operator.
policy.conditions[].valuestringYesThe comparison value.
policy.action"block_always" | "mark_as_trusted" | "mark_as_untrusted" | "sanitize_with_dual_llm"YesThe policy action.
policy.descriptionstring | nullYesThe policy description, if any.

delete_trusted_data_policy

Required RBAC permission: toolPolicy:delete

Input
ParameterTypeRequiredDescription
idstringYesThe ID of the trusted data policy.
Output
FieldTypeRequiredDescription
successbooleanYesWhether the delete succeeded.

Tool Assignment

ToolDescriptionRequired RBAC Permission
bulk_assign_tools_to_agentsAssign multiple tools to multiple agents in bulk with validation and error handlingagent:update
bulk_assign_tools_to_mcp_gatewaysAssign multiple tools to multiple MCP gateways in bulk with validation and error handlingmcpGateway:update

bulk_assign_tools_to_agents

Required RBAC permission: agent:update

Input
ParameterTypeRequiredDescription
assignmentsobject[]YesAssignments to create or update for agents.
assignments[].toolIdstringYesThe ID of the tool to assign.
assignments[].resolveAtCallTimebooleanNoWhen true, resolve credentials and execution target at tool call time. Prefer this for builder flows.
assignments[].credentialResolutionMode"static" | "dynamic" | "enterprise_managed"No
assignments[].mcpServerIdstring | nullNoOptional MCP server installation to pin the tool to when using static credential resolution.
assignments[].agentIdstringYesThe agent ID to assign the tool to.
Output
FieldTypeRequiredDescription
succeededobject[]YesAssignments that succeeded.
succeeded[].agentIdstringYesThe target agent ID.
succeeded[].toolIdstringYesThe tool ID.
succeeded[].errorstringNoValidation or assignment error.
succeeded[].errorCode"not_found" | "validation_error"NoStructured assignment error code.
succeeded[].errorTypestringNoStructured assignment error type.
failedobject[]YesAssignments that failed.
failed[].agentIdstringYesThe target agent ID.
failed[].toolIdstringYesThe tool ID.
failed[].errorstringNoValidation or assignment error.
failed[].errorCode"not_found" | "validation_error"NoStructured assignment error code.
failed[].errorTypestringNoStructured assignment error type.
duplicatesobject[]YesAssignments skipped because they already existed.
duplicates[].agentIdstringYesThe target agent ID.
duplicates[].toolIdstringYesThe tool ID.
duplicates[].errorstringNoValidation or assignment error.
duplicates[].errorCode"not_found" | "validation_error"NoStructured assignment error code.
duplicates[].errorTypestringNoStructured assignment error type.

bulk_assign_tools_to_mcp_gateways

Required RBAC permission: mcpGateway:update

Input
ParameterTypeRequiredDescription
assignmentsobject[]YesAssignments to create or update for MCP gateways.
assignments[].toolIdstringYesThe ID of the tool to assign.
assignments[].resolveAtCallTimebooleanNoWhen true, resolve credentials and execution target at tool call time. Prefer this for builder flows.
assignments[].credentialResolutionMode"static" | "dynamic" | "enterprise_managed"No
assignments[].mcpServerIdstring | nullNoOptional MCP server installation to pin the tool to when using static credential resolution.
assignments[].mcpGatewayIdstringYesThe MCP gateway ID to assign the tool to.
Output
FieldTypeRequiredDescription
succeededobject[]YesAssignments that succeeded.
succeeded[].mcpGatewayIdstringYesThe target MCP gateway ID.
succeeded[].toolIdstringYesThe tool ID.
succeeded[].errorstringNoValidation or assignment error.
succeeded[].errorCode"not_found" | "validation_error"NoStructured assignment error code.
succeeded[].errorTypestringNoStructured assignment error type.
failedobject[]YesAssignments that failed.
failed[].mcpGatewayIdstringYesThe target MCP gateway ID.
failed[].toolIdstringYesThe tool ID.
failed[].errorstringNoValidation or assignment error.
failed[].errorCode"not_found" | "validation_error"NoStructured assignment error code.
failed[].errorTypestringNoStructured assignment error type.
duplicatesobject[]YesAssignments skipped because they already existed.
duplicates[].mcpGatewayIdstringYesThe target MCP gateway ID.
duplicates[].toolIdstringYesThe tool ID.
duplicates[].errorstringNoValidation or assignment error.
duplicates[].errorCode"not_found" | "validation_error"NoStructured assignment error code.
duplicates[].errorTypestringNoStructured assignment error type.

Knowledge Management

ToolDescriptionRequired RBAC Permission
query_knowledge_sourcesQuery the organization's knowledge sources to retrieve relevant information.knowledgeSource:query
create_knowledge_baseCreate a new knowledge base for organizing knowledge connectors.knowledgeSource:create
get_knowledge_basesList all knowledge bases in the organization.knowledgeSource:read
get_knowledge_baseGet details of a specific knowledge base by ID.knowledgeSource:read
update_knowledge_baseUpdate an existing knowledge base.knowledgeSource:update
delete_knowledge_baseDelete a knowledge base by ID.knowledgeSource:delete
create_knowledge_connectorCreate a new knowledge connector for ingesting data from external sources.knowledgeSource:create
get_knowledge_connectorsList all knowledge connectors in the organization.knowledgeSource:read
get_knowledge_connectorGet details of a specific knowledge connector by ID.knowledgeSource:read
update_knowledge_connectorUpdate an existing knowledge connector.knowledgeSource:update
delete_knowledge_connectorDelete a knowledge connector by ID.knowledgeSource:delete
assign_knowledge_connector_to_knowledge_baseAssign a knowledge connector to a knowledge base.knowledgeSource:update
unassign_knowledge_connector_from_knowledge_baseRemove a knowledge connector from a knowledge base.knowledgeSource:update
assign_knowledge_base_to_agentAssign a knowledge base to an agent.knowledgeSource:update
unassign_knowledge_base_from_agentRemove a knowledge base from an agent.knowledgeSource:update
assign_knowledge_connector_to_agentDirectly assign a knowledge connector to an agent (bypassing knowledge base).knowledgeSource:update
unassign_knowledge_connector_from_agentRemove a directly-assigned knowledge connector from an agent.knowledgeSource:update

query_knowledge_sources

Required RBAC permission: knowledgeSource:query

Input
ParameterTypeRequiredDescription
querystringYesThe user's original query, passed verbatim without rephrasing or expansion.
Output
FieldTypeRequiredDescription
resultsany[]YesRetrieved knowledge results.
totalChunksnumberYesThe number of result chunks returned.

create_knowledge_base

Required RBAC permission: knowledgeSource:create

Input
ParameterTypeRequiredDescription
namestringYesName of the knowledge base.
descriptionstring | nullNoDescription of the knowledge base.
Output
FieldTypeRequiredDescription
knowledgeBaseobjectYesThe requested knowledge base.
knowledgeBase.idstringYesThe knowledge base ID.
knowledgeBase.organizationIdstringYesThe organization ID.
knowledgeBase.namestringYesThe knowledge base name.
knowledgeBase.descriptionstring | nullYesThe knowledge base description, if any.
knowledgeBase.statusstringYesThe knowledge base status.

get_knowledge_bases

Required RBAC permission: knowledgeSource:read

This tool takes no arguments.

Output
FieldTypeRequiredDescription
knowledgeBasesobject[]YesKnowledge bases in the organization.
knowledgeBases[].idstringYesThe knowledge base ID.
knowledgeBases[].organizationIdstringYesThe organization ID.
knowledgeBases[].namestringYesThe knowledge base name.
knowledgeBases[].descriptionstring | nullYesThe knowledge base description, if any.
knowledgeBases[].statusstringYesThe knowledge base status.

get_knowledge_base

Required RBAC permission: knowledgeSource:read

Input
ParameterTypeRequiredDescription
idstringYesKnowledge base ID.
Output
FieldTypeRequiredDescription
knowledgeBaseobjectYesThe requested knowledge base.
knowledgeBase.idstringYesThe knowledge base ID.
knowledgeBase.organizationIdstringYesThe organization ID.
knowledgeBase.namestringYesThe knowledge base name.
knowledgeBase.descriptionstring | nullYesThe knowledge base description, if any.
knowledgeBase.statusstringYesThe knowledge base status.

update_knowledge_base

Required RBAC permission: knowledgeSource:update

Input
ParameterTypeRequiredDescription
idstringYesKnowledge base ID.
namestringNoNew knowledge base name.
descriptionstring | nullNoNew knowledge base description.
Output
FieldTypeRequiredDescription
knowledgeBaseobjectYesThe requested knowledge base.
knowledgeBase.idstringYesThe knowledge base ID.
knowledgeBase.organizationIdstringYesThe organization ID.
knowledgeBase.namestringYesThe knowledge base name.
knowledgeBase.descriptionstring | nullYesThe knowledge base description, if any.
knowledgeBase.statusstringYesThe knowledge base status.

delete_knowledge_base

Required RBAC permission: knowledgeSource:delete

Input
ParameterTypeRequiredDescription
idstringYesKnowledge base ID.

create_knowledge_connector

Required RBAC permission: knowledgeSource:create

Input
ParameterTypeRequiredDescription
namestringYesName of the knowledge connector.
connector_typestringYesType of the knowledge connector (for example jira, confluence, or google_drive).
configobjectYesProvider-specific configuration object.
descriptionstring | nullNoDescription of the knowledge connector.
visibility"org-wide" | "team-scoped"NoVisibility for the knowledge connector.
team_idsstring[]NoTeam IDs allowed to access a team-scoped connector.
Output
FieldTypeRequiredDescription
knowledgeConnectorobjectYesThe requested knowledge connector.
knowledgeConnector.idstringYesThe knowledge connector ID.
knowledgeConnector.organizationIdstringYesThe organization ID.
knowledgeConnector.knowledgeBaseIdstring | nullNo
knowledgeConnector.namestringYesThe connector name.
knowledgeConnector.connectorTypestringYesThe connector type.
knowledgeConnector.descriptionstring | nullYesThe connector description, if any.
knowledgeConnector.enabledbooleanNo
knowledgeConnector.configanyYesThe provider-specific connector configuration.

get_knowledge_connectors

Required RBAC permission: knowledgeSource:read

This tool takes no arguments.

Output
FieldTypeRequiredDescription
knowledgeConnectorsobject[]YesKnowledge connectors in the organization.
knowledgeConnectors[].idstringYesThe knowledge connector ID.
knowledgeConnectors[].organizationIdstringYesThe organization ID.
knowledgeConnectors[].knowledgeBaseIdstring | nullNo
knowledgeConnectors[].namestringYesThe connector name.
knowledgeConnectors[].connectorTypestringYesThe connector type.
knowledgeConnectors[].descriptionstring | nullYesThe connector description, if any.
knowledgeConnectors[].enabledbooleanNo
knowledgeConnectors[].configanyYesThe provider-specific connector configuration.

get_knowledge_connector

Required RBAC permission: knowledgeSource:read

Input
ParameterTypeRequiredDescription
idstringYesKnowledge connector ID.
Output
FieldTypeRequiredDescription
knowledgeConnectorobjectYesThe requested knowledge connector.
knowledgeConnector.idstringYesThe knowledge connector ID.
knowledgeConnector.organizationIdstringYesThe organization ID.
knowledgeConnector.knowledgeBaseIdstring | nullNo
knowledgeConnector.namestringYesThe connector name.
knowledgeConnector.connectorTypestringYesThe connector type.
knowledgeConnector.descriptionstring | nullYesThe connector description, if any.
knowledgeConnector.enabledbooleanNo
knowledgeConnector.configanyYesThe provider-specific connector configuration.

update_knowledge_connector

Required RBAC permission: knowledgeSource:update

Input
ParameterTypeRequiredDescription
idstringYesKnowledge connector ID.
namestringNoNew connector name.
descriptionstring | nullNoNew connector description.
enabledbooleanNoWhether the connector is enabled.
visibility"org-wide" | "team-scoped"NoUpdated visibility for the connector.
team_idsstring[]NoUpdated team IDs for a team-scoped connector.
configobjectNoUpdated connector configuration (provider-specific settings).
Output
FieldTypeRequiredDescription
knowledgeConnectorobjectYesThe requested knowledge connector.
knowledgeConnector.idstringYesThe knowledge connector ID.
knowledgeConnector.organizationIdstringYesThe organization ID.
knowledgeConnector.knowledgeBaseIdstring | nullNo
knowledgeConnector.namestringYesThe connector name.
knowledgeConnector.connectorTypestringYesThe connector type.
knowledgeConnector.descriptionstring | nullYesThe connector description, if any.
knowledgeConnector.enabledbooleanNo
knowledgeConnector.configanyYesThe provider-specific connector configuration.

delete_knowledge_connector

Required RBAC permission: knowledgeSource:delete

Input
ParameterTypeRequiredDescription
idstringYesKnowledge connector ID.

assign_knowledge_connector_to_knowledge_base

Required RBAC permission: knowledgeSource:update

Input
ParameterTypeRequiredDescription
connector_idstringYesKnowledge connector ID.
knowledge_base_idstringYesKnowledge base ID.

unassign_knowledge_connector_from_knowledge_base

Required RBAC permission: knowledgeSource:update

Input
ParameterTypeRequiredDescription
connector_idstringYesKnowledge connector ID.
knowledge_base_idstringYesKnowledge base ID.

assign_knowledge_base_to_agent

Required RBAC permission: knowledgeSource:update

Input
ParameterTypeRequiredDescription
knowledge_base_idstringYesKnowledge base ID.
agent_idstringYesAgent ID.

unassign_knowledge_base_from_agent

Required RBAC permission: knowledgeSource:update

Input
ParameterTypeRequiredDescription
knowledge_base_idstringYesKnowledge base ID.
agent_idstringYesAgent ID.

assign_knowledge_connector_to_agent

Required RBAC permission: knowledgeSource:update

Input
ParameterTypeRequiredDescription
connector_idstringYesKnowledge connector ID.
agent_idstringYesAgent ID.

unassign_knowledge_connector_from_agent

Required RBAC permission: knowledgeSource:update

Input
ParameterTypeRequiredDescription
connector_idstringYesKnowledge connector ID.
agent_idstringYesAgent ID.

Chat

ToolDescriptionRequired RBAC Permission
todo_writeWrite todos to the current conversation.None (no additional RBAC permission required)
swap_agentSwitch the current conversation to a different agent.agent:read
swap_to_default_agentReturn to the default agent.None (no additional RBAC permission required)
artifact_writeWrite or update a markdown artifact for the current conversation.None (no additional RBAC permission required)

todo_write

Required RBAC permission: None (no additional RBAC permission required)

Input
ParameterTypeRequiredDescription
todosobject[]YesArray of todo items to write to the conversation.
todos[].idintegerYesUnique identifier for the todo item.
todos[].contentstringYesThe content or description of the todo item.
todos[].status"pending" | "in_progress" | "completed"YesThe current status of the todo item.
Output
FieldTypeRequiredDescription
successbooleanYesWhether the write succeeded.
todoCountintegerYesHow many todo items were written.

swap_agent

Required RBAC permission: agent:read

Input
ParameterTypeRequiredDescription
agent_namestringYesThe name of the agent to switch to.
Output
FieldTypeRequiredDescription
successbooleanYesWhether the swap succeeded.
agent_idstringYesThe agent ID the conversation now uses.
agent_namestringYesThe agent name the conversation now uses.

swap_to_default_agent

Required RBAC permission: None (no additional RBAC permission required)

This tool takes no arguments.

Output
FieldTypeRequiredDescription
successbooleanYesWhether the swap succeeded.
agent_idstringYesThe agent ID the conversation now uses.
agent_namestringYesThe agent name the conversation now uses.

artifact_write

Required RBAC permission: None (no additional RBAC permission required)

Input
ParameterTypeRequiredDescription
contentstringYesThe markdown content to write to the conversation artifact. This completely replaces any existing artifact content.
Output
FieldTypeRequiredDescription
successbooleanYesWhether the artifact write succeeded.
characterCountintegerYesThe number of characters written to the artifact.

Meta

ToolDescriptionRequired RBAC Permission
search_toolsSearch the agent's available tools on demand.None (no additional RBAC permission required)
run_toolDispatch to any tool available to this agent, including built-in platform tools, agent delegation tools ('agent-'), or third-party MCP tools exposed through the MCP Gateway (e.g.None (no additional RBAC permission required)

search_tools

Required RBAC permission: None (no additional RBAC permission required)

Input
ParameterTypeRequiredDescription
querystringYesNatural-language search query describing the capability you need. Searches tool names, descriptions, argument names, and argument descriptions.
limitintegerNoMaximum number of matching tools to return.
Output
FieldTypeRequiredDescription
totalintegerYesNumber of returned tools.
toolsobject[]Yes
tools[].toolNamestringYesExact tool name to pass to run_tool.
tools[].titlestring | nullYesHuman-friendly title when available.
tools[].descriptionstring | nullYesShort tool description, if available.
tools[].source"archestra" | "mcp" | "agent_delegation"YesWhere the tool comes from.
tools[].serverstring | nullYesMCP server prefix for third-party MCP tools when available.
tools[].catalogNamestring | nullYesCatalog name for installed MCP tools when available.
tools[].inputParametersobject[]Yes
tools[].inputParameters[].namestringYesTop-level input parameter name.
tools[].inputParameters[].requiredbooleanYesWhether the parameter is required.
tools[].inputParameters[].descriptionstring | nullYesParameter description, if available.

run_tool

Required RBAC permission: None (no additional RBAC permission required)

Input
ParameterTypeRequiredDescription
tool_namestringYesName of the tool to invoke. Use the exact name as it appears in the tools list, e.g. 'archestra__whoami', 'context7__resolve-library-id', or an agent delegation name 'agent-'.
tool_argsobjectNoArguments object to pass to the target tool. Must match the target tool's input schema.