// SCAN REPORT

Mcp Api

314 tools. 208 can modify or destroy data without limits.

41 destructive tools with no built-in limits. Policy required.

Last updated:

208 can modify or destroy data
106 read-only
314 tools total
// TOOL MAP
Read (106) Write / Execute (167) Destructive / Financial (41)
// WHAT CAN GO WRONG

Destructive tools (cancelActionWithId, changePasswordWithId, deleteAPIKeyWithId) permanently delete resources. There is no undo. An agent calling these in a retry loop causes irreversible damage.

Write operations (actionUserWithId, activateReactorWithId, commentOnUserWithId) modify state. Without rate limits, an agent can make hundreds of changes in seconds — faster than any human can review or revert.

Execute tools (startIdentityProviderLoginWithId, startPasswordlessLoginWithId, startTwoFactorLoginWithId) trigger processes with side effects. Builds, notifications, workflows — all fired without throttling.

// RECOMMENDED RULES
Deny destructive operations
cancelActionWithId:
  rules:
    - action: deny

Destructive tools should never be available to autonomous agents without human approval.

Rate limit write operations
actionUserWithId:
  rules:
    - rate_limit: 30/hour

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations
retrieveActionWithId:
  rules:
    - rate_limit: 60/minute

Controls API costs and prevents retry loops from exhausting upstream rate limits.

// ALL 314 MCP API TOOLS
DESTRUCTIVE 41 tools
Destructive cancelActionWithId Destructive changePasswordWithId Destructive deleteAPIKeyWithId Destructive deleteApplicationRoleWithId Destructive deleteApplicationWithId Destructive deleteConnectorWithId Destructive deleteConsentWithId Destructive deleteEmailTemplateWithId Destructive deleteEntityGrantWithId Destructive deleteEntityTypePermissionWithId Destructive deleteEntityTypeWithId Destructive deleteEntityWithId Destructive deleteFormFieldWithId Destructive deleteFormWithId Destructive deleteGroupMembersWithId Destructive deleteGroupWithId Destructive deleteIdentityProviderWithId Destructive deleteIPAccessControlListWithId Destructive deleteJwtRefresh Destructive deleteKeyWithId Destructive deleteLambdaWithId Destructive deleteMessageTemplateWithId Destructive deleteMessengerWithId Destructive deleteOAuthScopeWithId Destructive deleteTenantWithId Destructive deleteThemeWithId Destructive deleteUserActionReasonWithId Destructive deleteUserActionWithId Destructive deleteUserBulk Destructive deleteUserLinkWithId Destructive deleteUserRegistrationWithId Destructive deleteUserTwoFactorWithId Destructive deleteUserWithId Destructive deleteWebAuthnCredentialsForUserWithId Destructive deleteWebAuthnCredentialWithId Destructive deleteWebhookWithId Destructive forgotPasswordWithId Destructive reindexWithId Destructive removeUserFromFamilyWithId Destructive revokeRefreshTokenByIdWithId Destructive revokeUserConsentWithId
EXECUTE 6 tools
Execute startIdentityProviderLoginWithId Execute startPasswordlessLoginWithId Execute startTwoFactorLoginWithId Execute startVerifyIdentityWithId Execute startWebAuthnLoginWithId Execute startWebAuthnRegistrationWithId
WRITE 161 tools
Write actionUserWithId Write activateReactorWithId Write commentOnUserWithId Write completeVerifyIdentityWithId Write completeWebAuthnAssertionWithId Write completeWebAuthnLoginWithId Write completeWebAuthnRegistrationWithId Write createAPIKey Write createAPIKeyWithId Write createApplication Write createApplicationRole Write createApplicationRoleWithId Write createApplicationWithId Write createAuditLogWithId Write createConnector Write createConnectorWithId Write createConsent Write createConsentWithId Write createDevice_authorize Write createDeviceApprove Write createDeviceUserCode Write createEmailTemplate Write createEmailTemplateWithId Write createEntity Write createEntityType Write createEntityTypePermission Write createEntityTypePermissionWithId Write createEntityTypeWithId Write createEntityWithId Write createFamily Write createFamilyWithId Write createForm Write createFormField Write createFormFieldWithId Write createFormWithId Write createGroup Write createGroupMembersWithId Write createGroupWithId Write createIdentityProvider Write createIdentityProviderWithId Write createIntrospect Write createIPAccessControlList Write createIPAccessControlListWithId Write createLambda Write createLambdaWithId Write createLogout Write createMessageTemplate Write createMessageTemplateWithId Write createMessenger Write createMessengerWithId Write createOAuthScope Write createOAuthScopeWithId Write createTenant Write createTenantWithId Write createTheme Write createThemeWithId Write createToken Write createUser Write createUserAction Write createUserActionReason Write createUserActionReasonWithId Write createUserActionWithId Write createUserChangePassword Write createUserConsent Write createUserConsentWithId Write createUserLinkWithId Write createUserVerifyEmail Write createUserWithId Write createWebhook Write createWebhookWithId Write enableTwoFactorWithId Write exchangeRefreshTokenForJWTWithId Write generateKey Write generateKeyWithId Write generateTwoFactorRecoveryCodesWithId Write generateTwoFactorSecretUsingJWTWithId Write identityProviderLoginWithId Write importKey Write importKeyWithId Write importRefreshTokensWithId Write importUsersWithId Write importWebAuthnCredentialWithId Write issueJWTWithId Write loginPingWithId Write loginPingWithRequestWithId Write loginWithId Write modifyActionWithId Write passwordlessLoginWithId Write patchAPIKeyWithId Write patchApplicationRoleWithId Write patchApplicationWithId Write patchConnectorWithId Write patchConsentWithId Write patchEmailTemplateWithId Write patchEntityTypePermissionWithId Write patchEntityTypeWithId Write patchEntityWithId Write patchFormFieldWithId Write patchFormWithId Write patchGroupWithId Write patchIdentityProviderWithId Write patchIntegrationsWithId Write patchIPAccessControlListWithId Write patchLambdaWithId Write patchMessageTemplateWithId Write patchMessengerWithId Write patchOAuthScopeWithId Write patchRegistrationWithId Write patchSystemConfigurationWithId Write patchTenantWithId Write patchThemeWithId Write patchUserActionReasonWithId Write patchUserActionWithId Write patchUserConsentWithId Write patchUserWithId Write patchWebhookWithId Write reconcileJWTWithId Write register Write registerWithId Write sendEmailWithId Write sendFamilyRequestEmailWithId Write sendPasswordlessCodeWithId Write sendTwoFactorCodeForEnableDisableWithId Write sendTwoFactorCodeForLoginUsingMethodWithId Write sendVerifyIdentityWithId Write twoFactorLoginWithId Write updateAPIKeyWithId Write updateApplicationRoleWithId Write updateApplicationWithId Write updateConnectorWithId Write updateConsentWithId Write updateEmailTemplateWithId Write updateEntityTypePermissionWithId Write updateEntityTypeWithId Write updateEntityWithId Write updateFormFieldWithId Write updateFormWithId Write updateGroupMembersWithId Write updateGroupWithId Write updateIdentityProviderWithId Write updateIntegrationsWithId Write updateIPAccessControlListWithId Write updateKeyWithId Write updateLambdaWithId Write updateMessageTemplateWithId Write updateMessengerWithId Write updateOAuthScopeWithId Write updateRegistrationWithId Write updateSystemConfigurationWithId Write updateTenantWithId Write updateThemeWithId Write updateUserActionReasonWithId Write updateUserActionWithId Write updateUserConsentWithId Write updateUserFamilyWithId Write updateUserVerifyEmail Write updateUserVerifyRegistration Write updateUserWithId Write updateWebhookWithId Write upsertEntityGrantWithId Write vendJWTWithId
READ 106 tools
Read retrieveActionWithId Read retrieveAPIKeyWithId Read retrieveApplication Read retrieveApplicationWithId Read retrieveAuditLogWithId Read retrieveConnectorWithId Read retrieveConsentWithId Read retrieveDailyActiveReportWithId Read retrieveDeviceUserCode Read retrieveDeviceValidate Read retrieveEmailTemplate Read retrieveEmailTemplatePreviewWithId Read retrieveEmailTemplateWithId Read retrieveEntityGrantWithId Read retrieveEntityTypeWithId Read retrieveEntityWithId Read retrieveEventLogWithId Read retrieveFamiliesWithId Read retrieveFamilyMembersByFamilyIdWithId Read retrieveFormFieldWithId Read retrieveFormWithId Read retrieveGroupWithId Read retrieveIdentityProviderByTypeWithId Read retrieveIdentityProviderLink Read retrieveIdentityProviderLookup Read retrieveIdentityProviderWithId Read retrieveIPAccessControlListWithId Read retrieveJsonWebKeySetWithId Read retrieveJwtPublicKey Read retrieveKeysWithId Read retrieveKeyWithId Read retrieveLambdasByTypeWithId Read retrieveLambdaWithId Read retrieveMessageTemplate Read retrieveMessageTemplatePreviewWithId Read retrieveMessageTemplateWithId Read retrieveMessengerWithId Read retrieveMonthlyActiveReportWithId Read retrieveOauthConfigurationWithId Read retrieveOAuthScopeWithId Read retrieveOpenIdConfigurationWithId Read retrievePasswordValidationRulesWithId Read retrievePasswordValidationRulesWithTenantIdWithId Read retrievePendingChildrenWithId Read retrievePendingLinkWithId Read retrieveReactorMetricsWithId Read retrieveRefreshTokenByIdWithId Read retrieveRefreshTokensWithId Read retrieveRegistrationReportWithId Read retrieveRegistrationWithId Read retrieveReportLogin Read retrieveStatus Read retrieveSystemHealthWithId Read retrieveTenantWithId Read retrieveThemeWithId Read retrieveTotalReportWithExcludesWithId Read retrieveTwoFactorRecoveryCodesWithId Read retrieveTwoFactorStatusWithId Read retrieveTwoFactorStatusWithRequestWithId Read retrieveUser Read retrieveUserAction Read retrieveUserActioning Read retrieveUserActionReason Read retrieveUserActionReasonWithId Read retrieveUserActionWithId Read retrieveUserChangePassword Read retrieveUserChangePasswordWithId Read retrieveUserCommentsWithId Read retrieveUserConsentsWithId Read retrieveUserConsentWithId Read retrieveUserInfoFromAccessTokenWithId Read retrieveUserRecentLogin Read retrieveUserWithId Read retrieveVersionWithId Read retrieveWebAuthnCredentialsForUserWithId Read retrieveWebAuthnCredentialWithId Read retrieveWebhook Read retrieveWebhookAttemptLogWithId Read retrieveWebhookEventLogWithId Read retrieveWebhookWithId Read searchApplicationsWithId Read searchAuditLogsWithId Read searchConsentsWithId Read searchEmailTemplatesWithId Read searchEntitiesByIdsWithId Read searchEntitiesWithId Read searchEntityGrantsWithId Read searchEntityTypesWithId Read searchEventLogsWithId Read searchGroupMembersWithId Read searchGroupsWithId Read searchIdentityProvidersWithId Read searchIPAccessControlListsWithId Read searchKeysWithId Read searchLambdasWithId Read searchLoginRecordsWithId Read searchTenantsWithId Read searchThemesWithId Read searchUserCommentsWithId Read searchUsersByIdsWithId Read searchUsersByQueryWithId Read searchWebhookEventLogsWithId Read searchWebhooksWithId Read validateJWTWithId Read verifyIdentityWithId Read verifyUserRegistrationWithId
// FAQ
Can an AI agent delete data through the Mcp Api MCP server? +

Yes. The Mcp Api server exposes 41 destructive tools including cancelActionWithId, changePasswordWithId, deleteAPIKeyWithId. These permanently remove resources with no undo. Intercept blocks destructive tools by default so they never reach the upstream server.

How do I prevent bulk modifications through Mcp Api? +

The Mcp Api server has 161 write tools including actionUserWithId, activateReactorWithId, commentOnUserWithId. Set rate limits in your policy file -- for example, rate_limit: 10/hour prevents an agent from making more than 10 modifications per hour. Intercept enforces this at the transport layer.

How many tools does the Mcp Api MCP server expose? +

314 tools across 4 categories: Destructive, Execute, Read, Write. 106 are read-only. 208 can modify, create, or delete data.

How do I add Intercept to my Mcp Api setup? +

One line change. Instead of running the Mcp Api server directly, prefix it with Intercept: intercept -c io-fusionauth-mcp-api.yaml -- npx -y @@fusionauth/mcp-api. Download a pre-built policy from policylayer.com/policies/io-fusionauth-mcp-api and adjust the limits to match your use case.

// RELATED SERVERS

Other MCP servers with similar tools.

Starter policies available for each. Same risk classification, same one-command setup.

Aibtc 308 tools
adminautomation
SmartBear MCP 243 tools
adminautomation
Google Super 200 tools
adminautomation
Arcane 180 tools
adminautomation
Propresenter 177 tools
adminautomation
Leaper Vision Toolkit 169 tools
adminautomation
Opencut Controller 161 tools
adminautomation
Apiosk 160 tools
adminautomation

Let agents act without letting them run wild.

Deterministic policy on every MCP tool call. Per-identity grants. Full audit log.

GET STARTED →
// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.