Portkey Admin

150 tools. 74 can modify or destroy data without limits.

21 destructive tools with no built-in limits. Policy required.

Last updated:

74 can modify or destroy data
76 read-only
150 tools total

Verified server · catalogue entry verified 29/06/2026 · full schemas captured for 150 of 150 tools

How to control Portkey Admin ↓

What Portkey Admin exposes to your agents

Read (76) Write / Execute (53) Destructive / Financial (21)

What Portkey Admin costs in tokens

46,570 tokens of tool definitions, loaded on every request
23% of a 200k context window
1,170 heaviest tool: get_analytics_group_metadata
Critical Risk

The most dangerous Portkey Admin tools

74 of Portkey Admin's 150 tools can modify, destroy, or commit something on every call — and an agent calls them with no built-in limits.

How to control Portkey Admin

PolicyLayer is an MCP gateway — it sits between your AI agents and Portkey Admin, and nothing reaches the server without passing your rules. These are the rules we recommend:

Deny destructive operations
{
  "cancel_log_export": {
    "deny_if": [
      {
        "conditions": [],
        "on_deny": "Blocked by default. Requires approval."
      }
    ]
  }
}

Destructive tools should never be available to autonomous agents without human approval.

Rate limit write operations
{
  "add_workspace_member": {
    "limits": [
      {
        "counter": "add_workspace_member_per_hour",
        "window": "hour",
        "max": 30,
        "scope": "grant"
      }
    ]
  }
}

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations
{
  "download_log_export": {
    "limits": [
      {
        "counter": "download_log_export_per_minute",
        "window": "minute",
        "max": 60,
        "scope": "grant"
      }
    ]
  }
}

Controls API costs and prevents retry loops from exhausting upstream rate limits.

  1. Create a free account and register Portkey Admin — nothing to install.
  2. Add these rules — paste them, or build them visually. Tune the limits to your setup.
  3. Point your MCP client (Claude, Cursor, anything) at your gateway URL.
ENFORCE POLICY ON PORTKEY ADMIN →

Instant setup, no code required.

All 150 Portkey Admin tools

DESTRUCTIVE 21 tools
Destructive cancel_log_export Cancel a pending or running log export job, unlike start_log_export which queues one or delete_integration whi Destructive delete_api_key Delete an API key by UUID. This cannot be undone, revokes access immediately, and can break active sessions us Destructive delete_collection Delete a prompt collection by ID. This cannot be undone; prompts stay in the workspace but lose their collecti Destructive delete_config Delete a config by slug. This is permanent, removes all versions, and breaks anything still pointing at that s Destructive delete_guardrail Delete a guardrail by id or slug. This is irreversible and removes the check from any configs that reference i Destructive delete_integration Delete an integration by slug. This is irreversible and stops the org-level connection, which will break depen Destructive delete_integration_model Delete a custom model from an integration. Built-in models should be disabled instead, because deletion only a Destructive delete_mcp_integration Delete an MCP integration and all servers beneath it. This is irreversible, removes connected access immediate Destructive delete_mcp_server Delete an MCP server instance. This is irreversible, removes connected users' access immediately, and should b Destructive delete_prompt Delete a prompt and all its versions by id. This cannot be undone, immediately breaks callers using the slug, Destructive delete_prompt_label Delete a prompt label by ID. This cannot be undone; versions carrying the label lose it, and any workflow reso Destructive delete_prompt_partial Delete a prompt partial by ID. This cannot be undone, and prompts that reference it with {{> name}} will fail Destructive delete_provider Delete a workspace provider by slug. This is irreversible and will break prompts, configs, and virtual keys th Destructive delete_rate_limit Delete a rate limit by id. This is permanent and removes throttling immediately; review dependent configs and Destructive delete_usage_limit Delete a usage limit by id. This is permanent, removes the budget immediately, and clears tracked usage state; Destructive delete_user Delete a user from the org by id. This is permanent, removes org and workspace memberships, revokes API keys, Destructive delete_user_invite Delete a pending invite and revoke its invite link. This does not affect existing users; use delete_user for f Destructive delete_virtual_key Delete a virtual key by slug. This is irreversible and will break prompts and configs that reference the slug, Destructive delete_workspace Delete a workspace by id. This is permanent and removes the workspace, its members, configs, API keys, and res Destructive remove_workspace_member Remove a user from a workspace and revoke workspace access. This does not delete the user from the organizatio Destructive reset_usage_limit_entity Reset tracked usage for one entity under a usage limit. This changes accumulated usage for that entity only; u
WRITE 51 tools
Write add_workspace_member Add an existing org user to a workspace with a role. Requires a UUID user_id; use list_all_users to find it, a Write create_api_key Create a Portkey API key for auth. Org keys grant broader access; workspace keys are scoped. WARNING: The key Write create_collection Create a new prompt collection for organizing prompts by app. Use this when you need a new namespace before cr Write create_config Create a config that defines routing, cache, retry, and targets for requests; use update_config to modify an e Write create_feedback Create feedback for a trace or request. Writes a new feedback record linked by trace_id, returns the created f Write create_guardrail Create a guardrail with checks and actions for request filtering. Create it first, then reference it from conf Write create_integration Create an org-level provider integration. Some backends need provider-specific fields, and the new integration Write create_log_export Create a log export definition with filters and requested fields. This only sets up the export and does not st Write create_mcp_integration Create an MCP integration from an external server URL. Registers the Portkey-side connection and returns the n Write create_mcp_server Create an MCP server under an existing integration. Registers the server and returns the new id and slug; use Write create_prompt Create a new prompt template and initial version. Use this for first-time setup; use migrate_prompt for idempo Write create_prompt_label Create a prompt label for tagging prompt versions such as production, staging, or experiment. Requires either Write create_prompt_partial Create a reusable prompt partial for inclusion with {{> partial_name}}. Use this for shared snippets or macros Write create_provider Create a workspace provider backed by an org integration. The provider inherits the integration key, but its l Write create_rate_limit Create a request or token throttle with conditions, group_by, type, unit, and value. conditions and group_by a Write create_usage_limit Create a cumulative budget for cost or tokens with optional alerts and weekly or monthly resets. conditions an Write create_virtual_key Store a provider API key as a virtual key. The raw key is encrypted and only returned at creation time, so sav Write create_workspace Create a workspace to isolate resources, API keys, and team members. If slug is omitted it is auto-generated f Write insert_log Insert log records for requests that bypassed the gateway. This writes request, response, and trace metadata i Write invite_user Invite a new org user and optionally provision workspace access and an API key in one call. Workspace assignme Write migrate_prompt Create or update a prompt in one idempotent step for CI/CD and prompt-as-code flows. Finds existing prompts by Write promote_prompt Copy a prompt from one environment to another and create or update the target automatically. Use this for stag Write publish_partial Publish a specific partial version as the default, unlike update_prompt_partial which creates a new draft with Write publish_prompt Publish a specific version of a prompt as the active default, unlike promote_prompt which copies across enviro Write resend_user_invite Resend the email for a pending invite that has not been accepted, unlike invite_user which creates a new invit Write update_api_key Update an API key's name, description, scopes, defaults, or limits, unlike delete_api_key which revokes it or Write update_collection Update a collection's name or description only. This does not move prompts or change membership, so use it for Write update_config Update a config by slug and create a new version. Only provided fields change; name and status are editable, w Write update_feedback Update an existing feedback record by ID. Returns the updated status and feedback IDs, changes only value, wei Write update_guardrail Update a guardrail's name, checks, or actions, unlike create_guardrail which registers a new one or delete_gua Write update_integration Update an integration's name, key, or provider-specific config. Key and config changes take effect immediately Write update_integration_models Enable, disable, or register custom models for an integration. This changes model availability for every works Write update_integration_workspaces Control which workspaces can use an integration and set per-workspace limits, unlike update_integration which Write update_log_export Update an existing log export configuration before or between export runs. Only workspace_id, time_of_generati Write update_mcp_integration Update an MCP integration's name, description, URL, auth, or transport. Changes apply immediately and altering Write update_mcp_integration_capabilities Bulk enable or disable capabilities on an MCP integration. Changes take effect immediately for connected users Write update_mcp_integration_workspaces Grant or revoke workspace access to an MCP integration in bulk. Changes take effect immediately for all users Write update_mcp_server Update an MCP server's name or description. Changes apply immediately, but URL and auth live on the parent int Write update_mcp_server_capabilities Enable or disable capabilities on an MCP server. Changes take effect immediately and override the integration- Write update_mcp_server_user_access Grant or revoke individual user access to an MCP server. Changes take effect immediately and override the defa Write update_prompt Update an existing prompt and create a new archived version. Only provided fields change, and publish_prompt i Write update_prompt_label Update a prompt label's name, description, or color only, unlike update_prompt_version which changes which lab Write update_prompt_partial Create a new version of a partial by updating its content or metadata. Only provided fields change, and the ne Write update_prompt_version Update a specific prompt version's label assignment. This only assigns or removes a label, and null clears the Write update_provider Update a provider's metadata, limits, or expiration. reset_usage clears accumulated usage counters immediately Write update_rate_limit Update a rate limit's name, unit, or value by id. Conditions and group_by are immutable after creation; use ge Write update_usage_limit Update a usage limit's name, credit_limit, alert_threshold, reset schedule, or reset target by id, unlike upda Write update_user Update a user's first name, last name, or organization role by id. Email and workspace roles are not editable Write update_virtual_key Update a virtual key's name, secret, note, or limits. Rotating the key takes effect immediately, and limit cha Write update_workspace Update a workspace's name, slug, description, default flag, or metadata by id, unlike update_workspace_member Write update_workspace_member Update a workspace member's role by workspace_id and user_id. Only the role changes here; use list_workspace_m
READ 76 tools
Read download_log_export Get a signed URL for downloading a completed log export. The export must already be finished; use get_log_expo Read get_analytics_group_metadata Get a paginated metadata breakdown with total_groups, group_count, and a metadata_groups array grouped by the Read get_analytics_group_models Get a paginated per-model breakdown with total_groups, group_count, and a models array containing request coun Read get_analytics_group_users Get a paginated per-user breakdown with total_groups, group_count, and a users array containing request count, Read get_api_key Fetch one API key by UUID without revealing the secret. Use this to inspect scopes, defaults, limits, expirati Read get_cache_hit_latency Get cache-hit-only latency time-series data with summary.total_latency, summary.avg_latency, and per-bucket to Read get_cache_hit_rate Get cache-effectiveness time-series data with summary.hit_rate, summary.total_hits, summary.total_misses, and Read get_collection Fetch one collection by id or slug and return its name, slug, workspace, and timestamps. Use list_collections Read get_config Get one config by slug and return its routing, cache, retry, and target settings. Requires a known slug; use l Read get_cost_analytics Get cost time-series data with summary.total_cost, summary.average_cost_per_request, and per-bucket total/avg Read get_error_analytics Get error-count time-series data with summary.total_errors and per-bucket counts. Use this for high-level erro Read get_error_rate_analytics Get error-rate time-series data with summary.error_rate_percent and per-bucket percentages of total requests. Read get_error_stacks_analytics Get stacked error-series data grouped by HTTP status code over time, with summary and per-code series. Use thi Read get_error_status_codes_analytics Get HTTP error-code distribution time-series data with summary and per-code series. Use this to see which code Read get_feedback_analytics Get feedback-submission time-series data with summary totals and per-bucket counts. Use this as the top-level Read get_feedback_models_analytics Get feedback time-series data grouped by model, with per-model counts over time. Use this to compare feedback Read get_feedback_scores_analytics Get raw feedback-score distribution time-series data with per-score buckets. Use this to understand sentiment Read get_feedback_weighted_analytics Get weighted feedback-score time-series data using the weight recorded at feedback creation. Use this for cali Read get_guardrail Fetch one guardrail by id or slug with its full checks and actions; use list_guardrails to discover ids first. Read get_integration Fetch one integration by slug, including masked key, workspace access, allowed models, and configuration metad Read get_latency_analytics Get latency time-series data with summary.avg_latency_ms, summary.p50_latency_ms, summary.p90_latency_ms, summ Read get_log_export Fetch one log export job by export_id and return its status, filters, requested fields, and file metadata. Use Read get_mcp_integration Retrieve one MCP integration by id or slug. Returns the full Portkey-side config, including auth type, transpo Read get_mcp_integration_metadata Retrieve the external MCP server's self-reported metadata for an integration. Returns name, version, protocol, Read get_mcp_server Retrieve one MCP server by id or slug. Returns server details including the parent integration, status, and cr Read get_prompt Fetch a prompt's full definition, active version, and version history. Use this before updating, publishing, r Read get_prompt_label Fetch one label's full definition, including scope, color, and status. Use this when you already know the labe Read get_prompt_partial Fetch a partial's content and current version details. Use this before embedding, updating, or checking what { Read get_prompt_version Retrieve a specific prompt version by its version UUID. Use list_prompt_versions to find the id first; returns Read get_provider Fetch one provider by slug, including limits, rate settings, expiration, and reset status. Use this to check c Read get_rate_limit Get one rate limit by id and return its full conditions and grouping definition. Use list_rate_limits to disco Read get_request_analytics Get request-volume time-series data with summary.total_requests, summary.successful_requests, summary.failed_r Read get_rescued_requests_analytics Get rescued-request time-series data showing requests recovered by retry or fallback handling. Use this only w Read get_token_analytics Get token-usage time-series data with summary.total_tokens, summary.prompt_tokens, summary.completion_tokens, Read get_usage_limit Get one usage limit by id and return its full budget, threshold, grouping, and reset details. Use list_usage_l Read get_user Get one accepted user by id and return their profile, role, and timestamps. Use list_all_users to find the id Read get_user_invite Get one invitation by invite id and return its email, role, status, and expiry. Use this for pending invites o Read get_user_requests_analytics Get per-user request-count time-series data with counts grouped by user. Use this to find heavy users and traf Read get_user_stats Return per-user request and cost analytics for a required time range. This is usage-by-user, not population me Read get_users_analytics Get user-growth time-series data with summary.total_active_users, summary.total_new_users, and per-bucket acti Read get_virtual_key Fetch one virtual key by slug, including metadata, a masked secret, limits, status, and model config. Use this Read get_workspace Get one workspace by id and return its full details, including defaults and the complete member list. Use this Read get_workspace_member Get one workspace member by workspace_id and user_id. Use this when you already know both IDs; use list_worksp Read list_all_users List accepted org users with id, name, email, role, and timestamps. Use this to find a user_id before get_user Read list_api_keys List Portkey API keys for auditing access, scopes, defaults, limits, and expiration. Use this for API keys onl Read list_audit_logs List audit log events for a Portkey workspace or organization. Returns paginated action-level records with act Read list_collections List prompt collections in the workspace, optionally filtering by name or workspace. Returns ids, names, slugs Read list_config_versions List every version of a config with version number, config payload, creator, and timestamp. Use this to audit Read list_configs List configs in the org with id, slug, name, status, workspace, and timestamps. Use this summary view to find Read list_guardrails List guardrails in the org with id, slug, status, ownership, and optional workspace/org filters. Use this to f Read list_integration_models List models enabled on an integration. Use this to verify model availability before creating prompts or config Read list_integration_workspaces List workspaces that can use an integration, with their limits. Use this to audit access or confirm per-worksp Read list_integrations List org-level AI provider connections with optional workspace or type filters. Use this to find integration s Read list_log_exports List log export jobs in a workspace with status, filters, and timestamps. Use this to find an export_id before Read list_mcp_integration_capabilities List capabilities exposed by the external MCP server for an integration. Returns total plus enabled-state entr Read list_mcp_integration_workspaces List which workspaces can access an MCP integration. Returns the global access mode plus per-workspace enablem Read list_mcp_integrations List MCP integrations in the organization. Returns paginated integration records plus total and has_more for d Read list_mcp_server_capabilities List capabilities exposed by an MCP server instance. Returns total plus the current tool, resource, and prompt Read list_mcp_server_user_access List per-user access for an MCP server. Returns the default access mode, override flags, and connection status Read list_mcp_servers List MCP servers in the organization. Returns paginated server records plus total for discovering server IDs; Read list_partial_versions List all versions for one partial, including version numbers, descriptions, status, and timestamps. Use this w Read list_prompt_labels List labels across the workspace or organisation, with optional search and scope filters. Returns ids, names, Read list_prompt_partials List partials across collections, with optional collection filtering. Returns ids, slugs, names, collections, Read list_prompt_versions List all versions of one prompt, including version number, description, status, label, and a short template pr Read list_prompts List prompts across the workspace, with optional collection, workspace, or search filters. Returns a paginated Read list_providers List workspace-scoped provider instances and their limits or status. Use this to find provider slugs for works Read list_rate_limits List rate limits in the org with id, type, unit, value, status, scope, conditions, and grouping. Use this to f Read list_usage_limit_entities List the entities currently tracked against a usage limit, including current usage. Use this to see who is nea Read list_usage_limits List usage limits in the org with id, type, credit_limit, status, reset schedule, scope, conditions, and group Read list_user_invites List pending and sent invitations with id, email, role, status, and expiry. Use this to check invite state; us Read list_virtual_keys List provider API keys stored as virtual keys in your Portkey org. Use this to find slugs before wiring prompt Read list_workspace_members List every member in a workspace with organization role, workspace role, status, and timestamps. Use this to f Read list_workspaces List workspaces with id, name, slug, default settings, and timestamps. Use this to find a workspace_id before Read render_prompt Render a prompt by substituting variables and returning the final messages without calling the model. Use this Read test_mcp_server Test connectivity to an MCP server. Sends a live check and returns success, response time, HTTP status, and an Read validate_completion_metadata Preflight billing metadata before run_prompt_completion. Validates required fields and values without making c

Related servers

Other MCP servers with similar tools — same risk classification, starter policies for each.

Questions about Portkey Admin

Can an AI agent delete data through the Portkey Admin MCP server? +

Yes. The Portkey Admin server exposes 21 destructive tools including cancel_log_export, delete_api_key, delete_collection. These permanently remove resources with no undo. PolicyLayer blocks destructive tools by default so they never reach the upstream server.

How do I prevent bulk modifications through Portkey Admin? +

The Portkey Admin server has 51 write tools including add_workspace_member, create_api_key, create_collection. Set a rate limit in your policy -- for example, 10 calls per hour prevents an agent from making more than 10 modifications per hour. PolicyLayer enforces this at the gateway, before calls reach Portkey Admin.

How many tools does the Portkey Admin MCP server expose? +

150 tools across 4 categories: Destructive, Execute, Read, Write. 76 are read-only. 74 can modify, create, or delete data.

How do I enforce a policy on Portkey Admin? +

Register the Portkey Admin MCP server in PolicyLayer, apply the suggested rules above (adjust the limits to your use case), and point your AI client at the PolicyLayer proxy URL instead of the server directly. Your agents keep the same tools; PolicyLayer evaluates every call against policy before it executes. Nothing to install, live in minutes.

Enforce policy on every Portkey Admin tool call.

Deterministic rules across all 150 Portkey Admin tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

Instant setup, no code required.

150 Portkey Admin tools catalogued and risk-classified — across an index of 43,000+ MCP servers.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.