Critical-risk tools in Mcp Api
40 of the 310 tools in Mcp Api are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at critical risk
-
cancelActionWithIdDestructive 4/5Cancels the user action.
-
changePasswordWithIdDestructive 5/5Changes a user's password using the change password Id. This usually occurs after an email has been sent to the user and they clicked on a link to reset their password. As of v...
-
deleteAPIKeyWithIdDestructive 4/5Deletes the API key for the given Id.
-
deleteApplicationRoleWithIdDestructive 5/5Hard deletes an application role. This is a dangerous operation and should not be used in most circumstances. This permanently removes the given role from all users that had it.
-
deleteApplicationWithIdDestructive 4/5Hard deletes an application. This is a dangerous operation and should not be used in most circumstances. This will delete the application, any registrations for that application...
-
deleteConnectorWithIdDestructive 4/5Deletes the connector for the given Id.
-
deleteConsentWithIdDestructive 4/5Deletes the consent for the given Id.
-
deleteEmailTemplateWithIdDestructive 4/5Deletes the email template for the given Id.
-
deleteEntityGrantWithIdDestructive 4/5Deletes an Entity Grant for the given User or Entity.
-
deleteEntityTypePermissionWithIdDestructive 4/5Hard deletes a permission. This is a dangerous operation and should not be used in most circumstances. This permanently removes the given permission from all grants that had it.
-
deleteEntityTypeWithIdDestructive 4/5Deletes the Entity Type for the given Id.
-
deleteEntityWithIdDestructive 4/5Deletes the Entity for the given Id.
-
deleteFormFieldWithIdDestructive 4/5Deletes the form field for the given Id.
-
deleteFormWithIdDestructive 4/5Deletes the form for the given Id.
-
deleteGroupMembersWithIdDestructive 4/5Removes users as members of a group.
-
deleteGroupWithIdDestructive 4/5Deletes the group for the given Id.
-
deleteIdentityProviderWithIdDestructive 4/5Deletes the identity provider for the given Id.
-
deleteIPAccessControlListWithIdDestructive 4/5Deletes the IP Access Control List for the given Id.
-
deleteJwtRefreshDestructive 5/5Revokes refresh tokens using the information in the JSON body. The handling for this method is the same as the revokeRefreshToken method and is based on the information you prov...
-
deleteKeyWithIdDestructive 4/5Deletes the key for the given Id.
-
deleteLambdaWithIdDestructive 4/5Deletes the lambda for the given Id.
-
deleteMessageTemplateWithIdDestructive 4/5Deletes the message template for the given Id.
-
deleteMessengerWithIdDestructive 4/5Deletes the messenger for the given Id.
-
deleteOAuthScopeWithIdDestructive 4/5Hard deletes a custom OAuth scope. OAuth workflows that are still requesting the deleted OAuth scope may fail depending on the application's unknown scope policy.
-
deleteTenantWithIdDestructive 5/5Deletes the tenant based on the given request (sent to the API as JSON). This permanently deletes all information, metrics, reports and data associated with the tenant and every...
-
deleteThemeWithIdDestructive 4/5Deletes the theme for the given Id.
-
deleteUserActionReasonWithIdDestructive 4/5Deletes the user action reason for the given Id.
-
deleteUserActionWithIdDestructive 4/5Deletes the user action for the given Id. This permanently deletes the user action and also any history and logs of the action being applied to any users. OR Deactivates the use...
-
deleteUserBulkDestructive 5/5Deletes the users with the given Ids, or users matching the provided JSON query or queryString. The order of preference is Ids, query and then queryString, it is recommended to ...
-
deleteUserLinkWithIdDestructive 4/5Remove an existing link that has been made from a 3rd party identity provider to a FusionAuth user.
-
deleteUserRegistrationWithIdDestructive 4/5Deletes the user registration for the given user and application along with the given JSON body that contains the event information. OR Deletes the user registration for the giv...
-
deleteUserTwoFactorWithIdDestructive 5/5Disable two-factor authentication for a user using a JSON body rather than URL parameters. OR Disable two-factor authentication for a user.
-
deleteUserWithIdDestructive 4/5Deletes the user based on the given request (sent to the API as JSON). This permanently deletes all information, metrics, reports and data associated with the user. OR Deletes t...
-
deleteWebAuthnCredentialWithIdDestructive 4/5Deletes the WebAuthn credential for the given Id.
-
deleteWebhookWithIdDestructive 4/5Deletes the webhook for the given Id.
-
forgotPasswordWithIdDestructive 4/5Begins the forgot password sequence, which kicks off an email to the user so that they can reset their password.
-
reindexWithIdDestructive 4/5Requests Elasticsearch to delete and rebuild the index for FusionAuth users or entities. Be very careful when running this request as it will increase the CPU and I/O load on y...
-
removeUserFromFamilyWithIdDestructive 4/5Removes a user from the family with the given Id.
-
revokeRefreshTokenByIdWithIdDestructive 4/5Revokes a single refresh token by the unique Id. The unique Id is not sensitive as it cannot be used to obtain another JWT.
-
revokeUserConsentWithIdDestructive 4/5Revokes a single User consent by Id.
Attacks that target this class
Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.
More on Mcp Api
Enforce policy on Mcp Api
One command generates a policy scaffold for every server in your MCP config.
npx -y @policylayer/intercept init