Granular Server Permission Scoping

Currently, HasMCP strictly enforces Role-Based Access Control exclusively at the explicit Workspace Level. This means that if you promote an invited user to the Developer role, they explicitly inherit universal edit access across all Provider Tools and Variables explicitly deployed into that specific Workspace.

Achieving Granular Isolation

If your modern architecture strictly mandates that “Developer A” exclusively possesses edit capabilities for Staging_LLM_Server, but cannot possibly manipulate Production_Analytics_Server, you must physically isolate them. Currently, HasMCP does not provide item-level granular RBAC internally. To achieve component-level isolation reliably:

Create a brand new independent Workspace strictly for “Production Analytics”.
Migrate the Production infrastructure.
Exclusively invite the developers explicitly authorized to modify that production architecture to the new isolated workspace.

Overview

Servers

Providers

Provider Tools

Provider Resources

Provider Prompts

Server Tools

Server Resources

Server Prompts

Tokens & Authentication

Server Variables

General Workflows

Enterprise Data

Data Transformation

Enterprise Role-Based Access

Security & Encryption

Advanced Architecture

Identity & Elicitation

MCP Telemetry

Dynamic Tooling

Secret Management

How do I grant edit access to a specific Server but not others?

Granular Server Permission Scoping

Achieving Granular Isolation

Overview

Servers

Providers

Provider Tools

Provider Resources

Provider Prompts

Server Tools

Server Resources

Server Prompts

Tokens & Authentication

Server Variables

General Workflows

Enterprise Data

Data Transformation

Enterprise Role-Based Access

Security & Encryption

Advanced Architecture

Identity & Elicitation

MCP Telemetry

Dynamic Tooling

Secret Management

​Granular Server Permission Scoping

​Achieving Granular Isolation

Granular Server Permission Scoping

Achieving Granular Isolation