Skip to main content
Version: 1.1.x

Agent Access Control

Agent Access Control in Lunar.dev MCPX lets you manage which tools and services each agent can use, through a toggle-based interface in the MCPX UI.

Why Agent Access Control Matters

Without explicit access controls, agents can call any tool on any connected MCP server, including tools they don't need. This creates excessive agency, an OWASP MCP top-10 risk where over-privileged agents become a security liability. Agent Access Control gives you per-agent scope at the gateway layer, so each agent only sees the tools it needs for its job.

Overview

Every agent has an access control section that defines its tool permissions. You can grant full access to all tools or limit access to specific tool groups created in your Tool Catalog.

This makes it easy to maintain fine-grained control over what actions an agent can perform, all from within the MCPX interface.

Using the Agent Access Modal

  1. Open the MCPX UI Dashboard.
  2. Select an agent to open its settings modal.
  3. In the Tools Access section, choose one of two options:
    • All Server Tools — The agent can use all available tools.
    • Tool Groups — Enable or disable specific tool groups.
  4. Toggle access per group or service as needed.

Default Access Rules

If you haven't created any tool groups yet, All Server Tools is automatically enabled. As soon as tool groups exist, you can select which tool groups the agent can access. This provides flexibility while maintaining secure defaults.

Learn more about creating and managing tool groups in Tool Groups.

MCPX follows the MCP Specifications for List Changed notifications, meaning that when MCPX recognizes that a user made changes to a tool it notifies the client by sending a list_changed notification. However, not all clients support this notification yet, so you may need to restart your client in order to see the updated tool access.