Skip to content

MCP Track B Phase B5-B6: enable governed group/public tools and enterprise readiness #1020

Description

@Bionic711

Summary

Complete the deferred inbound MCP scope from #1013: governed group/public/all-scope tools plus enterprise-readiness hardening.

Deferred Tools

Keep these disabled until this issue is implemented and explicitly reviewed:

  • list_group_workspaces
  • list_group_documents
  • list_group_prompts
  • list_public_workspaces
  • list_public_documents
  • list_public_prompts
  • All-scope search_documents
  • All-scope send_chat_message

Scope

  • Reuse existing group/public role checks and workspace-status checks.
  • Add governance controls per tool and scope.
  • Add tenant/client/user audit logging.
  • Add pagination and result limits.
  • Add negative tests for users without workspace access.
  • Add admin UX for enabling specific tools/scopes rather than relying on environment variables.
  • Add correlation IDs across MCP requests, tool execution, and downstream SimpleChat operations.
  • Track caller app ID, delegated user ID, tool name, duration, result status, and error type.
  • Redact tokens, secrets, prompts, and sensitive document content.
  • Avoid in-memory token/session caches as production state.
  • Add bounded request timeouts, safe retry behavior, and health/readiness endpoints.
  • Ensure multi-instance deployments behave consistently.
  • Document app registration, PRM metadata, inbound MCP governance setup, supported tools, non-goals, and disablement workflows.

Acceptance Criteria

  • Group/public/all-scope tools remain disabled until explicitly enabled by governance.
  • Users without workspace roles cannot access group/public data.
  • Inactive or disabled workspaces remain blocked.
  • Admin UX supports client/tool/scope enablement and redaction.
  • Audit and telemetry identify caller app, delegated user, tool, duration, status, and error type without logging secrets.
  • Health/readiness endpoints work for the MCP hosting surface.
  • Multi-instance behavior does not rely on in-memory auth state.
  • Documentation covers setup, governance, supported tools, and operational disablement.

Notes

Parent: #1013
Depends on the inbound auth/governance foundation and initial personal tool issues.
Planning doc: docs/explanation/features/MCP_PLUGIN_ROBUSTNESS_PLAN.md
Priority: P1
Size: XL

Metadata

Metadata

Assignees

Labels

enhancementNew feature or requestsecurity_improvementThis issue results in an improvement to security

Type

No type

Fields

No fields configured for issues without a type.

Projects

Status
Pending Evaluation

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions