How access control works
When an MCP client sends a request, the server evaluates two things:- Server access mode — the maximum level of operations the MCP server allows on the cluster (read-only or read/write). This is configured by an administrator in the Console.
- User permissions — the StreamNative Cloud roles assigned to the authenticated user or service account. These roles determine which resources the user can access.
Both layers must permit an operation for it to succeed. If either layer denies the operation, the request fails.
| Server access mode | User role | Result |
|---|---|---|
| Read/Write | Admin | Full access — user can read and write |
| Read/Write | Read-only role | User can only read (user permissions restrict) |
| Read-Only | Admin | User can only read (server mode restricts) |
| Read-Only | Read-only role | User can only read |
Enable MCP for your organization
Before you can configure MCP on individual clusters, enable the feature for your organization.- In the StreamNative Cloud Console, navigate to Settings > Preview Features.
- Enable the MCP Server feature gate.
- After enablement, the Settings > MCP page displays a table of all clusters in your organization with their MCP status.
Enable MCP per cluster
From the organization-level MCP settings page (Settings > MCP):- Locate the cluster in the table.
- Toggle MCP on for the cluster.
- Click Configure to navigate to the cluster-level MCP settings.
Configure access mode
The access mode controls the maximum level of operations the MCP server allows. Configure it from the cluster’s MCP Permissions tab in the Console.Read-Only
The MCP server only exposes tools that inspect resources:- View cluster information and health metrics
- List tenants, namespaces, and topics
- Peek at messages
- Retrieve schemas and configuration
- View subscription and consumer group status
Read/Write
The MCP server exposes all read operations plus tools that modify resources:- Create and delete topics
- Produce messages
- Manage schemas (create, update, delete)
- Create and manage subscriptions
- Manage connectors and functions
Configure allowed tools
From the cluster’s MCP Permissions tab, you can select which tool groups are available through MCP for this cluster. This provides fine-grained control over what MCP clients can do.- Pulsar clusters display up to 18 tool groups.
- Kafka clusters display up to 6 tool groups.
Manage tool groups
- Navigate to the cluster’s MCP settings and open the Permissions tab.
- Use the Select All checkbox to enable or disable all tool groups at once, or toggle individual tool groups.
- Click Save Changes to apply your selection.
- To revert to the default configuration, click Reset to Defaults.
Authentication and user permissions
The authenticated identity determines which StreamNative Cloud resources the MCP client can access.OAuth 2.1
When a user signs in through OAuth 2.1 (for example, from an IDE), their StreamNative Cloud identity and roles determine access. The MCP server scopes tool discovery and execution to the resources the user is authorized to reach.Service account API keys
When a client authenticates with a service account API key, the service account’s assigned roles determine access. Use this method for automated clients, CI/CD pipelines, and headless agent runtimes. For setup details, see Connect & Authenticate.Console UI reference
The cluster-level MCP settings page has two tabs:Connection tab
Displays the cluster’s MCP endpoint URL and provides ready-to-use configuration examples for:- Claude Code —
claude mcp addcommand - Cursor — JSON configuration for
.cursor/mcp.json - VS Code — JSON configuration for
.vscode/mcp.json - cURL — command-line example for testing the endpoint
Permissions tab
Provides controls for:- Access mode — toggle between Read-Only and Read/Write
- Allowed tools — select which tool groups are available, with Select All, individual toggles, Reset to Defaults, and Save Changes