portkey-admin-mcp

list_mcp_server_user_access

Read-onlyIdempotent

Audit per-user access for an MCP server by returning default access mode, override flags, and connection status to identify users who can access it.

Instructions

List per-user access for an MCP server. Returns the default access mode, override flags, and connection status so you can audit who can use it; use before update_mcp_server_user_access.

Input Schema

TableJSON Schema

Name	Required	Description	Default
`id`	Yes	The MCP server ID or slug

Output Schema

TableJSON Schema

Name	Required	Description
`ok`	Yes	Whether the tool call succeeded and returned structured data
`data`	No	Structured success payload when ok is true
`error`	No	Structured error payload when ok is false

Implementation Reference

src/tools/mcp-servers.tools.ts:332-357 (handler)

The MCP tool handler that registers and executes 'list_mcp_server_user_access'. It calls service.mcpServers.listMcpServerUserAccess(params.id) and formats the response.

server.tool(
	"list_mcp_server_user_access",
	"List per-user access for an MCP server. Returns the default access mode, override flags, and connection status so you can audit who can use it; use before update_mcp_server_user_access.",
	MCP_SERVERS_TOOL_SCHEMAS.listMcpServerUserAccess,
	async (params) => {
		const result = await service.mcpServers.listMcpServerUserAccess(
			params.id,
		);
		return {
			content: [
				{
					type: "text",
					text: JSON.stringify(
						{
							default_user_access: result.default_user_access,
							total: result.total,
							users: result.data.map(formatMcpServerUserAccess),
						},
						null,
						2,
					),
				},
			],
		};
	},
);

src/tools/mcp-servers.tools.ts:72-74 (schema)
Zod schema for the 'list_mcp_server_user_access' tool input: requires an 'id' (string) field describing the MCP server ID or slug.
```
listMcpServerUserAccess: {
	id: z.string().describe("The MCP server ID or slug"),
},
```

src/tools/mcp-servers.tools.ts:332-357 (registration)

Registration of the tool via server.tool() with name 'list_mcp_server_user_access', description, schema, and handler.

server.tool(
	"list_mcp_server_user_access",
	"List per-user access for an MCP server. Returns the default access mode, override flags, and connection status so you can audit who can use it; use before update_mcp_server_user_access.",
	MCP_SERVERS_TOOL_SCHEMAS.listMcpServerUserAccess,
	async (params) => {
		const result = await service.mcpServers.listMcpServerUserAccess(
			params.id,
		);
		return {
			content: [
				{
					type: "text",
					text: JSON.stringify(
						{
							default_user_access: result.default_user_access,
							total: result.total,
							users: result.data.map(formatMcpServerUserAccess),
						},
						null,
						2,
					),
				},
			],
		};
	},
);

src/tools/mcp-servers.tools.ts:131-145 (helper)

Formatting helper 'formatMcpServerUserAccess' used to transform McpServerUserAccess objects for the response.

function formatMcpServerUserAccess(user: McpServerUserAccess): {
	user_id: string;
	name: string;
	enabled: boolean;
	has_override: boolean;
	connection_status: string;
} {
	return {
		user_id: user.user_id,
		name: formatFullName(user.first_name, user.last_name),
		enabled: user.enabled,
		has_override: user.has_override,
		connection_status: user.connection_status,
	};
}

src/services/mcp-servers.service.ts:177-183 (handler)

Service method 'listMcpServerUserAccess' that makes a GET request to /mcp-servers/{id}/user-access and returns the strongly-typed response.

async listMcpServerUserAccess(
	id: string,
): Promise<ListMcpServerUserAccessResponse> {
	return this.get<ListMcpServerUserAccessResponse>(
		`/mcp-servers/${this.encodePathSegment(id)}/user-access`,
	);
}

Tool Definition Quality

A4.3/5.0

Behavior4/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

Annotations already declare readOnlyHint=true, destructiveHint=false, and idempotentHint=true. The description adds behavioral context beyond annotations, such as returning connection status and being an audit tool, without contradicting any annotations.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is highly concise with two sentences, no fluff. It front-loads the purpose and adds a key usage tip, efficiently communicating essential information.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness5/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the single parameter, high schema coverage, rich annotations, and presence of an output schema, the description is complete. It explains what the tool returns, its purpose, and its relation to a sibling tool, providing all necessary context for correct invocation.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Input schema coverage is 100% with a clear description for the 'id' parameter. The tool description does not add further semantics about parameters, but the schema already documents it adequately, so the baseline of 3 is appropriate.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the purpose: 'List per-user access for an MCP server' with specific return details (default access mode, override flags, connection status). It distinguishes itself from the update sibling by advising to use it before update_mcp_server_user_access, making the tool's role clear.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines4/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description provides explicit use cases: 'so you can audit who can use it; use before update_mcp_server_user_access.' While it doesn't explicitly state when not to use it, the guidance is clear and contextually helpful for the AI agent.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

Lightport: Open-Sourcing Glama's AI Gateway
By punkpeye on April 27, 2026.
open source
OpenAI
Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/s-b-e-n-s-o-n/portkey-admin-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server