Running an Agent with MCP Integration via API: Permissions Needed?

Hey! Quick Q: is it possible to run an agent that uses an MCP (e.g. Notion) through the API? Do I still need give it permissions somehow to do certain actions?

8 comments

David Ebbo
·
·
Hi Gilles. Check out https://docs.dust.tt/reference/post_api-v1-w-wid-assistant-conversations. You can pass "skipToolsValidation": true to skip the MCP tool validation. I just tried it and it works, both for low and high stake tools. But I'm less clear on what should happen if you pass false. I thought it would quick fail with a validation error, but it appears to just hang. Sébastien Flory what would you expect here?
Sébastien Flory
·
·
David Ebbo you should receive an event for approval of the action
Sébastien Flory
·
·
you don't ?
David Ebbo
·
·
I was testing with "blocking": true and not listening for events (not usually needed when blocking). I take it that if I listened for events, I'd get a tool_approve_execution event? Is there a sample somewhere?
David Ebbo
·
·
Come to think of it, it's not even possible to listen to events when blocking, since you don't get the conversation id, right?
Sébastien Flory
·
·
indeed, that's a good point
David Ebbo
·
·
Yeah, ideally it would hard fail when it needs to approve tools in blocking mode. Anyway, I wrote a non-blocking test case and was able to approve events via the tool_approve_execution event. So Gilles Bertaux, to summarize, your choices are:
1.
Pass "skipToolsValidation": true , which is super easy with a blocking call
2.
If you need more granularity, uses a non-blocking code, handle tool_approve_execution events, and call api/v1/w/{wId}/assistant/conversations/{cId}/messages/{mId}/validate-action to approve/reject them. It's quite a bit more difficult, but can be done.
Gilles Bertaux
·
·
Sorry I'm late Iw as ooo — This is a great trick, cheers!
👍1

Running an Agent with MCP Integration via API: Permissions Needed? | Dust Community