Connectors and Access
Why connectors are closed by default, and how dependency-aware execution protects sensitive systems.
Connectors hold the credentials and base configuration for backend systems such as Workday, Okta, and finance APIs. Running anything that uses a connector can call that system. For that reason, connectors do not follow the standard folder defaults. They are closed by default.
Connectors Are Closed by Default
Most assets inherit their folder’s access. Connectors are the exception. A new connector starts limited to its creator and admins.
Developers can't publish connectors to Public
Public means org-wide access to the connector. Developers can create connectors and publish them to their Personal or custom folders, but moving a connector to Public requires an admin.
Getting a Connector into Public
If you’re a developer and you need a connector available org-wide:
Create or publish the connector
Build it from the HTTP Action editor or the HTTP Connector app. It lands in your Personal folder as a draft, or in a custom folder where you have Edit.
Dependency-Aware Execution
You can only run an asset if you have Use on its entire dependency chain.
Running or testing a plugin requires Use on:
- the plugin itself,
- every action it calls, and
- every connector those actions use.
If the Workday connector in that chain is scoped to an HR-only custom folder, no one outside that folder can run the plugin or the action, regardless of where the plugin lives. The connector’s restriction propagates up the chain.
A plugin can be broadly available while the connector stays restricted.
Editing logic does not mean running it
A developer can have Edit on an action that calls a restricted connector. They can read and improve the logic, but they cannot execute it unless they also have Use on the connector.
When a Dependency Is Restricted
If you try to reference or run an asset whose dependency you lack Use on, the dependency shows as locked in the editor, with a prompt to contact the owner. The UI shows the missing asset and permission.
Connectors View
Admins get a Connectors view with every connector in the workspace, regardless of folder. Use it to review and place connectors. Developers do not get this view. Their access to a connector is still governed by folder and item-level permissions.
Built-In Connectors
Built-in connectors, such as Okta and ServiceNow, have an extra layer of control. A workspace-level security setting determines whether they are available in Agent Studio. When enabled, built-in connectors arrive unassigned and cannot be used by developers yet. An Agent Studio admin places the connector into a folder from the Connectors view. After that, it follows the same folder and item-level rules as any other connector.
MCP servers are governed differently
An MCP server is a connection to a remote MCP-compatible server. MCP servers do not live in folders and do not use per-asset roles. They appear under views in the sidebar and are governed at the server level. An admin decides which servers exist and who can reach them. The server controls which tools a user sees. Only Agent Studio admins can add MCP servers.