MCP Access Permissions
The actions the AI can perform depend on which authentication method you use and the permissions of the account or session it authenticates with.
Sign In with Files.com
When you authenticate via Sign In with Files.com, the MCP Server receives a bearer token representing your Files.com login session. The AI can perform the same actions you can take when logged in to Files.com directly.
Logging in as a site administrator gives the AI administrator access. Logging in as a regular user limits the AI to the actions and folder permissions assigned to that account.
Each sign-in is scoped to your Files.com site and tied to the user who authenticated. Sites with AI features disabled cannot complete sign-in.
API Key
When using an API Key, the AI can only perform the actions allowed by the API Key and its associated user account.
An API Key from a site admin account lets the AI perform administrator actions.
An API Key from a regular, non-admin user account limits the AI to the actions and folder access granted to that user account.