Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Section

Backend Configuration (Admin side)



Panel

Image Added


FieldDescription
Enable MCP Server

This setting controls whether the MCP Server is active for the selected store view. When enabled,

supported AI clients can connect to the store and interact with the available MCP features. When

disabled, external AI connections through the MCP endpoint are blocked and the server will not

respond to client requests. Default value: Yes.


Panel

Image Added


FieldDescription
Allowed IP Addresses

Specify the IP addresses that are permitted to access the MCP Server. Add one IP address per

line to restrict access only to trusted sources. If this field is left empty, the MCP Server will

accept requests from all IP addresses.


Panel

Image Added


FieldDescription
Access Token Lifetime (seconds)

Defines how long an issued access token remains valid before a new one must be obtained

through the refresh flow. A shorter duration improves security, while a longer duration

reduces the need for frequent token refresh requests.

Refresh Token Lifetime (seconds)

Specifies how long the connection can stay authorized without requiring the user to approve

access again. Once this period ends, the client must complete the authorization process again

to continue using the server.

Require User Consent

Determines whether users must explicitly approve access when an AI client attempts to connect.

When enabled, a consent screen is shown before authorization is granted.

Enable Personal Access Tokens

Allows users to generate static bearer tokens for clients or tools that do not support OAuth-based

authentication. This option is useful for external integrations that require direct token-based access.

Personal Token Lifetime (seconds)

Sets the validity period for generated personal access tokens. Enter 0 to keep the token active

without expiration, or specify a duration in seconds to enforce automatic expiry.


Panel

Image Added


FieldDescription
Query Timeout (seconds)

Defines the maximum time allowed for a database query to run. If a query exceeds this limit,

it is stopped automatically to help maintain performance and prevent long-running

requests from affecting the system.

Table Access Mode

Controls how database table rules are applied. Whitelist allows access only to the tables that

are explicitly listed, while Blacklist blocks the listed tables and keeps all other tables accessible.

Table Patterns

Use this field to define which tables should be allowed or blocked based on the selected access

mode. Add one pattern per line, and use * as a wildcard to match multiple tables,

such as sales_* or customer_*.

Auto-limit

Sets the default row limit for SELECT queries that do not already contain a LIMIT clause. This

helps avoid returning very large result sets and keeps query responses more efficient.

Include Default Security Blacklist

Enables the built-in protected table rules that automatically block access to sensitive database

areas, such as tables containing credentials, tokens, sessions, and other restricted data.

Default Blacklist Patterns (read-only)

Displays the predefined restricted table patterns used by the default security blacklist. This field

is for reference only and helps administrators understand which sensitive tables are protected by default.


Panel

Image Added


FieldDescription
Enable Request Logging

Enables logging of MCP requests for monitoring and troubleshooting purposes. When

enabled, the system records request activity so administrators can review interactions made

through the MCP Server.

Log Level

Defines how much request information is stored in the logs. Basic records key request details,

Detailed stores additional request arguments, and Debug captures the most complete

response-level information for deeper analysis.

Log Retention (Days)

Specifies how long log records should be kept before cleanup. Set the number of days based

on your monitoring needs, or use 0 to retain logs without automatic expiration.



Section

Backend Functionality



Panel



...