MCP Scope Matrix
Use this matrix when planning an MCP client, requesting an API key, or reviewing whether an integration has the right access level.
Scope model
Each API key resolves to a tenant and scope set. The client should not pass tenant identifiers as a replacement for key-based authorization. A tool call is allowed only when the key has the scope required by that tool.
| Endpoint | Scope | Allows | Typical reviewer |
|---|---|---|---|
/mcp/base/ | base.read | Read shared asset context, documents, data quality, pending tasks, and knowledge records. | Implementation owner or operations lead. |
/mcp/base/ | base.compute.run | Run approved simulation, optimization, forecasting, spatial analysis, and reporting tasks. | Engineering or analytics owner. |
/mcp/base/ | base.action.write | Draft controlled records such as work orders after approval. | Operations owner. |
/mcp/pdm/ | pdm.read | Read predictive maintenance health, anomaly, and component intelligence outputs. | Reliability or maintenance engineer. |
/mcp/trafficops/ | trafficops.read | Read traffic, checkpoint, lane, roster, and surge information when enabled. | Operations supervisor. |
/mcp/telcoops/ | telcoops.read | Read network health, incident, and capacity analysis when enabled. | Network operations owner. |
/mcp/semiops/ | semiops.read | Read cleanroom, particle, pressure, utility, SMT, and facility environment signals when enabled. | Facility or process operations owner. |
/mcp/aviation/ | aviation.analysis.read | Read aviation reliability analysis outputs when enabled. | Reliability engineering owner. |
The retired /mcp/physical/ endpoint is kept for migration awareness. New Physical AI workflows use current base and module endpoints with Designer scenes, SimReady assets, and simulation services.
Access packages
| Package | Scopes | Use |
|---|---|---|
| Read-only facility review | base.read | Asset status, documents, alarms, inspections, and source freshness checks. |
| Facility analysis | base.read, base.compute.run | Read context and run approved summaries, comparisons, or scenario analysis. |
| Facility action drafting | base.read, base.action.write | Read evidence and draft work orders or inspection tasks after review. |
| Predictive maintenance review | pdm.read | Equipment health, anomaly context, and maintenance planning. |
| Predictive maintenance with actions | pdm.read, base.read, base.action.write | Combine health output with asset records and draft follow-up actions after engineer review. |
| Physical AI preparation | base.read, base.compute.run | Read scene and asset context, run approved simulation preparation or analysis, and record assumptions. |
| Module operating review | One module read scope | Use the module endpoint for a focused operating domain. Add base.read for documents and shared asset context. |
Least-privilege workflow
- Start with read scope.
- Confirm the client can list only the expected tools.
- Add compute scope when the workflow has an owner for assumptions and output review.
- Add write scope only when draft records, approval state, and audit records are defined.
- Review scopes when the workflow boundary, client runtime, or operating owner changes.
Multi-endpoint clients
Use separate MCP server entries for each endpoint. Name each entry by endpoint and purpose so reviewers can see which slice the client is using.
{
"mcpServers": {
"factverse-base": {
"url": "https://your-factverse-host/mcp/base/",
"headers": {
"X-API-Key": "fvk_base_key"
}
},
"factverse-pdm": {
"url": "https://your-factverse-host/mcp/pdm/",
"headers": {
"X-API-Key": "fvk_pdm_key"
}
}
}
}
A single key may hold multiple scopes when the customer's access policy allows it. Separate keys can make review and revocation clearer for high-risk workflows.
Review checklist
- The endpoint set matches the workflow boundary.
- The key has the minimum scope set.
- Runtime tool discovery matches the approved access package.
- Compute scopes have a named engineering or analytics reviewer.
- Write scopes have a named operations reviewer.
- Key owner, rotation rule, and revocation path are documented.
- The workflow records evidence and review state for accepted outputs.