MCP Scopes and Permissions
CrossTrade MCP defines two OAuth scopes: mcp:read and mcp:trade. This page is the canonical reference for which tools require which scope. For a trader-friendly walkthrough, see Use mcp:read vs mcp:trade.
Scope hierarchy
mcp:trade is a superset of mcp:read. A mcp:trade token can call every tool a mcp:read token can call, plus the write tools.
| Scope | Capabilities |
|---|
mcp:read | Inspection only |
mcp:trade | Inspection + write |
The OAuth scope is enforced at the transport. A mcp:read token cannot call a mcp:trade tool; the server returns 403 insufficient_scope.
Discovery and capability
| Tool | Scope |
|---|
GetMcpCapabilities | mcp:read |
McpSelfTest | mcp:read |
Account and connection
| Tool | Scope |
|---|
ListAccounts | mcp:read |
GetAccount | mcp:read |
GetAccountSummary | mcp:read |
GetWatermarks | mcp:read |
GetConnections | mcp:read |
Connect, Disconnect, EnsureReplayConnection | mcp:trade |
Positions
| Tool | Scope |
|---|
ListPositions, GetAllPositions, GetPosition | mcp:read |
ClosePosition, Flatten, FlattenEverything, Reverse, ReversePosition | mcp:trade |
Orders and executions
| Tool | Scope |
|---|
ListOrders, GetAllOrders, GetOrder, GetOrderStatus, ListExecutions, GetExecution, GetExecutionsByOrderId | mcp:read |
PlaceOrder, Change, CancelReplace, Cancel, CancelOrders, CancelAllOrders, CancelAndBracket, FlatPlace | mcp:trade |
Market data
| Tool | Scope |
|---|
GetQuote, GetBars, MarketInfo, GetVolumeProfile, GetOrderFlow, GetIndicatorValue | mcp:read |
Journal and diagnostics
| Tool | Scope |
|---|
GetJournalTrades, GetSignalHistory, GetActivityLog | mcp:read |
NinjaScript
| Tool | Scope |
|---|
GetNinjaScriptHelp, SearchNinjaScriptSymbols, LookupNinjaScriptSymbol, ListNinjaScriptFiles, ReadNinjaScriptFile, ListCompiledSnippets | mcp:read |
CompileNinjaScript, WriteNinjaScriptFile, DeleteCompiledSnippet | mcp:trade |
Backtesting
| Tool | Scope |
|---|
GetBacktestResult, GetCompileResult, GetMcpJob, ListMcpJobs | mcp:read |
RunStrategyBacktest, RunBacktest, CancelMcpJob | mcp:trade |
Strategy lifecycle
| Tool | Scope |
|---|
ListAllStrategies, ListStrategies, GetStrategy, GetStrategyState, ListDeployedStrategies, GetDeployedStrategyState | mcp:read |
DeployStrategy, StartStrategy, StopStrategy, CloseStrategy, EnableStrategy, DisableStrategy | mcp:trade |
Charts, drawings, and workspaces
| Tool | Scope |
|---|
ListWorkspaces, ListDrawings | mcp:read |
OpenChart, SaveWorkspace, LoadWorkspace, AddDrawing, RemoveDrawing | mcp:trade |
Alerts
| Tool | Scope |
|---|
ListAlerts | mcp:read |
EmitMcpAlert, CreateAlert, RemoveAlert | mcp:trade |
Configuration
| Tool | Scope |
|---|
UpdateConfiguration | mcp:trade |
When a client calls tools/list, CrossTrade only returns tools the token's scope can call. A mcp:read token sees a smaller inventory than a mcp:trade token.
This means the agent does not "know" about write tools when running on a read-only token, which removes a class of accidental write attempts.
How to upgrade scope
Scope upgrade is not supported in place. Revoke the existing token and reauthorize at the new scope. See Revoke AI Client Access.
Why two scopes only
CrossTrade kept the scope set small intentionally. Two scopes are easy to reason about. A larger set with per-tool scopes would let users construct narrower tokens, at the cost of significantly more configuration error. The combination of "binary scope" plus "confirmation gates in the prompt" gives finer-grained control without the configuration surface.