Access & Permissions

Expose context to agents without bypassing your security model via permission-wrapped MCP servers.

Join the waitlistRequest a demo
RoadieSearch⌘+KRelationsData SourcesObject GraphWorkflowsIntegrationsAdministrationAccess ControlEach agent identity receives a scoped subset of tools and data based on its RBAC policy.AGENT IDENTITYPOLICY ENGINEAVAILABLE CONTEXT SCOPESROADIESupportengineering3 resources10 toolsK8spods, logs, deploys, configsGitHubrepos, PRs, workflows, actionsPagerDutyservices, schedulesSecretsCustomer DBUser ABC123on-call-sre4 resources9 toolsK8spods, logs, eventsGitHubrepos (read-only)PagerDutyincidents, services, oncall, usersSecretsCustomer DBquery (read-only)CI Pipelineci-readonly2 resources4 toolsK8snamespaces (list only)GitHubrepos, checks, statusesPagerDutySecretsCustomer DBContractorexternal1 resources1 toolsK8sGitHubassigned repos onlyPagerDutySecretsCustomer DBRESOURCE LEGENDK8sGitHubPagerDutySecretsCustomer DBBar = proportion of tools exposedFull = all tools · Partial = subset · Empty = denied

Trusted by the world's leading companies

Snyk
Contentful
Relativity
Royal Mail
Baillie Gifford
Celonis
AstraZeneca
Yotpo
RBAC AND MCP

Permissioned access to your graph

Your policies stay in charge whenever an agent pulls context through MCP.

Permissioned access

Define roles and policies that map teams, groups, and service identities to the entities, relationships, integrations, and bundled context they might need to access in the graph.

Available via MCP tools

Roadie exposes your context graph as MCP tools. Each MCP connection runs under a subject identity; the tool list and every response are filtered by that identity's RBAC rules so agents never get tools or data they are not allowed to use.

Agents get bounded context

Agents in Cursor, Claude, or your own stack connect to Roadie's MCP endpoint. They discover only the tools that match their authorisation level, and tool calls return structured data scoped to permitted namespaces, services, and teams.

Least-privilege by default

Grant the narrowest access that still lets humans and agents do their jobs. Policies compose across org structure and catalog ownership so you do not over-share production detail to every client.

Auditable access

Track how the graph is accessed over MCP and the UI. See who called which tools, when, and under which identity. Meet security and compliance expectations without slowing teams down.

Identities you already trust

Wire your IdP and service accounts so every MCP session maps to a known principal. Policies attach to those identities consistently whether access is from a browser or an agent runtime.