What the role unlocks
| Tool group | Required role permission | Required access level |
|---|---|---|
| Knowledge store — read | agent:knowledge-store:read | Read |
| Knowledge store — write | agent:knowledge-store:write | Read & write |
| Data stores — read | agent:data-store:read | Read |
| Data stores — write | agent:data-store:write | Read & write |
| Apps (list & discover) | agent:projects:read | Read |
| Cross-app calls — GET | agent:cross-app:call | Read |
| Cross-app calls — non-GET | agent:cross-app:call | Read & write |
| Roles introspection | agent:roles:read | Read |
| Skills | agent:skills:execute | Read |
The tool groups
Knowledge store
Read and search everything in your org’s knowledge store: policies, SOPs, brand guidelines, templates, and any other reference material. Read tools: list all items, get a specific item, full-text search, list revision history. Write tools (requiresagent:knowledge-store:write + read & write access): create new items, update existing content, revert to a prior version.
Knowledge items have their own per-folder and per-item permissions. Even with agent:knowledge-store:read on the role, the tool can only read items the role’s knowledge permissions would normally allow. Folder-inherited permissions are respected exactly as they are in the Starcat dashboard.
Data stores
List data stores the connected role can access, inspect their schema, and run queries. Write tools (requiresagent:data-store:write + read & write access): insert, update, delete rows; modify schema. Writes target the store’s configured agent branch — if that branch is production, writes go to production.
Apps
List apps in the organization and discover which endpoints expose agent-callable routes. These tools requireagent:projects:read on the role. Listing apps doesn’t expose code or environment variables — only app name, slug, and which endpoints have allowAgentCalls enabled.
Cross-app calls
Call endpoints on your org’s apps directly from your AI tool. Useful for triggering workflows, reading app state, or posting data.- GET requests: available with
agent:cross-app:callpermission and read access - Non-GET requests: additionally require read & write access
allowAgentCalls enabled in the app’s cross-app settings before it’s callable. Call rate limits and logging apply the same way they do to in-product Starcat calls.
Roles introspection
Look up org roles, their permission sets, and the calling session’s own role and capabilities. Useful when the AI needs to understand what it’s authorized to do, or to answer questions about org permissions.whoAmI reports the bound role and a list of capability labels the connected session actually holds.
Skills
Discover Stardeck’s built-in skills — focused guides for using platform features. The AI tool can load these as content to apply them in context.Choosing a role
Use the least privilege that covers your use case:| Use case | Suggested role |
|---|---|
| Answer questions from the knowledge store | Role with agent:knowledge-store:read only |
| Query data + answer questions | Role with agent:data-store:read + agent:knowledge-store:read |
| Read and write data + operate apps | Role with data-store read/write + agent:cross-app:call |
| Full org access | Admin role (holds all permissions) |
Security model
The connection is double-gated: the OAuth scope (set at authorization) limits what can happen broadly, and the role’s permissions narrow it further per tool group. Both gates are enforced fresh on every request — not just at connection time. This means:- Removing a permission from a role takes effect on the next tool call
- Removing someone’s org membership revokes their connection immediately
- Changing the role from the AI Integrations tab takes effect on the next request — no new token needed
Next steps
Connect your AI tool
Step-by-step setup for each supported client
Members & Roles
Create and configure the role for your connection
Data Stores
How data stores work and how access grants are configured
Cross-App Communication
Enable agent-callable endpoints on your apps