How agents access your data
Your AI agents connect to your app’s data through an MCP Server (Model Context Protocol). This gives agents flexible, powerful access to read, update, and insert data — no endpoint configuration or function definitions needed.The MCP Server is how agents interact with your app’s live data. Without it, an agent can only chat and reference knowledge base documents. With MCP data access, it can answer questions like “Show me all deals closing this month” by querying your data directly.
How it works
Agent gets automatic data access
The MCP Server automatically connects your agent to your app’s data. No manual configuration needed.
Query capabilities
Agents with MCP data access can perform powerful queries across your data:| Capability | Example question | What happens |
|---|---|---|
| Filter | ”Show deals with status won” | Filters records by field value |
| Sort | ”Show deals sorted by amount, highest first” | Orders results by a field |
| Search | ”Find contacts at Acme Corp” | Searches text fields |
| Date ranges | ”Deals closing this month” | Filters by date ranges |
| Numeric ranges | ”Deals over $10,000” | Filters by numeric thresholds |
| Limits | ”Show the top 5 deals” | Limits result count |
| Combined filters | ”Open deals over $10k closing this quarter” | Applies multiple filters at once |
| Aggregate | ”What’s the average deal size by status?” | Groups and calculates sums, averages, counts |
| Join across collections | ”Show deals with their contact details” | Combines data from related collections |
| Insert | ”Add a new deal for Acme Corp” | Creates new records |
| Update | ”Mark that deal as won” | Modifies existing records |
Scopes
By default, agents can access all collections in your app. Use scopes to restrict an agent to specific collections when you want to limit what data it can see.When to use scopes
- Customer-facing agents — restrict to only the data relevant to the user’s context
- Role-specific agents — a sales agent only needs deals and contacts, not HR data
- Privacy-sensitive apps — limit access to prevent agents from exposing sensitive data
Prompt examples
If you don’t specify scopes, your agent can access all app collections. This is fine for most internal tools — only add scopes when you need to restrict access.
Prompt examples
Managing data access
You can update what data an agent can access through follow-up prompts:Expanding access
Restricting access
Adding write capabilities
Best practices
Start with read access
Start with read access
Begin by giving agents the ability to read and query data. Add write capabilities (inserting or updating records) only when needed.
Use scopes for customer-facing agents
Use scopes for customer-facing agents
Internal agents usually don’t need scopes — they can access everything. For customer-facing agents, use scopes to restrict access to only the relevant collections.
Match data access to the agent's purpose
Match data access to the agent's purpose
A sales agent needs deals and contacts. A support agent needs orders and tickets. Keep access relevant to what the agent does.
Combine with knowledge bases
Combine with knowledge bases
Data access handles live data queries. Knowledge bases handle static reference material. Together, an agent can look up a customer’s order and reference your return policy to answer a question.
Learn more
Creating agents
Set up agent name, instructions, and behavior
Knowledge bases
Add document references to your agent
Copilot
Embed the agent in your app
Data models
How app data is structured
Datasets
Group external data sources and attach them to your app