Closed beta. The MCP Manager Admin API and MCP server are available now to a
limited set of workspaces through the MCP Manager Admin API entitlement
(
ff-mcpm-admin), ahead of general availability. If you don’t see Settings →
MCP & API in your workspace, it isn’t enabled for you yet — ask your MCP Manager
contact to join the beta.Query Logs
Retrieve MCP call logs, paginated and filterable. Queries the workspace MCP call logs (the same data behind the Logging view), scoped to the caller’s org. Filter by connection, user, gateway, server, host, container, team, log type, or trace/span id, and by a created_at time range (fromMs/toMs). Returns a page of log rows ordered newest-first by default. Responses are thin by default (no request/response body or headers); pass includeDetail:true to include them (truncated). This is the AI-usage/call log — distinct from the admin audit log. MCP tool:query_logs · REST: POST /api/v1/mcpm-admin/logs/query · Capability: View and export logs (exportLogs)
Parameters
Flat column -> value equality filters. Allowed columns: gateway_connection_guid (a connection), user_guid, outbound_gateway_guid (a gateway), inbound_server_guid (a server), host_guid, server_container_guid, team_guid, type (log type), trace_id, span_id. Combine with the time range and pagination below. org scope is always applied automatically. (a string → string map)
Time-range start as epoch milliseconds (inclusive lower bound on created_at). Omit for no lower bound.
Time-range end as epoch milliseconds (inclusive upper bound on created_at). Omit for no upper bound.
Column to sort by (must be a returned log column). Defaults to created_at.
Sort direction. Defaults to desc (newest first). One of:
asc, desc.Number of rows to skip (offset) for pagination. Defaults to 0.
Max rows to return this page. Defaults to 100, capped at 1000.
When true, include the heavy request/response
body and headers fields (truncated). Omitted by default to keep responses small — request detail only for the specific rows you need.List Alerts
List workspace alerts, paginated and filterable (thin summaries). Lists alerts for the workspace, newest-first, filterable by code, messageType, related resource, and a created-at time range. Returns a thin summary per alert (guid, code, messageType, subject, message, createdAt, relatedResourceIds) — the heavy debug/close context is omitted; use get_alert for the full record of a single alert.
MCP tool: list_alerts · REST: POST /api/v1/mcpm-admin/alerts/query · Capability: See all alerts (seeAllAlerts)
Parameters
Optional filters: code (exact alert code), messageType (info | warning | error), and/or relatedResourceGuid (matches any related resource on the alert — server, gateway, assignment, identity, policy, or connection). Combine with the time range below. (a string → string map)
Time-range start as epoch milliseconds (inclusive lower bound on when the alert was created).
Time-range end as epoch milliseconds (inclusive upper bound on when the alert was created).
Number of alerts to skip (offset) for pagination. Defaults to 0.
Max alerts to return this page. Defaults to 50, capped at 250.
Get Alert
Read-only Get the full record for one alert. Returns everything about a single alert: the summary fields plus the unresolved dynamicContent (subject/message with placeholders), the debugContext (response status/headers/body and engine details), relatedContext, and closeDetails. Use for debugging a specific alert surfaced by list_alerts. MCP tool:get_alert · REST: GET /api/v1/mcpm-admin/alerts/:alertGuid · Capability: See all alerts (seeAllAlerts)
Parameters
The guid of the alert to inspect (from list_alerts).
Get OpenTelemetry Configuration
Read-only Get the workspace OpenTelemetry (OTLP/HTTP) log-forwarding configuration. Returns the workspace OTLP/HTTP configuration used to forward logs (and optionally traces) to a SIEM:{ configured, logsCollectorUrl, tracesCollectorUrl, headerNames }. For security, only the header names are returned, never their values (headers often carry a bearer/API token). configured is false when no collector is set up yet.
MCP tool: get_otel_configuration · REST: GET /api/v1/mcpm-admin/otel-configuration · Capability: Manage OpenTelemetry collector (manageOtelCollector)
Parameters: none.
Example
Set OpenTelemetry Configuration
Configure the workspace OpenTelemetry (OTLP/HTTP) collector. Creates or updates the workspace OTLP/HTTP configuration for log (and optional trace) forwarding, mirroring the Logging > Integrations panel. Provide at least one collector URL. URLs are stored exactly as entered (no signal path is appended); each URL is updated independently, so omitting one keeps the currently-stored value rather than clearing it.headers is optional: omit to keep existing headers, pass a map to replace them, or an empty map to clear them. Returns the same shape as get_otel_configuration (header names only, never values).
MCP tool: set_otel_configuration · REST: POST /api/v1/mcpm-admin/otel-configuration · Capability: Manage OpenTelemetry collector (manageOtelCollector)
Parameters
OTLP/HTTP endpoint for log export (e.g. https://collector.example.com:4318/v1/logs). Sent exactly as given — include the signal path yourself; it is never appended. Omit to keep the currently-stored logs URL unchanged (updating only the traces URL never disables log forwarding). At least one of logsCollectorUrl or tracesCollectorUrl is required.
OTLP/HTTP endpoint for trace export (e.g. https://collector.example.com:4318/v1/traces). Sent exactly as given — include the signal path yourself; it is never appended. Omit to keep the currently-stored traces URL unchanged (updating only the logs URL never disables trace forwarding). At least one of logsCollectorUrl or tracesCollectorUrl is required.
HTTP request headers sent with both signals (e.g. an Authorization bearer for the SIEM). OMIT this to keep the existing headers unchanged — important because their values are write-only and cannot be read back to re-supply. Pass a map to REPLACE the full header set, or an empty map to clear all headers. Values are stored encrypted and are never returned by get_otel_configuration. (a string → string map)
Further reading
What's coming
Where to go next in this section.
Authentication & access
Tokens, the entitlement, capability gating, and error codes for every operation here.
Tool & endpoint reference
The full reference index across every domain.
Capabilities
What each capability named on this page actually allows.

