💡 Request - limit access to specific organization

[marcinmaruszewski]

Is your feature request related to a problem? Please describe.
When a developer has access to multiple Contentful organizations, there's a risk of accidentally performing actions (creating, modifying, or deleting content) in the wrong organization. Currently, the access token is issued to the developer's account rather than to a specific organization, which means the MCP server has access to all organizations the developer belongs to. This can lead to mistakes and potential data issues, especially when working with similar spaces across different organizations.

Describe the solution you'd like
Add a configuration option to limit the MCP server's access to a specific organization through an environment variable, similar to how ENVIRONMENT_ID is currently handled. This could be implemented as:

Describe alternatives you've considered
Manual verification before each action (error-prone and inconvenient)

Additional context
This feature would be particularly valuable for developers working in agency environments or managing multiple clients' Contentful instances. It would provide an additional safety layer and peace of mind when performing automated operations through the MCP server.

[michaelphamcf]

Hi @marcinmaruszewski ,

Thanks for submitting this request. It's a valid concern, especially for developers managing or with access to multiple organizations.

I'd like to point you in the direction of PR #148 , where we added organization ID support via environment variable ORGANIZATION_ID and accompanying tooling. With this, you can set a default organization ID, so the MCP will operate under that org by default.

It's worth noting that while I believe with this change the MCP server won't switch to a different organization ID, it is still possible to do so if explicitly prompted.

Does this enhancement address the behavior you were looking for, or are you seeing something different in your use of the MCP server? Let us know!