Skip to main content

Set Up Tools, APIs, and MCP Access

Tools let agents and workflows read data, create records, send messages, or call external services. In Siesta AI, tools are usually enabled through Connections and then assigned to agents, skills, prompts, or workflows.

Tool Setup Flow

  1. Create the required connection in Connections.
  2. Open the connection detail and review available functions and scopes.
  3. Decide whether each function is read-only or write-capable.
  4. Set function-level approvals before users start using the connection.
  5. Add the connection to the agent, skill, prompt, or workflow that should use it.
  6. Test with safe input.
  7. Check the result in the external system and in Tool Executions.

Function-Level Approval Rules

Connection approval is configured per function. Do not treat a connection as either fully safe or fully dangerous. Most production connections contain a mix of functions:

Function typeTypical approval settingExamples
Read-onlyUsually direct, if the user or agent should see the dataSearch files, list calendar events, read CRM records, load ticket details
Draft or previewUsually direct, then reviewed by the userDraft email text, prepare a Jira issue body, summarize a document
Write/send/updateRequire approval when business impact is possibleSend email, post Slack message, create ticket, update HubSpot, edit Sheets
Delete/publish/permission changesRequire approval by defaultDelete files, publish GTM changes, change sharing, overwrite documents
Financial, customer, or production operationsRequire approval and narrow accessCreate invoices, change campaigns, update orders, modify production data

Set these approvals before assigning the connection to a shared agent or workflow. This prevents users from accidentally overwriting documents, sending messages, changing CRM records, or triggering production actions with no review step.

Configure System Tools for Agents

System Tools are built-in Siesta AI capabilities assigned directly to agents. They are not the same as ordinary user-created connections, although some system tools may rely on system-managed connections behind the scenes.

Review system tools when configuring a production agent:

  • Task Management lets an agent create tasks when the user explicitly asks.
  • Grounding with Google Search lets an agent verify current web information.
  • Web scraper lets an agent read a specific URL.
  • Code interpreter lets an agent analyze data, work with files, and create downloadable outputs.
  • Platform Tools can manage agents and platform objects.
  • Orchestration can batch work across sub-agents.
  • JavaScript executor can run scripts, process Excel files, create file artifacts, and orchestrate sub-agents.

Templates can carry system tool selections into newly created agents. Review system tools before publishing a template broadly, especially when it includes Platform Tools, JavaScript executor, Orchestration, or Code interpreter.

API-Based Tools

API tools usually require credentials such as an API key, token, client secret, endpoint, or connection string. Store credentials in the connection configuration, not in prompts, templates, or user instructions.

Before making an API tool available to users, test the smallest useful permission scope. Confirm both read and write behavior, especially for tools that can create or update external records.

Use Organization > Api Keys for organization-level integration keys. Name keys after the system and purpose, for example Webhook intake - production or Reporting script - read only. Delete keys that are no longer used.

Use Webhooks when an external system or script should trigger Siesta AI. A webhook has a Name, Active status, selected API Key, and generated URL. Keep inactive webhooks disabled until the calling system is ready.

MCP Access

MCP-style access should be treated like any other tool boundary. Decide which servers or tool groups are approved, who can use them, and whether their actions are read-only or write-capable.

If an MCP tool can access internal systems, document what it can see and which team owns the integration.

For MCP or custom API tools, document:

  • owner,
  • endpoint or server purpose,
  • credential location,
  • available functions,
  • read/write behavior,
  • teams allowed to use it,
  • expected Tool Executions review process.

Release Checklist

  • Confirm credentials are stored in the correct connection.
  • Confirm the tool uses the minimum required permissions.
  • Test success and failure paths.
  • Decide whether write actions need user confirmation.
  • Document how users can verify the result in the target system.
  • Confirm failed calls are visible in Tool Executions with enough arguments and results to troubleshoot.