Skip to content
Skip to content

Fine-grained MCP permissions for AI-native social publishing

Make Postly the AI-Native Execution Layer for Social Publishing

Postly MCP lets AI agents securely execute real publishing operations through one hosted server, one shared backend, and one scope-based permission model. Agents can create drafts, schedule posts, publish content, upload media, manage campaigns, retrieve analytics, and check publishing status without bypassing workspace controls.

AI-native execution Scoped permissions Shared backend layer
PricingFeaturesAPIAPI docsDashboard
Postly Hosted MCPworkspace:readposts:createposts:schedulemedia:uploadanalytics:readanalytics:linkedin:readScoped TokenAI Agent RequestValidate userCheck workspaceEnforce scopesShared Execution LayerDraftsPublishingCampaignsMediaAnalyticsAI-native executionOAuth + scopesMCP tools

7

Scope Categories

Workspace, publishing, drafts, media, campaigns, social accounts, and analytics.

31

Fine-Grained Scopes

Permission strings designed for safe AI and agent execution.

7

Analytics Platforms

Read-only analytics coverage for major connected social platforms.

11

AI Clients

Built for today’s and future MCP-compatible AI systems.

MCP works alongside the Postly API

Use the API page for direct REST integrations and backend workflows. Use this MCP page when an AI client needs scoped tools for drafts, media, scheduling, publishing, analytics, or status checks.

View API pageOpen API docs

Core positioning

Postly is not just a dashboard or generic automation platform. It is the execution layer used by AI agents, AI copilots, chat interfaces, conversational assistants, multi-agent systems, enterprise AI systems, and publishing orchestration tools.

AI-native flow

UserAI AgentMCPPostly Backend

MCP Permission Scopes

Fine-grained scopes give users and workspaces precise control over what AI clients can read, create, update, publish, delete, and analyze.

31 total scopes

Workspace Scopes

Allow an AI client to understand which workspace it can operate in.

workspace:read

Read the active workspace profile, settings, and execution context.

workspace:list

List available workspaces the authenticated user can access.

Publishing Scopes

Control post creation, updates, scheduling, publishing, deletion, and status checks.

posts:read

Read post content, metadata, platform targets, and publishing history.

posts:create

Create new posts from AI-generated or user-approved content.

posts:update

Update post copy, media, schedule details, platform metadata, or campaign assignment.

posts:delete

Delete posts when the user has approved destructive publishing actions.

posts:schedule

Schedule posts for future publishing windows.

posts:publish

Publish approved content immediately through Postly execution services.

posts:status:read

Retrieve publishing status, failures, queue state, and execution progress.

Draft Scopes

Let agents assist with safe draft creation and editing before publication.

drafts:read

Read existing drafts and draft metadata.

drafts:create

Create drafts for review, approval, collaboration, or scheduling.

drafts:update

Update draft copy, media references, campaign metadata, or target platforms.

drafts:delete

Delete drafts when explicitly allowed by the user or workspace policy.

Media Scopes

Manage media assets used in AI-assisted publishing workflows.

media:read

Read media library assets and metadata.

media:upload

Upload images, videos, and creative assets for publishing.

media:update

Update media metadata, captions, tags, or campaign assignment.

media:delete

Delete media assets when permitted by workspace policy.

Campaign Scopes

Allow agents to organize posts into campaign-level workflows.

campaigns:read

Read campaign details, status, related posts, and campaign metadata.

campaigns:create

Create new publishing campaigns and campaign containers.

campaigns:update

Update campaign names, goals, schedules, post assignments, or metadata.

campaigns:delete

Delete campaigns when explicitly permitted.

Social Account Scopes

Expose connected social accounts without granting publishing power by default.

social_accounts:read

Read connected social account metadata and platform identity.

social_accounts:list

List social accounts available to the authenticated workspace.

Analytics Scopes

Grant read-only analytics access across supported social platforms.

analytics:read

Read general analytics summaries across connected platforms.

analytics:facebook:read

Read Facebook analytics through Postly analytics tools and resources.

analytics:instagram:read

Read Instagram analytics through Postly analytics tools and resources.

analytics:pinterest:read

Read Pinterest analytics through Postly analytics tools and resources.

analytics:youtube:read

Read YouTube analytics through Postly analytics tools and resources.

analytics:gmb:read

Read Google My Business analytics through Postly analytics tools and resources.

analytics:linkedin:read

Read LinkedIn analytics through Postly analytics tools and resources.

analytics:x:read

Read X / Twitter analytics through Postly analytics tools and resources.

Recommended Scope Bundles

Use bundles to simplify setup while keeping MCP clients constrained to the exact permissions needed.

Read-Only Analytics Assistant

Recommended for AI assistants that answer analytics questions without publishing or editing content.

workspace:readworkspace:listsocial_accounts:readanalytics:read

Full Analytics Access

Grant broad analytics visibility across every supported analytics integration.

workspace:readworkspace:listsocial_accounts:readanalytics:readanalytics:facebook:readanalytics:instagram:readanalytics:pinterest:readanalytics:youtube:readanalytics:gmb:readanalytics:linkedin:readanalytics:x:read

AI Publishing Assistant

Useful for agents that can draft, schedule, publish, and monitor posts through Postly.

workspace:readworkspace:listsocial_accounts:listposts:readposts:createposts:updateposts:scheduleposts:publishposts:status:readdrafts:readdrafts:createdrafts:updatemedia:readmedia:uploadcampaigns:readcampaigns:update

Campaign Operator

Best for multi-step campaign planning, organization, content staging, and performance checks.

workspace:readworkspace:listcampaigns:readcampaigns:createcampaigns:updateposts:readposts:createposts:updateposts:scheduledrafts:createdrafts:updatemedia:readanalytics:read

Platform Analytics Assistant Scopes

Analytics can be exposed through MCP as read-only tools and resources. Platform-specific scopes let users grant access to one social network without granting broad analytics access.

Read-only analytics

Facebook

analytics:facebook:read

Instagram

analytics:instagram:read

Pinterest

analytics:pinterest:read

YouTube

analytics:youtube:read

Google My Business

analytics:gmb:read

LinkedIn

analytics:linkedin:read

X / Twitter

analytics:x:read

MCP Connection Flow

  1. 1User clicks “Connect Postly.”
  2. 2AI client connects to the Postly MCP server.
  3. 3MCP requests authentication.
  4. 4User logs into Postly.
  5. 5User grants permissions.
  6. 6Postly issues a scoped session token.

MCP Execution Flow

1

AI triggers a tool action

The user asks an AI client or agent to draft, schedule, publish, retrieve analytics, or check status.

2

MCP validates the session

Postly verifies authentication, scoped token access, rate limits, and monetization controls.

3

Workspace and permissions are enforced

The request is routed to the correct workspace and checked against fine-grained scopes.

4

Postly executes through shared backend services

Publishing, analytics, media, campaigns, and status operations run through one centralized execution layer.

Primary AI Ecosystem

MCP should become the primary AI-native integration layer for Postly so AI agents can securely connect directly to Postly infrastructure.

ChatGPTClaudeCursorWindsurfOpenRouterHermesCabinetOpenClawNanoClawMulti-model AI gatewaysFuture MCP-compatible AI systems

Build Once Infrastructure

Postly should build one centralized backend infrastructure, then expose the same capabilities through MCP tools, MCP resources, REST APIs, and webhooks.

Publishing backend services
Internal REST APIs
Webhook infrastructure
OAuth authentication system
Session/token infrastructure
Workspace routing
Permission enforcement
Usage tracking
Rate limiting
Monetization controls
Logging & analytics
Execution orchestration layer

Hosted MCP server managed by Postly

The MCP server should own AI tool definitions, authentication, workspace routing, permission enforcement, publishing execution, analytics retrieval, usage enforcement, rate limiting, and monetization enforcement.

Configure MCPOpen Dashboard

MCP Tools

Expose actions like create draft, schedule post, publish content, upload media, and retrieve status.

MCP Resources

Expose safe read-only resources for workspace, campaign, social account, and analytics context.

OAuth & Tokens

Issue scoped session tokens after login, user approval, and workspace permission checks.

Permission Enforcement

Keep every agent operation bound to the scopes the user explicitly granted.

Postly becomes the infrastructure AI agents use to execute social publishing

The dashboard remains important, but the durable moat is AI-native execution infrastructure: scopes, authentication, orchestration, analytics, publishing services, workspace routing, and agent-compatible APIs.

See PricingOpen MCP dashboard