Skip to main content
This page covers how Zapier MCP is governed at the enterprise and account level, including access controls, data handling, compliance standards, and monitoring capabilities. For user-level access sharing between team members, go to server access.

Access control

Account-level access

Zapier MCP is enabled by default for all accounts, including Enterprise. Access is granted at the account level, meaning all users within the account can access Zapier MCP.

Workspace controls

When using Workspaces, administrators can:
  • Enable or disable MCP at the workspace-level (by contacting your Zapier account manager).
  • Allow and restrict Zapier MCP for specific users based on workspace membership.
  • Set MCP task quotas for specific workspaces.
Each MCP tool call uses 2 tasks from your Zapier account task limit. Learn more about how usage is counted.

User permissions

Any user that’s part of an MCP-enabled Zapier Workspace or account can create, configure, and modify their own MCP servers and tools. Users can only use app connections that they own or that are shared across the account. Individual users own their servers. Users can share server access with other users, to allow them to view or manage the available tools. App connections cannot be shared.

App and action restrictions

  • Zapier MCP automatically enforces any app and action restrictions set at the account level.
  • Permissions set within apps themselves also apply. For example, an employee who cannot change employment status in Rippling also cannot do so through Zapier MCP.
App and action restrictions cannot currently be set exclusively for Zapier MCP. Any restrictions you configure apply account-wide across all Zapier features.

Data security and privacy

Data residency

Customer data is stored in AWS US-East 1 (United States). Data may also be processed by listed subprocessors. Region-specific data residency is not available unless otherwise agreed. Production and non-production environments are logically separated.

Data segregation

Customer data is logically segregated using unique user account IDs in a multi-tenant database architecture. Data is accessible only through specific account credentials. Network segmentation and role-based access controls protect sensitive data.

AI training and data use

Enterprise customers are opted out by default from AI model training. Customer data from Enterprise plans is not used to train AI models and is not shared with generative AI systems for training purposes. This is governed under the Zapier AI Supplementary Terms.

Security standards and compliance

Zapier MCP runs on multi-tenant cloud infrastructure. Dedicated VPC or on-premises deployments are not currently available. Security is achieved through logical segregation and access controls. Compliance documentation is available in the Zapier Trust Center, including:
  • SOC 2 Type II report
  • SOC 3 report
  • Penetration testing results
  • Security whitepaper
  • Security policies
Some documents require a nondisclosure agreement (NDA), which you can sign directly in the Trust Center without contacting Zapier. Learn more about Zapier’s security and compliance documentation.

Identity and authentication

SSO and SCIM

Enterprise account SSO (SAML) is supported and extends to MCP access. Identity and access management is enforced at the Enterprise account level.

OAuth and API key authentication

The connection method depends on what is supported by your MCP client. Zapier MCP supports OAuth and API key authentication. Learn more about authentication methods. Users manage their own connected apps through Zapier.

Audit and monitoring

Activity logs

The History tab in the Zapier MCP dashboard displays user-level activity logs for tool calls. Superadmins can review these logs for any user in their account. MCP events also appear in the account’s overall audit log.

Data retention

Enterprise accounts support configurable data retention for history and related records. Retention policies are applied at the account level. MCP usage falls under the same retention policies as other Zapier features. Learn more about customizing data retention in Zapier.

Incident response

Zapier can enable or disable MCP access for an account immediately upon request, allowing for quick risk mitigation in response to security incidents. To request access revocation, contact your account manager.

Tool security

Users cannot bring tools in from third-party sources. All tools are owned and controlled by Zapier, which prevents tool poisoning. Users can build their own private integrations (for example, for in-house applications) and turn these into MCP tools through the Zapier Developer Platform.