Skip to content
PricingReleases

SessionScope

SessionScope = "self" | "child" | "any" | "user"

Defined in: mcp.ts:54

Session-identity scope for tools that take a session_id (or run_id) argument. Central dispatch keys off this to decide how the target session may relate to the caller’s trusted transport binding (see McpToolCallContext.recursiveSessionIdTrusted).

  • self: mutates the calling session’s own state. Enforcement resolves the target from the trusted transport binding (injecting it as the effective session_id) and rejects a mismatched session_id argument.
  • child: parent acting on a session it delegated; authorized by run lineage (target.parent_session_id === caller).
  • any: read-only or session-agnostic; no identity restriction.
  • user: dashboard-intent lifecycle op; exempt from the self-check (existing audience gating still applies).