Security · user-scoped v1
TradeJournal MCP Security & Privacy
MCP and the on-site agent use the same user-scoped, read-only tool layer. Your token or login session never grants access to another trader's journal or Django admin data.
Active tokens
See label, prefix, and Revoke for each active MCP token.
- Max active tokens per plan
- Revoke unused clients
- Staff does not widen scope
Quick summary
- Your account only: Every tool starts with
.filter(user=user)— no platform-wide search. - Write policy: Most tools read your journal only. Narrow writes when you ask: update_trade (optional price/stop targets on your trades), update_media_asset (image attribution), and repair_portfolio_import_health (import fixes; requires confirm=true). AI cannot place broker orders, edit community posts, or change account settings.
- Revoke anytime: Connect AI → revoke token; staff status does not widen MCP scope.
Key takeaway
TradeJournal.co MCP security is built on per-user tokens or session auth, mandatory user-scoped querysets, user-scoped v1 tools, and explicit denial of cross-user and admin data; revoke leaked tokens in Connect AI and use the on-site agent if you prefer not to store a token in an IDE.
What MCP and the agent never expose
| Category | Examples (blocked) |
|---|---|
| Other users' data | Trades, posts, profiles, emails, Stripe IDs |
| Platform admin | Raw User table, LogEntry, tjadmin aggregates |
| Internal / marketing | Enzlo leads, campaign data, SnapTrade secrets |
| Secrets | API keys, service keys, other users' MCP tokens |
External: Model Context Protocol · FTC privacy guidance (general consumer context).
Frequently asked questions
Related AI & journal guides
Jesse, MCP, and our journal spokes share one read-only data layer. Explore the hub or a vertical guide next.
Meet Jesse
Jesse Livermore's tape-reading legacy and why we named our on-site agent Jesse.
Read guideJesse in the browser
Session-auth chat about your trades, stats, and posts (no MCP token).
Read guideStart free trial — claim onboarding
Import trades, then ask real questions about your data.