Security · user-scoped v1

TradeJournal MCP Security & Privacy

MCP and the on-site agent use the same user-scoped, read-only tool layer. Your token or login session never grants access to another trader's journal or Django admin data.

Active tokens

See label, prefix, and Revoke for each active MCP token.

  • Max active tokens per plan
  • Revoke unused clients
  • Staff does not widen scope
Security & privacy
Active MCP tokens table with revoke action in TradeJournal Connect AI

Quick summary

  1. Your account only: Every tool starts with .filter(user=user) — no platform-wide search.
  2. Write policy: Most tools read your journal only. Narrow writes when you ask: update_trade (optional price/stop targets on your trades), update_media_asset (image attribution), and repair_portfolio_import_health (import fixes; requires confirm=true). AI cannot place broker orders, edit community posts, or change account settings.
  3. Revoke anytime: Connect AI → revoke token; staff status does not widen MCP scope.

Key takeaway

TradeJournal.co MCP security is built on per-user tokens or session auth, mandatory user-scoped querysets, user-scoped v1 tools, and explicit denial of cross-user and admin data; revoke leaked tokens in Connect AI and use the on-site agent if you prefer not to store a token in an IDE.

What MCP and the agent never expose

Category Examples (blocked)
Other users' data Trades, posts, profiles, emails, Stripe IDs
Platform admin Raw User table, LogEntry, tjadmin aggregates
Internal / marketing Enzlo leads, campaign data, SnapTrade secrets
Secrets API keys, service keys, other users' MCP tokens

External: Model Context Protocol · FTC privacy guidance (general consumer context).

Frequently asked questions

No. Every tool resolves the authenticated user from your token or session only. User id is never taken from tool arguments for authorization.

Most tools read your journal only. Narrow writes when you ask: update_trade (optional price/stop targets on your trades), update_media_asset (image attribution), and repair_portfolio_import_health (import fixes; requires confirm=true). AI cannot place broker orders, edit community posts, or change account settings.

Revoke it immediately in Account Settings → Connect AI and generate a new token. Never commit tokens to git or share mcp.json publicly.

No. MCP identity is the token's user only. Admin browsing stays in Django admin with staff session—not in MCP tools.

Engineering details live in our internal gameplan; this page summarizes trader-facing guarantees. External reference: Model Context Protocol documentation at modelcontextprotocol.io.

Start free trial — claim onboarding

Import trades, then ask real questions about your data.