Retool MCP. Audit Your Internal Tools From Chat.
Gemini Works with every AI agent you already use
…and any MCP-compatible client
Just plug in your AI agents and start using Vinkius.
Retool MCP Server lets your AI inspect a company’s internal tools and infrastructure. Your agent can list all running applications (`list_apps`), audit user permissions (`list_users`, `list_groups`), and check which databases are wired into the stack (`list_resources`).
It moves app auditing from clicking through dashboards to asking simple questions in chat.
What your AI agents can do
Get app
Retrieves the technical details and configuration settings for one specific Retool application.
List apps
Lists every internal tool (application) currently built within your Retool workspace.
List folders
Provides a directory map by listing all organizational folders in the Retool workspace structure.
Your agent runs list_apps to get a complete index of every internal tool built in the Retool workspace.
The agent uses get_app to retrieve deep, technical properties for any single application by name or ID.
By calling list_users and list_groups, your agent pulls a report of who is active in the Retool organization and what access levels are assigned.
The tool executes list_resources to identify every external database, API, or service currently hooked up to your Retool environment.
Your agent runs list_workflows to show an inventory of all active, automated processes running within the platform.
Ask AI about this MCP
Supported MCP Clients
Gemini Waiting for input…
Retool MCP Server: 7 Tools for Internal Auditing
These seven tools give your AI client full visibility into the structure of a Retool environment, allowing you to audit everything from users and permissions to connected data sources.
019d75ffget app
Retrieves the technical details and configuration settings for one specific Retool application.
019d75fflist apps
Lists every internal tool (application) currently built within your Retool workspace.
019d75fflist folders
Provides a directory map by listing all organizational folders in the Retool workspace structure.
019d75fflist groups
Lists every defined permission group used to manage user access within your organization.
019d75fflist resources
Pulls an inventory of all external data sources and APIs connected to Retool.
019d75fflist users
Retrieves a list of every active user account within the Retool organization.
019d75fflist workflows
Lists all automated background tasks and scheduled processes running in your Retool environment.
Choose How to Get Started
Build a custom MCP for your own tools, or connect a ready-made integration from our catalog.
Build Your Own
Turn any API into an MCP. Import a spec, define Agent Skills, or deploy with MCPFusion.
- Import from OpenAPI, Swagger, or YAML specs
- Create Agent Skills with progressive disclosure
- Deploy to edge with MCPFusion framework
- Built in DLP, auth, and compliance on every call
- Real time usage dashboard and cost metering
- Publish to catalog or keep private
Make Your AI Do More
Start with Retool, then connect any of our 4,700+ other servers whenever your AI needs more. One click, no limits.
- Use this MCP plus 4,700+ others, all in one place
- Add new capabilities to your AI anytime you want
- Every connection is secured and compliant automatically
- Track usage and costs across all your servers
- Works with Claude, ChatGPT, Cursor, and more
- New servers added to the catalog every week
What you can do with this MCP connector
Your agent connects your AI client directly into Retool's guts, letting you audit an entire company’s toolset and infrastructure without logging into a single dashboard. You don't have to click through menus; you just ask questions in chat.
Auditing the Application Layer
You can get a full index of every internal tool built in your workspace by running list_apps. That gives you a list of all deployed applications, showing exactly what services are available. If you need to know how those tools are organized, you'll run list_folders to map out the entire directory structure.
When you find an app name or ID you want to investigate closer, your agent uses get_app to pull deep technical details and configuration settings for that single application.
Reviewing User Access and Permissions
To see who's actually working in Retool, your agent runs list_users, giving you a complete roster of every active user account. You can then check what access levels they have by running list_groups; this shows all the defined permission groups used to manage company-wide access. This audit tells you exactly which roles exist and who belongs in them.
Mapping Backend Infrastructure
When it comes to data, your agent pulls a full inventory of every external connection wired into Retool using list_resources. This means you can identify all the databases, APIs, or services that are hooked up to your environment. If you need to track automated processes running in the background, you’ll run list_workflows to get an inventory of every active scheduled task and automated job within the platform.
How Retool MCP Works
- 1 First, you install the Retool extension module in your MCP environment and provide your Retool Access Token and Domain.
- 2 Next, you talk to your agent naturally: 'List all users and tell me about the connected databases.'
- 3 Your agent invokes
list_usersandlist_resources, pulling the real-time data directly into the chat window for review.
The bottom line is that you audit complex internal infrastructure by talking to your AI client instead of clicking through multiple dashboards.
Who Is Retool MCP For?
This is for Ops Engineers and IT Admins who hate spending hours clicking through deeply nested, click-heavy Retool dashboards just to find a user's access level or check if the payment database is connected. You need an immediate audit report without touching the UI.
Runs quick audits of internal user privileges and data source connections, confirming who has access to what.
Monitors the overall health and scope of internal tools and automated workflows while discussing operations with team members.
Verifies if critical databases, like a specific PostgreSQL instance, are correctly integrated into Retool for general use before development starts.
What Changes When You Connect
- Stop guessing about access. Running
list_usersand thenlist_groupsimmediately shows you exactly who is on the platform and what permissions they hold, cutting down compliance audits from days to minutes. - Never get lost in the dashboard again. You can run
list_appsto see all 12 internal tools at a glance, confirming that every department's necessary app—like the 'Customer Refund Portal'—is actually built and ready. - Know your dependencies instantly. If you need to check if the main PostgreSQL database is connected before building something new, just call
list_resources. It confirms active connections like Stripe API or S3 Buckets. - Track automation sprawl. Instead of clicking through various settings pages to find running tasks, use
list_workflowsto get a single list of all background processes and see if they're behaving as expected. - Understand the tool architecture. Using
get_applets you check the specific configuration and dependencies of one application without navigating away from your chat window.
Real-World Use Cases
The compliance audit request
A security auditor needs to know if any user can access the HR database. Instead of manually checking roles, the agent runs list_users and then cross-references that list with the outputs from list_groups. The result shows immediate non-compliance risks or confirms proper segmentation.
Debugging a broken internal tool
The Billing team reports the 'Invoice Generator' app is failing. Instead of jumping into Retool, your agent first runs get_app on 'Invoice Generator'. This reveals that the required payment API resource is missing or outdated, solving the mystery in seconds.
Mapping out new infrastructure
A developer needs to know what data sources are available for a new project. They prompt the agent to run list_resources. The output immediately confirms that both AWS S3 and the main PostgreSQL database are already connected, allowing them to start coding without waiting for setup.
Discovering forgotten tools
An engineer needs a full picture of the company's software footprint. They ask the agent to run list_apps and then list_folders. The combined output reveals several 'ghost apps' that were built years ago but nobody uses, helping the team clean up technical debt.
The Tradeoffs
Deep dashboard diving
Opening the Retool UI and manually clicking through Settings > Users > Groups, then switching tabs to check data sources. This takes 15-20 minutes of tedious clicks.
→
Ask your agent directly: 'Show me all active users and what groups they belong to.' The agent runs list_users combined with list_groups, giving you the full audit report instantly.
Guessing dependencies
A developer assumes the payment system is linked when building a new app. They spend hours debugging why the connection fails, only to find no explicit resource listing.
→
Before starting development, run list_resources. This tool provides an undeniable inventory of every connected service—like Stripe API or AWS S3—so you know exactly what's available.
Missing the big picture
Only checking the dashboard for visible apps, missing critical background processes or old, forgotten tools.
→
Run list_apps to see all deployed applications and pair it with list_workflows to confirm which automated jobs are running, giving you a full view of operational scope.
When It Fits, When It Doesn't
Use this MCP Server if your primary need is auditing: checking user access, mapping data sources, or cataloging internal tools. It’s the ultimate audit console for Retool. Don't use it if you just want to build an app; that requires the full Retool UI. If you only need to know basic general information (like a list of users), running list_users is enough. But if you need context—for example, checking user groups and which apps they can access—you must combine tools like list_groups and list_apps. Always start with the broad inventory (list_apps, list_resources) before drilling down into specifics using get_app or list_users.
Independent Platform Disclaimer: Vinkius is an independent platform and is not affiliated with, endorsed by, sponsored by, verified by, or otherwise authorized by Retool API. All third-party trademarks, logos, and brand names are the property of their respective owners. Their use on this website is strictly for informational purposes to identify service compatibility and interoperability.
VINKIUS INFRASTRUCTURE
Cloud Hosted
Managed infra
V8 Isolated
Sandboxed per request
Zero-Trust Proxy
No stored credentials
DLP Enforced
Policy on every call
GDPR Compliant
EU data residency
Token Compression
~60% cost reduction
Works with Claude, ChatGPT, Cursor, and more
The Model Context Protocol standardizes how applications expose capabilities to LLMs. Instead of operating in isolation, your AI gains direct access to external platforms, live data, and real-world actions through secure, standardized connections.
This server provides 7 capabilities that interface natively with Claude, ChatGPT, Cursor, and any MCP client. No middleware. No custom integration required.
Available Capabilities
Checking internal permissions is a click-intensive nightmare.
Today, checking who can access what means navigating through multiple menus: Dashboard > Security Settings > User Management. You check the user list, then you click into groups, cross-referencing IDs and role names until your eyes hurt. It's a manual process that takes forever.
With this MCP Server, you simply ask your agent to audit permissions by running `list_users` alongside `list_groups`. The AI client pulls the data instantly, giving you an organized report of every user and their assigned access levels—no clicks required.
Retool MCP Server: Get a full inventory in seconds.
Before adding any new functionality or database connection, developers usually have to guess what resources are available. They spend hours checking documentation and talking to ops teams just to confirm if 'PostgreSQL' is even connected.
Now, you run `list_resources` and get a definitive list of every integrated service—be it Stripe API, an S3 Bucket, or the primary PostgreSQL instance. You know your operational boundaries before writing a single line of code.
Common Questions About Retool MCP
How do I use `list_apps` with Retool MCP Server? +
Run list_apps to get an immediate, comprehensive list of every application built in your workspace. This tells you what tools exist without having to browse the entire folder structure.
Can I find out who has access using `list_users`? +
Yes. The list_users tool gives a list of all active users in your Retool organization. You should then follow up by calling list_groups to see their specific permission assignments.
What does `list_resources` show me? +
list_resources provides an inventory of every external data source connected to Retool. This includes databases, APIs (like Stripe), and storage buckets (like S3).
How do I check the config for a single app using `get_app`? +
Use get_app by providing the name of the application. It fetches all the detailed, technical configuration data for that specific tool in one go.
What does `list_groups` show me about user permissions? +
It lists all defined permission groups within your Retool organization. This lets you audit access levels by seeing the structural roles assigned to users, independent of who is actually logged in.
When should I use `list_folders` instead of `list_apps`? +
Use list_folders when you need to understand the architectural grouping or organizational hierarchy of your tools. It reveals how apps are categorized, which is different from just listing every app available.
What information can I get about running processes using `list_workflows`? +
This command lists all active Retool Workflows and automation tasks. It's crucial for DevOps teams needing to monitor background operations, scheduled jobs, or automated data processing.
If I want a complete view of the system setup, which tools should I run? +
You'll need a combination: Start with list_users for who has access, then check list_groups to see their permissions. Finally, use list_resources to confirm what data they can touch.
Can the assistant create new Retool apps or modify queries? +
No, this integration is primarily focused on querying and auditing your Retool workspace. It can list apps (list_apps), detail definitions (get_app), and trace infrastructure (list_resources, list_workflows) but cannot currently modify app UI or delete users.
Where do I find the Retool Domain? +
Your Retool domain is exactly what you see in the URL bar when you log into Retool. For example, if you access Retool at https://acme-corp.retool.com, your domain is acme-corp.retool.com. For self-hosted deployments, use the root domain of your custom instance.
Can the AI show me which automated workflows are currently active? +
Yes. Use list_workflows to retrieve all automation workflows configured in your Retool workspace, including their names and status. This lets you quickly verify which background processes are running without opening the Retool dashboard.
Use it with your favorite AI tools
Connect this server to Cursor, Claude, VS Code, and more.
More in this category
Relevance AI
Equip your AI to trigger custom autonomous agents, execute chained prompts, and manage unstructured knowledge datasets directly within your Relevance AI studio.
Replicate
Equip your AI to dynamically search, run, and monitor thousands of open-source machine learning models hosted on Replicate via simple text commands.
RunPod
Integrate your AI securely to RunPod to cleanly quickly provision scalable GPU pods, manage active instances, and inspect serverless endpoints and custom templates natively.
You might also like
Videco
Create and manage personalized videos via Videco u2014 launch campaigns, capture leads, and track analytics from your AI agent.
Mastodon
Automate social interactions on the Fediverse — post statuses, manage follows, and track trending content directly from your AI agent.
Ele.me Open Platform / 饿了么
China's massive food delivery API — manage shops, process orders, and track deliveries via AI.