Contentful MCP Policy

GET STARTED

Download this policy scaffold and add your rules. Intercept enforces them on every tool call before it reaches Contentful.

terminal

# Download policy scaffold


curl -o contentful.yaml https://raw.githubusercontent.com/policylayer/intercept/main/policies/contentful.yaml

# Run with Intercept


intercept --policy contentful.yaml -- npx -y @@contentful/mcp-server

Server documentation: https://www.npmjs.com/package/@contentful/mcp-server

READ TOOLS

24

get_initial_context Initialise connection and get usage instructions

list_content_types List content types

get_content_type Get detailed content type information

search_entries Search and filter entries in your space

get_entry Retrieve specific entries

list_editor_interfaces List all editor interfaces in a space

get_editor_interface Get editor interface for a content type

list_assets List and browse assets

get_asset Retrieve specific assets

list_spaces List available spaces

get_space Get space details

list_environments List environments in a space

list_locales List all locales in your environment

get_locale Retrieve specific locale information

list_orgs List organisations user has access to

get_org Get details of a specific organisation

get_ai_action_invocation Get AI action invocation details

get_ai_action Retrieve AI action details and configuration

list_ai_actions List AI actions in a space

get_concept Retrieve specific taxonomy concept

list_concepts List concepts with filtering and hierarchy

get_concept_scheme Retrieve specific concept scheme

list_concept_schemes List concept schemes with pagination

WRITE TOOLS

21

create_content_type Create new content types

update_content_type Modify existing content types

unpublish_content_type Unpublish content types

create_entry Create new content entries with locale support

update_entry Modify existing entries with locale support

unpublish_entry Unpublish entries

update_editor_interface Update field controls, sidebars, and layouts

upload_asset Upload new assets

update_asset Modify asset metadata

unpublish_asset Unpublish assets

create_environment Create new environments

create_locale Create new locales for multi-language content

update_locale Modify existing locale settings

create_tag Create new tags with public/private visibility

create_ai_action Create custom AI-powered workflows

update_ai_action Update existing AI actions

unpublish_ai_action Unpublish AI actions

create_concept Create new taxonomy concepts with localisation

update_concept Update taxonomy concept properties

create_concept_scheme Create new taxonomy concept schemes

update_concept_scheme Update concept scheme properties

DESTRUCTIVE TOOLS

8

delete_content_type Remove content types

delete_entry Remove entries

delete_asset Remove assets

delete_environment Remove environments

delete_locale Remove locales from environment

delete_ai_action Remove AI actions

delete_concept Remove taxonomy concepts

delete_concept_scheme Remove concept schemes

EXECUTE TOOLS

5

publish_content_type Publish content type changes

publish_entry Publish entries

publish_asset Publish assets

invoke_ai_action Invoke AI action with variables

publish_ai_action Publish AI actions for use

OTHER TOOLS

3

space_to_space_migration_handler Enable/disable space migration workflow

space_to_space_param_collection Collect parameters for migration workflow

export_space Export space to file

POLICY YAML

This scaffold lists every tool with empty rules. Add conditions — rate limits, argument validation, deny rules — then deploy with Intercept.

contentful.yaml

version: "1"
description: "Policy for @contentful/mcp-server"
default: "allow"
tools:
    get_initial_context:
        rules: []
    list_content_types:
        rules: []
    get_content_type:
        rules: []
    search_entries:
        rules: []
    get_entry:
        rules: []
    list_editor_interfaces:
        rules: []
    get_editor_interface:
        rules: []
    list_assets:
        rules: []
    get_asset:
        rules: []
    list_spaces:
        rules: []
    get_space:
        rules: []
    list_environments:
        rules: []
    list_locales:
        rules: []
    get_locale:
        rules: []
    list_tags:
        rules: []
    list_orgs:
        rules: []
    get_org:
        rules: []
    get_ai_action_invocation:
        rules: []
    get_ai_action:
        rules: []
    list_ai_actions:
        rules: []
    get_concept:
        rules: []
    list_concepts:
        rules: []
    get_concept_scheme:
        rules: []
    list_concept_schemes:
        rules: []
    create_content_type:
        rules: []
    update_content_type:
        rules: []
    unpublish_content_type:
        rules: []
    create_entry:
        rules: []
    update_entry:
        rules: []
    unpublish_entry:
        rules: []
    update_editor_interface:
        rules: []
    upload_asset:
        rules: []
    update_asset:
        rules: []
    unpublish_asset:
        rules: []
    create_environment:
        rules: []
    create_locale:
        rules: []
    update_locale:
        rules: []
    create_tag:
        rules: []
    create_ai_action:
        rules: []
    update_ai_action:
        rules: []
    unpublish_ai_action:
        rules: []
    create_concept:
        rules: []
    update_concept:
        rules: []
    create_concept_scheme:
        rules: []
    update_concept_scheme:
        rules: []
    delete_content_type:
        rules: []
    delete_entry:
        rules: []
    delete_asset:
        rules: []
    delete_environment:
        rules: []
    delete_locale:
        rules: []
    delete_ai_action:
        rules: []
    delete_concept:
        rules: []
    delete_concept_scheme:
        rules: []
    publish_content_type:
        rules: []
    publish_entry:
        rules: []
    publish_asset:
        rules: []
    invoke_ai_action:
        rules: []
    publish_ai_action:
        rules: []
    space_to_space_migration_handler:
        rules: []
    space_to_space_param_collection:
        rules: []
    export_space:
        rules: []

RELATED POLICIES

Sanity 36 tools

cmscontent-managementheadless-cms

Ghost 7 tools

cmscontent-management

FREQUENTLY ASKED QUESTIONS

What tools does the Contentful MCP server expose?

The Contentful MCP Server exposes 61 tools across 5 categories: Read, Write, Destructive, Execute, Other. Each tool can be individually controlled with Intercept policies.

How do I enforce policies on Contentful?

Download the policy scaffold, add rules (rate limits, argument validation, deny rules), then run Intercept as a proxy in front of the Contentful MCP server. Every tool call is evaluated against your YAML policy before execution.

Is the Contentful policy free to use?

Yes. All Intercept policies are open source under the Apache 2.0 licence. Download, modify, and deploy without restrictions.

ENFORCE POLICIES ON CONTENTFUL

Open source. One binary. Zero dependencies.

VIEW ON GITHUB Browse all policies →