GlossaryAgents and workflows

Tool Permissions

Tool permissions are granular controls for which external actions an agent may perform—read email vs send email, list files vs delete files.

They sit below connector OAuth: user connects Gmail once, then allows or denies each tool the agent might call.

What it means

The product maps each tool (API operation) to an allow/deny state, sometimes grouped by risk (read-only vs write vs delete), enforced before every invocation.

Why designers should care

Granular permissions reduce all-or-nothing fear of connectors. Design clear groupings, defaults, and in-flow prompts when a denied tool is needed mid-task.

Example

Perplexity’s Gmail connector modal lists read_inbox as Allow and send_email as Disable by default; the agent pauses with “Enable send to complete this task” if the user asks to reply.

Common mistakes

  • Binary “Connect Gmail” with no per-tool breakdown.
  • Permissions only in settings, never surfaced when the agent hits a blocked tool.
  • No memory of user choices across sessions, re-prompting every run.

Weekly AI UX notes

Patterns, prompts, and glossary updates for designers building AI products on Substack. No spam.

Subscribe on Substack