My Plugins
Developer-level plugin controls for enabling plugins, overriding MCP credentials, and allowing or blocking end-user credential overrides.
Overview
The My Plugins page lets each developer customize how plugins behave in their own workspace without changing the global plugin definition. Only approved and active plugins appear here — draft, pending, or declined submissions are managed on the Submissions page instead.
This page is especially important for MCP-enabled plugins.
What developers can control
- Enable or disable a plugin from their own catalog
- Override the plugin's MCP client ID
- Override the plugin's MCP client secret
- Choose MCP scopes
- Allow or block end-user credential overrides
By default, plugins remain enabled and Allow end user credentials is on. Developers can disable it per plugin if they do not want end-users to bring their own MCP app credentials.
Why this exists
Different developers often need different MCP app credentials for the same provider:
- one team may use the admin-managed shared app
- another may need a tenant-specific app
- some developers may want end users to bring their own app credentials
The resolution order is:
- End-user credentials, when allowed
- Developer credentials
- Admin plugin defaults
Page behavior
The page includes:
- Search by plugin name or slug
- Per-plugin enabled toggle
- Bulk Disable All toggle
- Per-plugin MCP credential settings
- Save All support for batch edits
Disabled plugins are hidden from the developer's runtime plugin and tool lists.
Security notes
- Developer secrets are encrypted before storage
- End-user overrides can be disabled per plugin
- Token refresh uses the same effective client credentials that created the grant
Related pages
- Plugins
- Submissions — create and manage plugin proposals
- Connections
- MCP Integration