Hi Mixpanel team! I really love your Mixpanel MCP feature, it’s super exciting to see analytics becoming more accessible through AI workflows. Because of that, I wanted to share some feedback and a product idea regarding MCP access control.
Currently, Mixpanel MCP only provides a single global on/off toggle. Once enabled, it applies to all projects and all users without any granular restriction model. This creates a few security and governance concerns from our infosec team:
Any user with Mixpanel dashboard access can connect MCP using personal AI accounts (free ChatGPT or Claude accounts) as long as they complete the authorization flow.
There is no way to restrict MCP usage to organization-managed emails only.
Free AI subscriptions may automatically enable “data training for AI” settings, which raises concerns about potential data leakage or unintended data exposure.
It would be extremely beneficial if Mixpanel could introduce granular MCP access controls, such as:
Allow MCP access only for selected users or user groups.
Restrict access to organization-managed email domains only.
Project-level restrictions
Enable MCP only for selected projects/workspaces instead of globally.
Allow admins to whitelist approved AI providers/accounts.
Optionally block personal/free-tier AI accounts from connecting.
Audit logs for MCP access and usage.
I believe these controls would help us adopt Mixpanel MCP more confidently while reducing governance and data security risks. Thanks in advance!!
