Plugin governance
How organizations control which plugins agents can access, and how audit trails and role requirements work.
Oxagen plugins extend the agent toolchain with external tools and first-party capabilities. Every plugin installation is workspace-scoped: a plugin installed in one workspace is not visible to any other workspace, giving security and compliance teams a fine-grained control surface.
Workspace-scoped plugin model
Workspace A → plugins installed here are available only in Workspace A
Workspace B → independent plugin list; no visibility into Workspace A's plugins
Workspace C → ...Org Owners and Admins can install plugins from the marketplace into any workspace they have access to. Workspace Owners and Admins can install plugins into their own workspace. All install, connect, and enable/disable actions are workspace-specific.
Installing plugins
See Plugin marketplace for the full installation guide.
In summary:
- Go to Workspace settings → Plugins → Browse marketplace.
- Choose a tab (MCP Servers, Integrations, Agent Capabilities, Agent Skills, Knowledge Sources).
- Review the plugin's tools, README, and authentication requirements.
- Click Install to workspace. The plugin is enabled immediately in this workspace.
For MCP server and integration plugins that require authentication, a Connect step follows install to supply credentials and activate the network endpoint.
Enable and disable
plugin.org.set_enabled— toggles theenabledflag on the workspace plugin listing. Disabling a listing prevents agents from using the plugin's tools and (for MCP servers) blocks re-connection until re-enabled.plugin.workspace.set_enabled— for MCP server and integration plugins: creates or deactivates the workspace-level MCP server connection. Cannot be used to toggle Oxagen Agent Capability plugins (those are managed viaplugin.org.set_enabled).
Credential security
OAuth tokens and API keys are encrypted at rest with AES-256-GCM. If an OAuth token expires or is revoked, the workspace member who authorized it receives an in-app notification and must re-authenticate before the plugin's tools become available again.
Uninstalling
Go to Workspace settings → Plugins → Installed and click Uninstall. Uninstalling immediately blocks all new invocations of the plugin's tools in this workspace. Existing tool call records referencing the plugin are retained in the audit log. Generated content (images, documents, videos) is not deleted.
Audit trail
All plugin governance actions are recorded in security.security_events (Postgres) and audit_events (ClickHouse):
| Event | When it fires |
|---|---|
plugin.installed | Plugin installed into a workspace. |
plugin.uninstalled | Plugin uninstalled from a workspace. |
plugin.enabled_changed | Plugin listing enabled or disabled (plugin.org.set_enabled). |
plugin.enabled_changed | Workspace MCP server connection activated or deactivated (plugin.workspace.set_enabled). |
plugin.denylist_added | Plugin added to the org denylist. |
plugin.denylist_removed | Plugin removed from the org denylist. |
Role requirements
| Action | Required role |
|---|---|
| Browse marketplace | Any workspace member |
| Install or uninstall a plugin | Workspace Owner, Workspace Admin, or Org Owner/Admin |
| Connect OAuth or set API key | Org Owner or Org Admin only |
| Add custom MCP server or registry | Workspace Owner or Org Owner/Admin |
| Enable or disable a plugin | Workspace Owner or Org Owner/Admin |
For more information, see the Plugin marketplace and Workspace plugins guides.