Resources & Credentials
Prerequisites: Before reading this guide, we recommend familiarizing yourself with the resource model section in Core Concepts.
Monstrum connects to external systems through Resources and securely manages authentication information through Credentials. This guide covers how to create and manage resources, configure credentials, and bind resources to Bots.
Overview
Resources serve as the bridge between Bots and external systems. When a Bot needs to access an external system (such as an SSH server, MCP tool server, or another Bot), you need to:
- Create a Resource: Configure connection details (address, port, etc.)
- Add a Credential: Provide authentication information (API key, SSH key, etc.)
- Bind to a Bot: Attach the Resource in the Bot’s resource configuration and set permissions
The platform offers two categories of resource types:
- Built-in resource types (6 types): SSH, MCP, Bot, Web Access, Web3, Monstrum Agent — included with the platform and ready to use out of the box
- Plugin resource types: Available by installing plugins (e.g., GitHub, GitLab, Notion, etc.) — see Plugins
Resource Management Page
Click Resource Management in the left navigation bar to open the resource management page. The page is divided into two sections:
- Configured Resources: A list of Resources you have already created
- Available Resources: Resource types supported by the platform — click any type to create a new Resource
Each Resource card displays its name, type, status, and the number of associated credentials.
SSH Resources
SSH resources allow Bots to connect to remote servers via SSH to execute commands.
Creating an SSH Resource
- On the resource management page, find SSH under “Available Resources”
- Click to enter the form and fill in:
- Resource Name: e.g., “Production Server”
- Host Address: The SSH server’s IP address or domain name
- Port: Default is 22
- Username: SSH login username
- Save the resource
Adding Credentials
SSH supports two authentication methods:
SSH Key Authentication:
- In the Resource details, click Add Credential
- Select the SSH Key authentication method
- Paste the SSH private key content
- If the private key has a passphrase, enter it as well
- Save
Password Authentication:
- Select the Password authentication method
- Enter the login password
- Save
Provided Tools
| Tool | Description |
|---|---|
ssh_execute | Execute commands on the remote server |
Permission Dimensions
When binding to a Bot, you can configure the following permission constraints:
| Dimension | Description | Example |
|---|---|---|
hosts | Allowed hosts to connect to | 10.0.1.*, prod-* |
commands | Allowed commands to execute | ls *, cat /var/log/*, systemctl status * |
Glob patterns are used for matching. Unconfigured dimensions are unrestricted.
MCP Resources
MCP (Model Context Protocol) resources connect to external MCP tool servers and automatically discover the tools available on those servers.
Creating an MCP Resource
- On the resource management page, find MCP Endpoint
- Fill in:
- Resource Name: e.g., “Internal Tool Platform”
- Server Address: The MCP server’s Streamable HTTP endpoint URL
- Select an authentication method:
No Auth: Suitable for internal network MCP servers — simply save without additional configuration.
API Key:
- Select API Key authentication
- Enter the API Key
- Optionally configure the authentication header name (defaults to
Authorization)
OAuth 2.1 Client Credentials:
-
Select OAuth authentication
-
Configure the OAuth Provider (see the OAuth section in Plugins)
-
The platform automatically obtains and refreshes tokens
-
After saving, the platform will automatically connect to the MCP server and discover available tools
Tool Discovery
After saving an MCP resource, the platform will:
- Connect to the MCP server
- Call
tools/listto retrieve the tool list - Register the discovered tools with the platform
You can view the list of discovered tools in the Resource details. If the tool list changes (tools added or removed), the platform will send a notification.
Provided Tools
MCP resource tools are dynamically discovered — they depend on what tools the MCP server provides.
Permission Dimensions
| Dimension | Description | Example |
|---|---|---|
tools | Allowed tools to invoke | get_*, list_*, create_issue |
When binding an MCP resource to a Bot, you can select which discovered tools the Bot is allowed to use (via checkboxes or glob patterns).
Bot Resources
Bot resources enable task delegation between Bots. When Bot A needs Bot B to perform a task, Bot B must be bound to Bot A as a resource.
Creating a Bot Resource
- On the resource management page, find Bot
- Select the target Bot (the Bot you want to be called)
- Enter a resource name
- Save
Bot resources do not require credentials — inter-Bot communication uses the platform’s internal authentication.
Provided Tools
| Tool | Description |
|---|---|
bot_execute | Send a task to the target Bot and wait for the result |
bot_query | Query the target Bot’s metadata |
bot_status | Check the target Bot’s status |
bot_get_task_result | Retrieve the result of a previously created task |
bot_cancel_task | Cancel a previously created task |
bot_subscribe_event | Subscribe to platform events |
bot_unsubscribe_event | Unsubscribe from events |
bot_emit_event | Publish a custom event |
Permission Dimensions
| Dimension | Description | Example |
|---|---|---|
bots | Allowed target Bots to call | Specific Bot ID |
subscribe_patterns | Allowed event patterns to subscribe to | task.*, schedule.fired |
emit_patterns | Allowed event names to publish | custom.* |
Delegation Constraints
Inter-Bot calls support delegation constraints (Delegate Scope), which limit the effective permissions of the called Bot when executing delegated tasks. See the delegation constraints section in Roles & Permissions.
Web Access Resources
Web Access resources allow Bots to search the web and fetch webpage content.
Creating a Web Access Resource
- On the resource management page, find Web Access
- Enter a resource name
- Select a search engine:
- DuckDuckGo: Free, no API key required
- Brave: Requires a Brave Search API key
- SerpAPI: Requires a SerpAPI key
- Tavily: Requires a Tavily API key
- If you selected a search engine that requires an API key, add the corresponding credential
- Optionally configure an HTTP/SOCKS5 proxy
- Save
Provided Tools
| Tool | Description |
|---|---|
web_search | Search the web |
web_fetch | Fetch the content of a specified URL (converted to markdown) |
Permission Dimensions
| Dimension | Description | Example |
|---|---|---|
domains | Allowed domains to fetch | *.github.com, docs.* |
The domains constraint applies only to web_fetch operations. Search operations are not restricted by domain.
Web3 (EVM) Resources
Web3 resources allow Bots to interact with EVM-compatible blockchains (Ethereum, Polygon, Base, Arbitrum, etc.).
Creating a Web3 Resource
- On the resource management page, find Web3 (EVM)
- Fill in:
- Resource Name: e.g., “Ethereum Mainnet”
- Chain ID: The chain ID (1=Ethereum, 137=Polygon, 8453=Base, etc.)
- RPC URL: RPC node endpoint (e.g., provided by Infura or Alchemy)
- Block Explorer URL (optional): Used to generate transaction links
- Native Token Symbol (optional): Defaults to ETH
- Max Gas Price (optional): Gas price ceiling in Gwei
- Add credentials:
- Wallet Private Key: The private key used for signing transactions (hex format)
- RPC API Key (optional): API key for the RPC provider
- Save
Security Note: Wallet private keys are stored encrypted, and Bots cannot access the plaintext. We recommend using a dedicated wallet rather than your primary wallet.
Provided Tools
| Tool | Description |
|---|---|
web3_get_balance | Query the native token or ERC20 token balance of an address |
web3_transfer | Transfer native tokens |
web3_get_transaction | Query transaction details |
web3_call_contract | Make a read-only call to a contract function |
web3_send_transaction | Send a write transaction to a contract |
web3_read_events | Read contract event logs |
web3_estimate_gas | Estimate gas fees |
Permission Dimensions
| Dimension | Description | Example |
|---|---|---|
operations | Allowed operation types | read (read-only), write (read-write) |
recipients | Allowed transfer recipient addresses | Specific wallet addresses |
contracts | Allowed contract addresses to call | Specific contract addresses |
functions | Allowed contract functions to call | balanceOf, transfer |
We recommend configuring strict permission constraints for Web3 resources, especially recipients and contracts whitelists.
Monstrum Agent Resources
Monstrum Agent resources are automatically created and managed by the local Agent program and do not require manual configuration. When an Agent connects to the platform and registers its tools, the corresponding resource appears automatically in the resource list.
See Local Agent Integration for details.
Permission Dimensions
| Dimension | Description | Example |
|---|---|---|
tools | Allowed tools to invoke | run_shell, read_file |
paths | Allowed file paths to access | /home/user/project/* |
commands | Allowed commands to execute | ls *, git * |
images | Allowed container images to use | python:3.*, node:* |
Credential Management
Credentials are encrypted authentication information stored on the platform. The platform uses AES-256 encryption for credentials, and Bots can never access the plaintext.
Relationship Between Credentials and Resources
A single Resource can have multiple credentials. For example, an SSH server can have both an SSH key and a password credential configured simultaneously. When binding the Resource to a Bot, you select which credential the Bot should use.
Adding Credentials
From the Resource details page:
- Click “Add Credential”
- Select the authentication method (depends on the methods supported by the resource type)
- Fill in the credential information
- Save
Credential Status
| Status | Description |
|---|---|
| Active | Credential is valid and usable |
| Expired | Token or key has expired and needs to be updated |
| Reauthorization Required | OAuth token refresh failed — the authorization flow needs to be repeated |
Updating Credentials
When editing a credential, leaving sensitive fields (such as API key or private key) empty will keep the current values unchanged.
Deleting Credentials
Before deleting a credential, make sure no Bot is currently using it. If a credential in use is deleted, the affected Bot will no longer be able to invoke tools from that resource.
Binding Resources to Bots
After creating a Resource and its credentials, you still need to bind it to a Bot before the Bot can use the resource’s tools.
Binding Steps
- Go to the Bot details page and select the Resource Configuration tab
- Click Bind Resource
- Select the Resource to bind
- Select the credential to use (if the Resource has only one credential, it is selected automatically)
- Configure permissions:
- Static tool types (SSH, Bot, Web3): Check the allowed operations
- Dynamic tool types (MCP, Agent): Check the allowed tools
- Parameter constraints: Set constraint values for each permission dimension
- Save the binding
Using Roles for Quick Permission Configuration
If you have already created role templates (see Roles & Permissions), you can select a role when binding to quickly apply preset permission configurations.
Managing Bindings
- Edit permissions: Click edit in the resource configuration list
- Disable/Enable: Temporarily disable a binding without deleting it
- Unbind: Remove the Bot’s access to the resource
Built-in vs. Plugin Resources
Built-in Resource Types
The platform includes the following 6 resource types, available without any installation:
| Resource Type | Purpose | Tool Discovery |
|---|---|---|
| SSH | Remote server command execution | Static (fixed tools) |
| MCP | Connect to MCP tool servers | Dynamic (auto-discovery) |
| Bot | Inter-Bot task delegation | Static |
| Web Access | Web search and page fetching | Static |
| Web3 (EVM) | Blockchain interaction | Static |
| Monstrum Agent | Local Agent tool bridging | Dynamic (Agent registration) |
Plugin Resource Types
After installing a plugin, the corresponding resource type appears in the “Available Resources” list alongside the built-in types. The configuration process is the same: create a Resource, add credentials, and bind to a Bot.
Plugin resource types may support additional authentication methods (such as OAuth), which will appear automatically when creating credentials.
See Plugins for details.
Common Patterns
Least Privilege Configuration
Bind only the necessary resources to each Bot and apply the strictest permission constraints:
- SSH: Restrict the host whitelist and command whitelist
- Web3: Restrict operations to read-only and whitelist contract addresses
- Inter-Bot calls: Restrict the allowed target Bots
Multi-Environment Management
Create multiple Resource instances of the same type for different environments:
- “SSH - Production”: Strict command whitelist
- “SSH - Staging”: Relaxed command whitelist
- Bind different Bots to the appropriate environment’s Resource
Shared Resources
A single Resource can be bound to multiple Bots, each with different permission constraints. This allows multiple Bots to share the same external system connection while maintaining independent permissions.
FAQ
Resource status shows “Disconnected”
- SSH: Verify that the host address and port are correct and that the server is online
- MCP: Verify that the MCP server address is reachable
Tool discovery failed (MCP)
- Verify that the MCP server address is correct
- Verify that the authentication information is valid
- Confirm that the MCP server supports Streamable HTTP transport
Bot reports “Insufficient permissions” when invoking a tool
- Check the permission configuration in the resource binding
- Confirm that the invocation parameters fall within the permission constraints
- Review the permission check details in the audit logs under Data Center
Credential expired
- OAuth Token: Go to the Resource details and reauthorize
- API Key: Edit the credential and update the key value
- SSH Key: Edit the credential and replace with the new private key