> ## Documentation Index
> Fetch the complete documentation index at: https://docs.runalloy.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Additional Information

## Restrictions

Restrictions limit assistant access and support allowlist/blocklist logic:

* **Connectors**: Restrict accessible connectors (e.g., allow only Slack and HubSpot).
* **Actions**: Block specific operations (e.g., destructive actions like `delete_channel`).
* **Users**: Restrict which end-user IDs can access the server (useful for public setups).

<Note>
  Note: When updating, the full `restrictions` object replaces the previous configuration.
</Note>

## Server Descriptions

* `description`: Context for the server, shown in dashboards and lists. Helps you organize and identify your servers.

## Token Settings

* `tokenExpiresInDays`: Set token lifespan (1-365 days). After expiration, the token URL will no longer work.

## Response Handling

MCP responses are sized intelligently:

* **Large datasets**: Response includes `needsRefinement` with suggestions to filter, search, or paginate.
* **Medium datasets (25-50 items)**: First 25 items returned with `originalCount` and `displayedCount`.
* **Small datasets (less than 25 items)**: Full response returned.

This ensures assistants are not overwhelmed.

## Pagination and Rate Limits

* List endpoints support `limit` and `offset`.
* Responses include: `total`, `limit`, `offset`, `hasMore`.
* Default rate limit: **100 requests/min per API key/token** (sliding window).
* Exceeding the limit returns HTTP **429**.
* Self-hosted servers can override limits via environment variables.

## Input Validation

* Server names: 1-100 characters, unique per user.
* Token lifespan: 1-365 days.
* Max request body size: **10 MB**.
* Arrays: Max **1,000 items** per request or response.

These limits enforce reliability and prevent abuse.