Standby Actors that include an OpenAPI specification now get an Endpoints tab with interactive OpenAPI documentation. You can browse available endpoints, inspect request and response schemas, and execute live API calls — all from the browser.
Your API token is attached automatically, so you get a working request and a real response without copy-pasting credentials.
The Endpoints tab is available on Actor detail and Actor Task pages in Apify Console and on Actor detail pages in Apify Store.
How to add it to your Actor
Define a webServerSchema field in your actor.json pointing to an OpenAPI 3 specification file (or inline the schema directly in actor.json). The platform validates it on every build.
{
"webServerSchema":"./openapi.json"
}
Once deployed, the Endpoints tab appears automatically for anyone viewing your Actor. Learn more about web server schemas in the docs.
After launching Actor permissions , we continue to adopt least-privileged access and stricter defaults, improving security for both users and AI agents. The first time you run a full-permission Actor, you'll see a one-time confirmation modal explaining what it can access. Once approved, subsequent runs go through without further approval.
This applies everywhere a full-permission Actor can be invoked: Apify Console, the Apify API, the Apify CLI, schedules, and webhooks. Limited-permission Actors are unaffected.
What this means for you
When you're running Actors from Apify Store, in some cases you might be prompted to approve an Actor before its first run.
No approval is required when running:
Limited-permission Actors: no extra step needed.
Your own Actors, regardless of their permission level.
A full-permission Actor you've already used: your prior runs count as an implicit approval.
A full-permission Actor calling or metamorphing into another: by approving the first Actor, you're trusting it with all its actions, including calling or metamorphing into other Actors.
Permission approval is required when:
You run a full-permission Actor you haven't used yet: you'll see a one-time confirmation modal in Apify Console.
A full-permission Actor's developer changes its permission level: your prior approval is revoked, and you'll be asked to approve again on the next run.
You call a full-permission Actor via the Apify API, CLI, or MCP for the first time: the request fails with an error code 403 and an approvalUrl pointing to approve the run in Apify Console.
Why this matters
Full-permission Actors receive unrestricted access to your Apify account. With AI agents now routinely running Actors on your behalf, an explicit human approval step is the simplest way to make sure your account isn't exposed to anything you wouldn't have run yourself.
If you build Actors, this is also a strong nudge to migrate to limited permissions wherever possible. Actors with limited permissions are easier to trust, friendlier to AI agents, and don't trigger an approval step for users.
How it works
When you start a full-permission Actor in Apify Console that you haven't run before, a confirmation modal asks you to review what the Actor can access and approve it. You can also approve an Actor up front via the three-dot menu on the Actor detail screen.
If you call an unapproved full-permission Actor through the API (or any non-Console path), the request fails with a 403 and an approvalUrl pointing to the Actor's page in Apify Console:
{
"error":{
"type":"full-permission-actor-not-approved",
"message":"This Actor requires full access to your account. You must approve its permissions before running it.",
Approval can only be granted in Apify Console - not through the API. This is intentional: it prevents AI agents and automation from approving full-permission Actors on your behalf.
Skipping approval
If you'd rather not be prompted, you can opt out under Settings → Login & Privacy → Actor permission approval → Skip approval. We recommend leaving the default on; when you skip the approval, any full-permission Actor can run under your account without explicit consent. Only disable this if you understand the risk, especially if AI agents run Actors from your account.
We've redesigned the MCP configurator with a refreshed Apify brand identity and a simpler setup flow, making it easier to connect Apify to any LLM and use Actors in agentic workflows — so you can get your agents up and running faster.
Supported clients
Set up the Apify MCP server in a few clicks from Claude Desktop, Claude.ai, Claude Code, Antigravity, Cursor, ChatGPT, Codex, VS Code, and more.
Actors can now output to multiple datasets, each with its own schema and validation rules. Keep your data clean, structured, and purpose-built.
Use case
Website Content Crawler uses multiple datasets to store details about URLs it failed to scrape, making it easier to debug crawl issues without digging through the main output.
How it works
Define datasets in actor.json under storages.datasets
Each key becomes an alias that refers to that dataset within the run
A default alias is required; all others are optional
Each dataset automatically follows the run’s data retention policy
Reference datasets in your output schema via template variables, e.g. {{storages.datasets.categories.apiUrl}}
You can now add and remove build tags for your Actors directly in Apify Console. On any completed build's detail page, click the tag icon next to the build number to open the tag editor.
From the modal you can:
Add a tag - enter a tag name (e.g. latest, beta, stable) and assign it to the build. If the tag already exists on a different build, it will be moved to this one.
Remove a tag - delete any existing tag from the build.
This makes it easy to reassign tags like latest to a previous build for quick rollbacks without needing to rebuild. Build tags can also be managed programmatically via the API .
You can learn more about how builds and tags work in the docs .
