Security

Related Topics: Configuration (secrets setup) | Deployment (production security) | Common Tasks (quick how-to)

MXCP provides enterprise-grade security features for production AI applications. This section covers authentication, authorization, and audit capabilities.

Security Features

Authentication

Control who can access your MCP server:

• OAuth 2.0 - GitHub, Atlassian, Salesforce, Google, Keycloak
• Session Management - Secure token handling with persistence
• Stateless Mode - For serverless deployments

Learn about authentication →

Policies

Control what users can do and see:

• Input Policies - Block unauthorized requests
• Output Policies - Filter sensitive data
• CEL Expressions - Flexible condition evaluation

Learn about policies →

Audit Logging

Track all operations for compliance:

• Complete Trail - Every operation logged
• User Attribution - Who did what and when
• Query Interface - Search and analyze logs

Learn about auditing →

Security Model

MXCP implements a layered security model:

Quick Start

Enable Authentication

Add to your user configuration (~/.mxcp/config.yml):

mxcp: 1
projects:
  my-project:
    profiles:
      default:
        auth:
          provider: github
          github:
            client_id: "${GITHUB_CLIENT_ID}"
            client_secret: "${GITHUB_CLIENT_SECRET}"

Add Policies

In your endpoint definition:

tool:
  name: sensitive_data
  # ...

policies:
  input:
    - condition: "user.role != 'admin'"
      action: deny
      reason: "Admin access required"

  output:
    - condition: "user.role != 'admin'"
      action: filter_fields
      fields: ["salary", "ssn"]

Enable Audit Logging

In mxcp-site.yml:

profiles:
  default:
    audit:
      enabled: true
      path: audit/logs.jsonl

Best Practices

1. Defense in Depth

Use multiple security layers:

• Authentication (who is the user)
• Authorization (what can they do)
• Data filtering (what can they see)
• Audit logging (what did they do)

2. Least Privilege

Grant minimum necessary permissions:

# Only allow specific permissions
condition: "'data.read' in user.permissions"

3. Mark Sensitive Data

Use sensitive: true for PII:

return:
  type: object
  properties:
    ssn:
      type: string
      sensitive: true

4. Log Everything in Production

Enable audit logging for compliance:

audit:
  enabled: true
  path: /var/log/mxcp/audit.jsonl

5. Regular Log Review

Monitor for anomalies:

mxcp log --policy deny --since 24h
mxcp log --status error --since 1h

Compliance

MXCP’s security features support various compliance requirements:

Requirement	MXCP Feature
Access Control	OAuth + Policies
Data Protection	Sensitive field filtering
Audit Trail	Comprehensive logging
Data Minimization	Output policies
User Consent	Policy enforcement

Security Considerations

Transport Security

• Use HTTPS in production
• Configure TLS for HTTP transport
• Secure WebSocket connections

Secret Management

• Never commit secrets to version control
• Use Vault or 1Password integration
• Rotate secrets regularly

Database Security

• Use read-only mode when appropriate
• Limit DuckDB file permissions
• Regular backups

Network Security

• Restrict network access
• Use firewalls appropriately
• Monitor for suspicious activity

Next Steps

• Authentication - Configure OAuth providers
• Policies - Implement access control
• Auditing - Set up audit logging