Configure MCP
Configure MCP
Create scoped MCP tokens and connect compatible security operations clients.
Create scoped MCP tokens
MCP tokens are created inside an organization. Give each token a clear name, narrow scopes, and an expiration date where practical.
Configure compatible clients
Use the Streamable HTTP endpoint for compatible MCP clients. The token should be sent as a bearer token and kept out of logs, prompts, screenshots, analytics, and shared documents.
Review MCP audit logs
MCP tool calls are audited by organization, token, user, tool, outcome, and timestamp. Revoke tokens that are unused, over-scoped, or no longer needed.