Configure MCP

Configure MCP

Create scoped MCP tokens and connect compatible security operations clients.

Create scoped MCP tokens

MCP tokens are created inside an organization. Give each token a clear name, narrow scopes, and an expiration date where practical.

Configure compatible clients

Use the Streamable HTTP endpoint for compatible MCP clients. The token should be sent as a bearer token and kept out of logs, prompts, screenshots, analytics, and shared documents.

Review MCP audit logs

MCP tool calls are audited by organization, token, user, tool, outcome, and timestamp. Revoke tokens that are unused, over-scoped, or no longer needed.