Skip to main content

MCP Policies

FieldValue
Document IDASCEND-MCP-002
Version1.0.0
Last UpdatedDecember 19, 2025
AuthorAscend Engineering Team
PublisherOW-KAI Technologies Inc.
ClassificationEnterprise Client Documentation
ComplianceSOC 2 CC6.1/CC6.2, PCI-DSS 7.1/8.3, HIPAA 164.312, NIST 800-53 AC-2/SI-4

Reading Time: 8 minutes | Skill Level: Intermediate

Overview

MCP (Model Context Protocol) policies define how ASCEND governs interactions between AI models and MCP servers. Configure trust levels, tool restrictions, and approval requirements.

Policy Architecture

Server Trust Levels

Trust Level Definitions

LevelDescriptionDefault Behavior
trustedFully vetted, internal serversAuto-approve most actions
restrictedPartially vetted, limited scopeRequire approval for sensitive
sandboxUntested or external serversRequire approval for all

Configure Server Trust

curl -X PUT "https://pilot.owkai.app/api/mcp/servers/{server_id}/trust" \
  -H "Authorization: Bearer <admin_jwt>" \
  -d '{
    "trust_level": "restricted",
    "reason": "Third-party integration, limited to read operations",
    "allowed_tools": ["search", "read_file"],
    "denied_tools": ["write_file", "execute", "delete"],
    "max_risk_score": 50
  }'

Tool Policies

Create Tool Policy

curl -X POST "https://pilot.owkai.app/api/mcp/policies/tools" \
  -H "Authorization: Bearer <admin_jwt>" \
  -d '{
    "name": "File Write Approval",
    "tool_pattern": "write_*",
    "servers": ["*"],
    "conditions": {
      "parameters.path": {"$regex": "^/sensitive/"}
    },
    "action": "REQUIRE_APPROVAL",
    "approval_level": 2,
    "risk_modifier": 30
  }'

Tool Pattern Matching

PatternMatches
*All tools
read_*read_file, read_database, etc.
*_databaseread_database, write_database
executeExact match only

List Tool Policies

curl "https://pilot.owkai.app/api/mcp/policies/tools" \
  -H "Authorization: Bearer <jwt_token>"

Response:

{
  "policies": [
    {
      "policy_id": "pol_mcp_001",
      "name": "File Write Approval",
      "tool_pattern": "write_*",
      "action": "REQUIRE_APPROVAL",
      "is_active": true,
      "priority": 100
    },
    {
      "policy_id": "pol_mcp_002",
      "name": "Block Execute on Sandbox",
      "tool_pattern": "execute",
      "servers": ["sandbox_*"],
      "action": "DENY",
      "is_active": true,
      "priority": 200
    }
  ]
}

Server Policies

Create Server Policy

curl -X POST "https://pilot.owkai.app/api/mcp/policies/servers" \
  -H "Authorization: Bearer <admin_jwt>" \
  -d '{
    "name": "External Server Restrictions",
    "server_pattern": "external_*",
    "default_action": "REQUIRE_APPROVAL",
    "max_requests_per_minute": 10,
    "allowed_ip_ranges": ["10.0.0.0/8"],
    "require_mTLS": true,
    "audit_all_requests": true
  }'

Server Access Control

curl -X PUT "https://pilot.owkai.app/api/mcp/servers/{server_id}/access" \
  -H "Authorization: Bearer <admin_jwt>" \
  -d '{
    "allowed_agents": ["agent_001", "agent_002"],
    "denied_agents": ["untrusted_agent"],
    "require_agent_registration": true,
    "ip_whitelist": ["192.168.1.0/24"]
  }'

Unified Governance

Agent + MCP Unified Policy

curl -X POST "https://pilot.owkai.app/api/governance/unified" \
  -H "Authorization: Bearer <admin_jwt>" \
  -d '{
    "name": "Sensitive Data Access",
    "applies_to": ["agents", "mcp_servers"],
    "conditions": {
      "$or": [
        {"data_category": "pii"},
        {"data_category": "financial"},
        {"data_category": "health"}
      ]
    },
    "action": "REQUIRE_APPROVAL",
    "approval_level": 3,
    "audit_retention_days": 2555
  }'

Policy Evaluation Order

1. Deny policies (highest priority)
2. Server-specific policies
3. Tool-specific policies
4. Trust level defaults
5. Global defaults

Risk Modifiers

Configure MCP Risk Scoring

curl -X PUT "https://pilot.owkai.app/api/mcp/risk-config" \
  -H "Authorization: Bearer <admin_jwt>" \
  -d '{
    "tool_modifiers": {
      "execute": 50,
      "write_*": 30,
      "delete_*": 40,
      "read_*": 5,
      "search": 0
    },
    "server_modifiers": {
      "sandbox": 30,
      "restricted": 15,
      "trusted": 0
    },
    "parameter_modifiers": {
      "contains_pii": 25,
      "external_destination": 20,
      "bulk_operation": 15
    }
  }'

Policy Templates

Apply Security Template

curl -X POST "https://pilot.owkai.app/api/mcp/policies/templates/security-strict/apply" \
  -H "Authorization: Bearer <admin_jwt>"

Security-Strict Template:

  • All write operations require approval
  • Execute tools blocked by default
  • External server requests denied
  • Full audit logging

Available Templates

TemplateDescription
security-strictMaximum restrictions
security-standardBalanced security
developmentRelaxed for dev/test
compliance-hipaaHIPAA-compliant settings
compliance-pciPCI-DSS compliant settings

Conditional Policies

Time-Based Restrictions

curl -X POST "https://pilot.owkai.app/api/mcp/policies" \
  -H "Authorization: Bearer <admin_jwt>" \
  -d '{
    "name": "After Hours Restrictions",
    "conditions": {
      "time_of_day": {"$gte": "18:00", "$lte": "08:00"},
      "day_of_week": {"$nin": ["saturday", "sunday"]}
    },
    "action": "REQUIRE_APPROVAL",
    "approval_level": 3
  }'

Parameter-Based Policies

curl -X POST "https://pilot.owkai.app/api/mcp/policies" \
  -H "Authorization: Bearer <admin_jwt>" \
  -d '{
    "name": "Large Data Export Approval",
    "tool_pattern": "export_*",
    "conditions": {
      "parameters.row_count": {"$gte": 10000}
    },
    "action": "REQUIRE_APPROVAL",
    "approval_level": 2
  }'

Policy Testing

Test Policy Against Request

curl -X POST "https://pilot.owkai.app/api/mcp/policies/test" \
  -H "Authorization: Bearer <admin_jwt>" \
  -d '{
    "server_id": "external_api_server",
    "tool_name": "write_file",
    "parameters": {
      "path": "/sensitive/data.json",
      "content": "test"
    },
    "agent_id": "test_agent"
  }'

Response:

{
  "decision": "REQUIRE_APPROVAL",
  "matched_policies": [
    {
      "policy_id": "pol_mcp_001",
      "name": "File Write Approval",
      "priority": 100
    }
  ],
  "risk_score": 65,
  "risk_factors": [
    {"name": "write_operation", "score": 30},
    {"name": "sensitive_path", "score": 25},
    {"name": "restricted_server", "score": 10}
  ]
}

Audit & Monitoring

MCP Activity Logs

curl "https://pilot.owkai.app/api/mcp/audit?server_id=external_api&days=7" \
  -H "Authorization: Bearer <admin_jwt>"

Response:

{
  "logs": [
    {
      "timestamp": "2025-12-15T10:30:00Z",
      "server_id": "external_api",
      "tool_name": "search",
      "agent_id": "research_agent",
      "decision": "approved",
      "risk_score": 15,
      "response_time_ms": 45
    }
  ],
  "statistics": {
    "total_requests": 150,
    "approved": 145,
    "denied": 5,
    "avg_risk_score": 22
  }
}

Best Practices

1. Start Restrictive

Begin with sandbox trust level and restrictive policies, then relax as confidence grows.

2. Use Specific Patterns

Prefer specific tool patterns over wildcards:

# Better
"tool_pattern": "write_database"

# Less precise
"tool_pattern": "write_*"

3. Layer Policies

Combine server, tool, and parameter policies for defense in depth.

4. Monitor and Adjust

Review audit logs regularly and adjust policies based on actual usage patterns.

Next Steps

Document Version: 1.0.0 | Last Updated: December 2025

Last updated on