MCP Policies
| Field | Value |
|---|---|
| Document ID | ASCEND-MCP-002 |
| Version | 1.0.0 |
| Last Updated | December 19, 2025 |
| Author | Ascend Engineering Team |
| Publisher | OW-KAI Technologies Inc. |
| Classification | Enterprise Client Documentation |
| Compliance | SOC 2 CC6.1/CC6.2, PCI-DSS 7.1/8.3, HIPAA 164.312, NIST 800-53 AC-2/SI-4 |
Reading Time: 8 minutes | Skill Level: Intermediate
Overview
MCP (Model Context Protocol) policies define how ASCEND governs interactions between AI models and MCP servers. Configure trust levels, tool restrictions, and approval requirements.
Policy Architecture
┌─────────────────────────────────────────────────────────────────┐
│ MCP GOVERNANCE LAYER │
├─────────────────────────────────────────────────────────────────┤
│ │
│ ┌─────────────┐ ┌─────────────┐ ┌─────────────┐ │
│ │ Server │ │ Tool │ │ Action │ │
│ │ Policies │ │ Policies │ │ Policies │ │
│ └──────┬──────┘ └──────┬──────┘ └──────┬──────┘ │
│ │ │ │ │
│ └──────────────────┼──────────────────┘ │
│ │ │
│ ▼ │
│ ┌─────────────────┐ │
│ │ Unified Policy │ │
│ │ Engine │ │
│ └────────┬────────┘ │
│ │ │
│ ┌─────────────┼─────────────┐ │
│ ▼ ▼ ▼ │
│ ┌────────┐ ┌────────┐ ┌────────┐ │
│ │ Allow │ │ Require│ │ Deny │ │
│ │ │ │Approval│ │ │ │
│ └────────┘ └────────┘ └────────┘ │
│ │
└─────────────────────────────────────────────────────────────────┘
Server Trust Levels
Trust Level Definitions
| Level | Description | Default Behavior |
|---|---|---|
trusted | Fully vetted, internal servers | Auto-approve most actions |
restricted | Partially vetted, limited scope | Require approval for sensitive |
sandbox | Untested or external servers | Require approval for all |
Configure Server Trust
curl -X PUT "https://pilot.owkai.app/api/mcp/servers/{server_id}/trust" \
-H "Authorization: Bearer <admin_jwt>" \
-d '{
"trust_level": "restricted",
"reason": "Third-party integration, limited to read operations",
"allowed_tools": ["search", "read_file"],
"denied_tools": ["write_file", "execute", "delete"],
"max_risk_score": 50
}'
Tool Policies
Create Tool Policy
curl -X POST "https://pilot.owkai.app/api/mcp/policies/tools" \
-H "Authorization: Bearer <admin_jwt>" \
-d '{
"name": "File Write Approval",
"tool_pattern": "write_*",
"servers": ["*"],
"conditions": {
"parameters.path": {"$regex": "^/sensitive/"}
},
"action": "REQUIRE_APPROVAL",
"approval_level": 2,
"risk_modifier": 30
}'
Tool Pattern Matching
| Pattern | Matches |
|---|---|
* | All tools |
read_* | read_file, read_database, etc. |
*_database | read_database, write_database |
execute | Exact match only |
List Tool Policies
curl "https://pilot.owkai.app/api/mcp/policies/tools" \
-H "Authorization: Bearer <jwt_token>"
Response:
{
"policies": [
{
"policy_id": "pol_mcp_001",
"name": "File Write Approval",
"tool_pattern": "write_*",
"action": "REQUIRE_APPROVAL",
"is_active": true,
"priority": 100
},
{
"policy_id": "pol_mcp_002",
"name": "Block Execute on Sandbox",
"tool_pattern": "execute",
"servers": ["sandbox_*"],
"action": "DENY",
"is_active": true,
"priority": 200
}
]
}
Server Policies
Create Server Policy
curl -X POST "https://pilot.owkai.app/api/mcp/policies/servers" \
-H "Authorization: Bearer <admin_jwt>" \
-d '{
"name": "External Server Restrictions",
"server_pattern": "external_*",
"default_action": "REQUIRE_APPROVAL",
"max_requests_per_minute": 10,
"allowed_ip_ranges": ["10.0.0.0/8"],
"require_mTLS": true,
"audit_all_requests": true
}'
Server Access Control
curl -X PUT "https://pilot.owkai.app/api/mcp/servers/{server_id}/access" \
-H "Authorization: Bearer <admin_jwt>" \
-d '{
"allowed_agents": ["agent_001", "agent_002"],
"denied_agents": ["untrusted_agent"],
"require_agent_registration": true,
"ip_whitelist": ["192.168.1.0/24"]
}'
Unified Governance
Agent + MCP Unified Policy
curl -X POST "https://pilot.owkai.app/api/governance/unified" \
-H "Authorization: Bearer <admin_jwt>" \
-d '{
"name": "Sensitive Data Access",
"applies_to": ["agents", "mcp_servers"],
"conditions": {
"$or": [
{"data_category": "pii"},
{"data_category": "financial"},
{"data_category": "health"}
]
},
"action": "REQUIRE_APPROVAL",
"approval_level": 3,
"audit_retention_days": 2555
}'
Policy Evaluation Order
1. Deny policies (highest priority)
2. Server-specific policies
3. Tool-specific policies
4. Trust level defaults
5. Global defaults
Risk Modifiers
Configure MCP Risk Scoring
curl -X PUT "https://pilot.owkai.app/api/mcp/risk-config" \
-H "Authorization: Bearer <admin_jwt>" \
-d '{
"tool_modifiers": {
"execute": 50,
"write_*": 30,
"delete_*": 40,
"read_*": 5,
"search": 0
},
"server_modifiers": {
"sandbox": 30,
"restricted": 15,
"trusted": 0
},
"parameter_modifiers": {
"contains_pii": 25,
"external_destination": 20,
"bulk_operation": 15
}
}'
Policy Templates
Apply Security Template
curl -X POST "https://pilot.owkai.app/api/mcp/policies/templates/security-strict/apply" \
-H "Authorization: Bearer <admin_jwt>"
Security-Strict Template:
- All write operations require approval
- Execute tools blocked by default
- External server requests denied
- Full audit logging
Available Templates
| Template | Description |
|---|---|
security-strict | Maximum restrictions |
security-standard | Balanced security |
development | Relaxed for dev/test |
compliance-hipaa | HIPAA-compliant settings |
compliance-pci | PCI-DSS compliant settings |
Conditional Policies
Time-Based Restrictions
curl -X POST "https://pilot.owkai.app/api/mcp/policies" \
-H "Authorization: Bearer <admin_jwt>" \
-d '{
"name": "After Hours Restrictions",
"conditions": {
"time_of_day": {"$gte": "18:00", "$lte": "08:00"},
"day_of_week": {"$nin": ["saturday", "sunday"]}
},
"action": "REQUIRE_APPROVAL",
"approval_level": 3
}'
Parameter-Based Policies
curl -X POST "https://pilot.owkai.app/api/mcp/policies" \
-H "Authorization: Bearer <admin_jwt>" \
-d '{
"name": "Large Data Export Approval",
"tool_pattern": "export_*",
"conditions": {
"parameters.row_count": {"$gte": 10000}
},
"action": "REQUIRE_APPROVAL",
"approval_level": 2
}'
Policy Testing
Test Policy Against Request
curl -X POST "https://pilot.owkai.app/api/mcp/policies/test" \
-H "Authorization: Bearer <admin_jwt>" \
-d '{
"server_id": "external_api_server",
"tool_name": "write_file",
"parameters": {
"path": "/sensitive/data.json",
"content": "test"
},
"agent_id": "test_agent"
}'
Response:
{
"decision": "REQUIRE_APPROVAL",
"matched_policies": [
{
"policy_id": "pol_mcp_001",
"name": "File Write Approval",
"priority": 100
}
],
"risk_score": 65,
"risk_factors": [
{"name": "write_operation", "score": 30},
{"name": "sensitive_path", "score": 25},
{"name": "restricted_server", "score": 10}
]
}
Audit & Monitoring
MCP Activity Logs
curl "https://pilot.owkai.app/api/mcp/audit?server_id=external_api&days=7" \
-H "Authorization: Bearer <admin_jwt>"
Response:
{
"logs": [
{
"timestamp": "2025-12-15T10:30:00Z",
"server_id": "external_api",
"tool_name": "search",
"agent_id": "research_agent",
"decision": "approved",
"risk_score": 15,
"response_time_ms": 45
}
],
"statistics": {
"total_requests": 150,
"approved": 145,
"denied": 5,
"avg_risk_score": 22
}
}
Best Practices
1. Start Restrictive
Begin with sandbox trust level and restrictive policies, then relax as confidence grows.
2. Use Specific Patterns
Prefer specific tool patterns over wildcards:
# Better
"tool_pattern": "write_database"
# Less precise
"tool_pattern": "write_*"
3. Layer Policies
Combine server, tool, and parameter policies for defense in depth.
4. Monitor and Adjust
Review audit logs regularly and adjust policies based on actual usage patterns.
Next Steps
- MCP Overview - MCP governance basics
- Server Registration - Register MCP servers
- Smart Rules - General policy configuration
Document Version: 1.0.0 | Last Updated: December 2025