Skip to main content
Glama
deenesjakoruzh
ARKALDA

hejdar-mcp

by ARKALDA
OverviewSchemaRelated ServersScoreDiscussions
Python
Remote

hejdar-mcp

MCP server for Hejdar — runtime policy enforcement for AI agents.

This server exposes hejdar_evaluate as an MCP tool. Any MCP-compatible agent (Claude, ChatGPT, Cursor, custom) can call it to check whether an action is permitted by organizational policy before executing it.

The MCP server is a thin wrapper around the Hejdar API (POST /v1/evaluate). It contains no policy logic — all decisions come from your Hejdar organization's configured policies.

Quick Start

1. Install

pip install hejdar-mcp

Or run directly with uvx:

uvx hejdar-mcp

2. Get your API key

Sign up at app.hejdar.com and create an API key in Settings → API Keys.

3. Configure your MCP client

Claude Desktop

Add to your Claude Desktop config (~/Library/Application Support/Claude/claude_desktop_config.json on macOS, %APPDATA%\Claude\claude_desktop_config.json on Windows):

{
  "mcpServers": {
    "hejdar": {
      "command": "uvx",
      "args": ["hejdar-mcp"],
      "env": {
        "HEJDAR_API_KEY": "hejdar_sk_your_key_here"
      }
    }
  }
}

Claude Code

Add to your Claude Code MCP settings:

{
  "mcpServers": {
    "hejdar": {
      "command": "uvx",
      "args": ["hejdar-mcp"],
      "env": {
        "HEJDAR_API_KEY": "hejdar_sk_your_key_here"
      }
    }
  }
}

Direct (stdio)

export HEJDAR_API_KEY=hejdar_sk_your_key_here
hejdar-mcp

Getting Started

  1. Install: pip install hejdar-mcp or uvx hejdar-mcp

  2. Get an API key — contact us at hello@hejdar.com or visit hejdar.com

  3. Configure your MCP client (see configuration example above)

Tool: hejdar_evaluate

Evaluate an agent action against your organization's security policies.

Input:

Parameter

Type

Required

Description

action_type

string

Yes

READ, WRITE, DELETE, TRANSFER, or EXECUTE

resource

string

Yes

Target resource, e.g. customer_database

agent_name

string

No

Name of the calling agent, e.g. hr-assistant

context

object

No

Free-form metadata (department, user_id, reason, etc.)

Output:

{
  "decision": "DENY",
  "policy_id": "pol_abc123",
  "reason": "Deletion of customer data requires manager approval",
  "risk_level": "HIGH"
}

decision is one of: ALLOW, DENY, WOULD_DENY.

System Prompt Pattern

For best results, add this to your agent's system prompt:

You have access to the hejdar_evaluate tool. Before performing any action
that reads, writes, deletes, transfers data, or executes commands on
external systems, you MUST call hejdar_evaluate first.

If hejdar_evaluate returns DENY or WOULD_DENY, do NOT proceed with the
action. Instead, inform the user that the action was blocked by policy
and include the reason provided.

Environment Variables

Variable

Required

Default

Description

HEJDAR_API_KEY

Yes

Your Hejdar API key

HEJDAR_API_URL

No

https://api.hejdar.com

API base URL (for self-hosted)

Security

  • API key is read from environment variables only — never hardcoded or exposed in tool I/O

  • All inputs are validated and sanitized before forwarding to the API

  • Error responses never leak internal details, API keys, or stack traces

  • All API calls enforce TLS

Development

git clone https://github.com/ARKALDA/hejdar-mcp.git
cd hejdar-mcp
pip install -e ".[dev]"
pytest

License

MIT

Install Server
A
license - permissive license
A
quality
C
maintenance

How are these scores calculated?

Resources

Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/ARKALDA/hejdar-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server