Skip to main content
Glama
AtlaSent-Systems-Inc

atlasent-mcp

Official

Server Configuration

Describes the environment variables required to run the server.

NameRequiredDescriptionDefault
ATLASENT_MODENoForce 'local' or 'remote' modeauto-detect
ATLASENT_API_KEYNoBearer token for the hosted API (required for remote mode)
ATLASENT_ANON_KEYNoOptional x-anon-key header
ATLASENT_BASE_URLNoAtlaSent API base URLhttps://api.atlasent.io/functions/v1
ATLASENT_MCP_READONLYNoIf '1' or 'true', skip registration of mutating tools
ATLASENT_MCP_RATE_LIMITNoPer-tool calls per minute600

Capabilities

Features and capabilities supported by this server

CapabilityDetails
tools
{
  "listChanged": true
}

Tools

Functions exposed to the LLM to take actions

NameDescription
evaluateA

Call this BEFORE performing any sensitive action. Returns a Decision: allow (use the permit_token and proceed), deny (you MUST NOT proceed), or hold (action is queued for human review — do not proceed, inform the user).

verify_permitA

Call this AFTER completing an authorized action. Confirms the permit issued by evaluate is still valid. Outcome is verified, expired, invalid, or error. If valid is false, the action should be flagged for review.

deploy_serviceA

Example protected tool. Every call is authorized by AtlaSent BEFORE the deploy runs. Denied or held calls are blocked and never touch the target system. On allow, the deploy executes and a permit_token is returned.

atlasent_evaluateA

Evaluate an action against your published AtlaSent policies. Returns allow/deny/hold/escalate with a permitToken on allow. Use this when ATLASENT_MODE=remote and you need to gate an action against your hosted policy engine.

atlasent_list_policiesA

List all constraint bundles / policies for this organization.

atlasent_get_policyA

Retrieve a single constraint bundle / policy by ID.

atlasent_list_audit_eventsB

Retrieve recent evaluation events from the audit log.

atlasent_create_policyA

Create a new constraint bundle for an action. The bundle starts in 'draft' status — call update_policy to publish it.

atlasent_update_policyA

Update a constraint bundle — change rules, title, or publish/archive it. Only fields you provide are updated; omitted fields are unchanged.

atlasent_delete_policyA

Permanently delete a constraint bundle. Prefer archiving over deleting.

atlasent_revoke_permitA

Revoke a permit before it expires. The permit immediately becomes invalid for verify_permit calls.

atlasent_list_permitsA

List issued permit tokens for audit and monitoring.

atlasent_permitA

Manually issue a permit token for an action. Use for pre-authorized operations where a full evaluate call is not practical.

atlasent_verify_permitA

Verify a permit token with full binding inputs against the V1 endpoint. Use this for production verification — under-specified verification is a bypass vector.

atlasent_create_approval_requestA

Create an approval request for a held action. The request ID is returned in the evaluate response when decision is 'hold'. Submit resolution via atlasent_resolve_approval_request.

atlasent_resolve_approval_requestA

Approve or deny an approval request. On approval, the held evaluation may proceed; on denial, it stays blocked.

atlasent_record_execution_evaluationA

Record the outcome of an execution that was permitted by a prior evaluate call. Closes the audit loop with the actual execution result.

atlasent_create_webhookA

Register a webhook URL to receive evaluation events.

atlasent_delete_webhookB

Remove a registered webhook.

atlasent_trajectory_verifyA

Verify that the agent's current execution step is on an authorized trajectory. Call this at each step to ensure the agent has not deviated from the permitted plan. Returns on_trajectory=true to continue or on_trajectory=false (with a deviation reason) to halt. Fail-closed: network errors return on_trajectory=false.

atlasent_lookup_actionA

Look up canonical action specifications from the Authorization Intelligence Library. Returns gate flags (requires_human_approval, requires_mfa, requires_verified_actor, requires_state_snapshot), authorization patterns, risk posture, AI risk classification, regulatory mappings, and evidence requirements for any of the 17 governed action types. Use slug for an exact match (e.g. 'production.deploy') or query for a substring search across slug, display_name, and description. Omit both to list all 17 canonical actions.

atlasent_evaluate_manyA

Evaluate up to 100 actions in a single request against your published AtlaSent policies. Returns decisions in input order. Optional batch_id (UUID) provides idempotency. Closed-by-default: 404 surfaces as a feature_not_enabled error tagged with the v2_batch tenant flag.

atlasent_evaluate_streamA

Evaluate up to 100 actions via the streaming endpoint. The tool buffers the SSE stream and returns the complete result set (same shape as atlasent_evaluate_many). Per-item RPC failures surface in the items array with { error }; the stream continues. Closed-by-default: 404 surfaces as a feature_not_enabled error tagged with the v2_streaming tenant flag.

atlasent_queryA

Run a read-only GraphQL query against the AtlaSent V2 GraphQL endpoint. Wave A schema: recentEvaluations(limit), activeBundle. Body limit 1MB, depth limit 8, one operation per request (enforced server-side). Closed-by-default: 404 surfaces as a feature_not_enabled error tagged with the v2_graphql tenant flag.

atlasent_list_scim_usersA

List provisioned users via SCIM 2.0 (RFC 7643) for an organization. Supports filter expressions (e.g. 'userName eq "alice"') and startIndex/count pagination.

atlasent_get_scim_userA

Retrieve a single provisioned SCIM user by ID.

atlasent_create_scim_userA

Provision a new user via SCIM 2.0. Adds the user to the AtlaSent directory and makes them available for policy evaluation.

atlasent_patch_scim_userA

Update a provisioned user using RFC 7644 SCIM PatchOp operations. Each operation has op (add/remove/replace), an optional path, and a value.

atlasent_delete_scim_userA

Deprovision a SCIM user. Removes them from the AtlaSent directory. This is irreversible — prefer disabling (patch active=false) over deleting.

atlasent_list_scim_groupsB

List provisioned groups via SCIM 2.0 for an organization.

atlasent_get_siem_configA

Retrieve the SIEM export configuration for an organization. Enterprise plan required. The credential field is never returned.

atlasent_upsert_siem_configA

Create or update the SIEM export configuration for an organization. Enterprise plan required. destinationUrl must be HTTPS. The credential field is stored securely and never returned by GET.

atlasent_test_siem_deliveryA

Send a test event to the configured SIEM destination and report the result. Returns { success, statusCode, durationMs, error? }. Returns 409 if SIEM is not configured or is disabled.

atlasent_list_evidence_exportsA

List compliance evidence bundles for an organization. Enterprise plan required. Each record includes status and SHA-256 hash.

atlasent_get_evidence_exportA

Retrieve a specific compliance evidence bundle by ID. Includes status, SHA-256 hash for tamper verification, and download URL when complete.

atlasent_create_evidence_exportA

Generate a compliance evidence bundle for audit regimes (SOC 2 Type II, HIPAA, GDPR). Enterprise plan required. Returns SHA-256 for tamper verification. Default window is the past 90 days; use date_from/date_to to narrow it.

atlasent_vqp_generateB

Score a constraint bundle against the 6 VQP criteria (access_control CC6.1, audit_coverage CC7.2, escalation_paths CC7.4, deny_specificity CC8.1, hold_conditions CC6.3, override_governance CC5.2). Stores a tamper-evident snapshot with a SHA-256 prompt_hash in vqp_snapshots. Verdicts: qualified (≥85, no fails), conditionally_qualified (≥60), not_qualified. Requires ATLASENT_SUPABASE_URL and ATLASENT_SUPABASE_SERVICE_ROLE_KEY.

atlasent_vqp_verifyA

Re-derive the VQP prompt from current bundle data and verify it matches the stored SHA-256 prompt_hash. Detects tampering (hash_match: false) and optionally re-runs the AI model to detect score drift (score_delta, verdict_changed). Writes a vqp_audit_log row for SOC 2 CC7.2 / 21 CFR Part 11 evidence. Requires ATLASENT_SUPABASE_URL and ATLASENT_SUPABASE_SERVICE_ROLE_KEY.

atlasent_vqp_audit_summaryA

Retrieve a summary of VQP audit activity — hash match rates, drift event counts, and verdict changes — from the BCCAE compliance report. Use for SOC 2 evidence collection and monitoring dashboards.

atlasent_vqp_drift_eventsA

List VQP snapshots where the re-run AI score drifted by ≥10 points or the verdict changed (e.g. qualified → not_qualified). Use for compliance investigation and QA-VQP-002 § 7 deviation reporting.

Prompts

Interactive templates invoked by user choice

NameDescription

No prompts

Resources

Contextual data attached and managed by the client

NameDescription

No resources

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/AtlaSent-Systems-Inc/atlasent-mcp-server'

If you have feedback or need assistance with the MCP directory API, please join our Discord server