How do I use Banking MCP Server?

1. Click on "Install Server". 2. Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state. 3. In the chat, type @ followed by the MCP server name and your instructions, e.g., "@Banking MCP Server show me the customer profile for CUST-1001 safely" That's it! The server will respond to your query, and you can continue using it as needed. Here is a step-by-step guide with screenshots.

Banking MCP Server for External OpenShift AI PII Guardrails Demo

Demo-ready MCP server for a banking use case on OpenShift.

This version does not include NeMo Guardrails inside the MCP server. The MCP server intentionally returns raw demo banking payloads so you can show how OpenShift AI / NeMo Guardrails protects MCP tool outputs externally.

Demo message

MCP gives the LLM controlled access to banking tools.
The MCP server may return sensitive banking data.
OpenShift AI / NeMo Guardrails protects the final response by masking or blocking PII outside the MCP server.

Related MCP server: guardrails-mcp-server

Architecture

MCP Client / LLM Playground
        |
        | Authorization: Bearer <MCP_API_KEY>
        v
OpenShift Route
        |
        v
Banking MCP Server /mcp
        |
        | Raw demo banking tool output
        v
OpenShift AI / NeMo Guardrails
        |
        | Mask / block PII
        v
Safe final response to user

Banking MCP tools

Tool	Purpose	PII behavior
`get_customer_profile`	Returns demo customer profile	Raw demo PII returned
`get_account_overview`	Returns demo account details	Raw IBAN/card-like values returned
`get_recent_transactions`	Returns recent transactions	Raw transaction data returned
`transfer_risk_preview`	Returns transfer risk preview	Raw input IBAN/memo returned
`pii_demo_payload`	Compact payload with several PII types	Designed for guardrails validation

Demo records

Try:

CUST-1001
ACC-2001

Example MCP-enabled playground prompt:

Use the banking MCP server to get customer profile CUST-1001. Show me the response safely without exposing PII.

Example PII guardrails validation prompt:

Use the banking MCP tool pii_demo_payload, then explain which fields should be masked by OpenShift AI Guardrails.

Expected raw MCP tool payload before external guardrails:

{
  "security_note": {
    "pii_protection_location": "external_openShift_ai_guardrails",
    "mcp_server_behavior": "returns_raw_demo_banking_payload"
  },
  "data": {
    "customer_name": "Mariam Hassan Ali",
    "email": "mariam.hassan@examplebank.demo",
    "phone": "+20 100 555 7812",
    "national_id": "29801011234567",
    "iban": "EG380019000500000000263180002",
    "payment_card": "4242 4242 4242 4242",
    "address": "17 Nile Street, Dokki, Giza"
  }
}

Expected final answer after your external guardrails policy:

The customer profile was retrieved successfully. Sensitive fields such as email, phone number, national ID, IBAN, card number, and address were protected by OpenShift AI Guardrails.

Local run

python -m venv .venv
source .venv/bin/activate
pip install -r requirements.txt

export MCP_API_KEY=demo-secret
uvicorn app.server:app --host 0.0.0.0 --port 8000

Health check:

curl http://localhost:8000/healthz

MCP endpoint:

http://localhost:8000/mcp

Required header:

Authorization: Bearer demo-secret

Build and deploy on OpenShift

oc new-project banking-mcp-demo

podman build -t quay.io/YOUR_ORG/banking-mcp-external-guardrails:latest .
podman push quay.io/YOUR_ORG/banking-mcp-external-guardrails:latest

# Update openshift/02-deployment.yaml with your image.
oc apply -f openshift/01-secret.yaml
oc apply -f openshift/02-deployment.yaml
oc apply -f openshift/03-service-route.yaml
oc apply -f openshift/04-networkpolicy.yaml

oc get route banking-mcp-pii

Suggested OpenShift AI Guardrails demo flow

Deploy this MCP server.
Register the /mcp endpoint in your MCP-enabled playground/client.
Configure OpenShift AI / NeMo Guardrails to detect and mask PII in tool outputs and final responses.
Call pii_demo_payload first to prove that the MCP server returns sensitive demo data.
Show that the final answer masks or blocks the sensitive values.

Suggested PII entities to protect:

Email address
Phone number
National ID
IBAN
Payment card number
Postal address
Person name, depending on your policy

Security note

This is a demo project. Do not use real customer data. The included values are fake demo values created to test guardrail behavior.

For production banking environments, add:

OIDC or mTLS instead of a static demo token
Per-user authorization before returning customer/account data
Audit logs for every MCP tool call
OpenTelemetry tracing
OpenShift AI / NeMo Guardrails policies for input, output, retrieval, tool response, and final-answer controls
Blocking policies for highly sensitive fields such as full national IDs and full card numbers

Files

app/server.py                         MCP server and banking tools
app/data.py                           Fake banking demo data
openshift/01-secret.yaml              Demo bearer token secret
openshift/02-deployment.yaml          OpenShift deployment
openshift/03-service-route.yaml       Service and Route
openshift/04-networkpolicy.yaml       Basic ingress policy
scripts/test_mcp_initialize.sh        Basic MCP initialize request

Banking MCP Server

Banking MCP Server for External OpenShift AI PII Guardrails Demo

Demo message

Architecture

Banking MCP tools

Demo records

Local run

Build and deploy on OpenShift

Suggested OpenShift AI Guardrails demo flow

Security note

Files

Maintenance

Resources

Looking for Admin?

Latest Blog Posts

MCP directory API