MCP server
MCP server
Section titled “MCP server”The MCP server is TapPass's control plane, exposed as a Model Context Protocol server.
An operator points their MCP host (Claude Code, Cursor, custom agent, …) at it and configures TapPass through tool calls instead of clicking the Admin UI or running shell commands.
This is the path to a headless TapPass: every action that today requires the UI eventually has an MCP tool. "Add an OPA rule that denies tool X for project Y" becomes a single tool call.
At a glance
Section titled “At a glance”| Speaks | Model Context Protocol (stdio + SSE transports) |
| Exposes | tools (mutations) + resources (read-only) covering the full control-plane API |
| Auth | session token (operator SSO) or scoped admin API key |
| Where it lives | tappass-mcp (planned package) — wraps the existing /api/v1/admin/* routes |
| Status | future |
What it exposes
Section titled “What it exposes”The MCP server projects the existing control-plane routes as MCP primitives:
| Surface | MCP primitive | Examples |
|---|---|---|
| Mutations | tool | create_agent, update_pipeline, add_policy_rule, attach_check_pack, revoke_session, rotate_api_key |
| Reads | resource | list_agents, get_pipeline, get_compiled_policy, get_audit_trail |
| Wizards | prompt | onboard_team, setup_compliance_pack, dry_run_policy_change |
A pull request to the TapPass server that adds a control-plane route should also expose the equivalent MCP tool — same review, same release.
Why this concept exists
Section titled “Why this concept exists”Three drivers:
- Headless ambition. The product vision is to grow toward CLI + MCP-led configuration, with the UI as the on-ramp rather than the long-term primary surface.
- Operators who live in their IDE. Many TapPass operators are platform engineers who prefer to drive infrastructure from Claude Code or Cursor, not a separate browser tab.
- Agentic loops over governance. The Agentic CLI needs a tool surface to drive. The MCP server is that surface.
Surfaces
Section titled “Surfaces”| Persona | Surface | What they do |
|---|---|---|
| Operator | Claude Code with tappass-mcp registered | "Show me agents on project X with no compliance pack attached" → resource read; "Attach NIST AI RMF pack to all of them" → tool calls |
| Operator | Cursor + MCP integration | Same flows from a different host |
| Custom agent | Direct MCP client | Programmatic governance ops in agent loops (e.g., self-onboarding) |
Lifecycle
Section titled “Lifecycle”[install] Operator runs `tappass mcp install` → writes ~/.claude/mcp.json entry ↓[auth] First call exchanges session/SSO token for a scoped MCP session ↓[discover] Host (Claude Code) lists available tools + resources ↓[use] Operator + agent loop drive TapPass via tool calls ↓[audit] Every mutation emits an audit row, same as the UI / admin APIRelated concepts
Section titled “Related concepts”- wraps → existing control-plane API (the same routes the Admin UI uses)
- enables ↑ Agentic CLI — gives the LLM-driven config loop a tool surface
- complementary to ↔ SDK (admin) — same operations, different surface
- emits → Audit log — every mutation recorded