MCP Server Integration¶

This guide explains how to connect external tools to your agents using the Model Context Protocol (MCP).

What is MCP?¶

MCP (Model Context Protocol) is a standard for connecting AI agents to external tools and data sources. With MCP, your agents can:

Access external APIs (GitHub, Jira, Slack)
Query databases
Use custom internal tools
Interact with third-party services

Architecture¶

┌─────────────────────────────────────────────────────────────┐
│                      Your Organization                       │
│                                                              │
│  ┌─────────────┐    ┌─────────────┐    ┌─────────────┐     │
│  │   Agent     │    │   Agent     │    │   Agent     │     │
│  └──────┬──────┘    └──────┬──────┘    └──────┬──────┘     │
│         │                  │                  │             │
│         └──────────────────┼──────────────────┘             │
│                           │                                 │
│                    ┌──────▼──────┐                         │
│                    │ MCP Gateway │                         │
│                    └──────┬──────┘                         │
└───────────────────────────┼─────────────────────────────────┘
                            │
              ┌─────────────┼─────────────┐
              ▼             ▼             ▼
        ┌─────────┐   ┌─────────┐   ┌─────────┐
        │ GitHub  │   │  Jira   │   │  Your   │
        │  MCP    │   │   MCP   │   │   MCP   │
        │ Server  │   │  Server │   │  Server │
        └─────────┘   └─────────┘   └─────────┘

Step 1: Register an MCP Server¶

Via Dashboard¶

Go to Integrations in the sidebar
Click Add MCP Server
Enter connection details:

Field	Description	Example
Name	Display name	"GitHub Production"
URL	MCP server endpoint	`https://github.mcp.example.com`
Auth Type	Authentication method	Bearer Token
Credentials	Authentication credentials	Token or username/password

Click Connect

AG2Trust will: - Connect to the MCP server - Fetch available tools - Display them for approval

Approve Tools¶

Review the available tools and select which ones to enable:

Available Tools from GitHub MCP:
☑ get_repository - Get repository details
☑ list_pull_requests - List PRs in a repository
☑ create_issue - Create a new issue
☐ delete_branch - Delete a branch (restricted)

Tool Approval is Immutable

Once approved, the tool list is locked. To change tools, create a new MCP server registration.

Step 2: Assign MCP Server to Team¶

MCP servers must be assigned to teams before agents can use them:

Go to Teams
Select your team
Click Settings > Integrations
Click Add MCP Server
Select the MCP server to attach
Grant access to specific agent types

Access Model¶

MCP Server: GitHub Production
    │
    ├── Team: Engineering
    │   ├── Agent Type: Code Reviewer ✓
    │   └── Agent Type: DevOps Bot ✓
    │
    └── Team: Support
        └── Agent Type: Support Agent ✗ (not granted)

Step 3: Use MCP Tools in Agents¶

Once configured, agents can call MCP tools:

Agent Tool Call¶

# Inside agent's tool execution
result = call_mcp(
    server="github-production",
    tool="list_pull_requests",
    params={
        "repository": "acme/webapp",
        "state": "open"
    }
)

Example Conversation¶

User: What PRs are open on the webapp repo?

Agent: Let me check the open pull requests.

[Agent calls: call_mcp(server="github", tool="list_pull_requests")]

Agent: There are 3 open PRs on acme/webapp:
1. #142 - "Add dark mode" by @alice
2. #141 - "Fix login bug" by @bob
3. #139 - "Update dependencies" by @carol

MCP Server Types¶

Public MCP Servers¶

Pre-built servers for common services:

Service	Tools	Setup
GitHub	PRs, Issues, Repos	API token
Jira	Issues, Projects	API token
Slack	Messages, Channels	OAuth
Google Drive	Files, Folders	OAuth

Custom MCP Servers¶

Build your own MCP server for internal tools:

# Example custom MCP server
from mcp import Server, Tool

server = Server("internal-tools")

@server.tool("get_customer_data")
async def get_customer_data(customer_id: str):
    """Retrieve customer information from internal database."""
    # Your implementation
    return customer_data

@server.tool("update_order_status")
async def update_order_status(order_id: str, status: str):
    """Update order status in the system."""
    # Your implementation
    return {"success": True}

Security Considerations¶

Credential Storage¶

MCP server credentials are: - Encrypted with AWS KMS (AES-256-GCM) - Never stored in plain text - Decrypted only when proxying requests

Access Control¶

Layer	Control
MCP Server	Customer-level registration
Team	Which teams can access server
Agent Type	Which agent types within team
Tools	Which tools are approved

Audit Logging¶

All MCP tool calls are logged: - Server accessed - Tool called - Parameters (PII redacted) - Success/failure

Troubleshooting¶

"MCP server unreachable"¶

Check server URL is correct
Verify server is running
Check firewall allows AG2Trust IPs
Test connection manually

"Tool not found"¶

Verify tool is in approved list
Check tool name spelling
Re-fetch tools from server

"Permission denied"¶

Check team has server attached
Verify agent type is granted access
Confirm tool is in approved list

Example: GitHub Integration¶

1. Register GitHub MCP Server¶

Name: GitHub Production
URL: https://mcp.github.com/v1
Auth: Bearer Token
Token: ghp_xxxxxxxxxxxx

2. Approve Tools¶

Select tools: - get_repository - list_pull_requests - get_pull_request - create_issue - add_comment

3. Assign to Team¶

Attach to "Engineering" team, grant access to "Code Reviewer" agent type.

4. Create Agent¶

Create an agent with system prompt:

You are a code review assistant. You can:
- List open PRs using GitHub tools
- Get PR details including changed files
- Create issues for follow-up items
- Add comments on PRs

When reviewing code:
1. Get the PR details
2. Analyze the changes
3. Provide constructive feedback
4. Create issues for significant concerns

5. Test¶

User: Review PR #142 on acme/webapp

Agent: I'll review that pull request for you.

[Calls: call_mcp(server="github", tool="get_pull_request", params={"repo": "acme/webapp", "number": 142})]

Agent: I've reviewed PR #142 "Add dark mode" by @alice.

**Changes Overview:**
- 15 files changed
- +500 lines, -100 lines

**Feedback:**
1. Good implementation of theme switching
2. Consider memoizing the theme context
3. CSS variables look well organized

[Calls: call_mcp(server="github", tool="add_comment", params={...})]

Agent: I've added my review comments to the PR.

Best Practices¶

1. Principle of Least Privilege¶

Only approve tools agents actually need:

# Good - minimal tools
☑ get_repository
☑ list_pull_requests
☐ delete_repository  # Not needed

# Bad - everything approved
☑ get_repository
☑ list_pull_requests
☑ delete_repository  # Dangerous!

2. Separate Servers per Environment¶

MCP Servers:
├── github-production (prod credentials)
├── github-staging (staging credentials)
└── github-dev (dev credentials)

3. Monitor Tool Usage¶

Review audit logs for: - Unexpected tool calls - High frequency usage - Failed calls

4. Test in Staging First¶

Register server in staging team
Test with staging agents
Verify correct behavior
Promote to production team

Next Steps¶

Agent Types - Configure capabilities
Teams - Organize agents
Security Model - Security details