Skip to content

AppimateSA/mcp-server

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
src
src
 
 
.gitignore
.gitignore
 
 
HTTP_CLIENT_SETUP.md
HTTP_CLIENT_SETUP.md
 
 
README.md
README.md
 
 
package.json
package.json
 
 
tsconfig.json
tsconfig.json
 
 

Repository files navigation

Appimate Business MCP Server

Production-grade Model Context Protocol (MCP) server for the Appimate Business dashboard AI assistant.

Features

  • Resource-First Architecture: Entities exposed as addressable resources
  • Zero Trust Security: Token-based authentication, query normalization, cost limits
  • ABAC Permissions: Field-level and entity-level access control
  • Query Normalization: AI proposes, server decides - deterministic execution
  • Mutation Guardrails: Confirmation tokens and 2-step flows for critical operations

Architecture

  • Resources: Schema, enum maps, and permissions exposed as read-only resources
  • Tools: Generic query_entity, restore_entity, export_entity tools
  • Security Layers: Query normalization, cost model, token verification, mutation policies

Usage

# Development
npm run dev

# Production
npm run build
npm start

Configuration

The server requires a signed JWT token in the MCP initialize request. The token must contain:

  • userId: User ID
  • orgId: Organization ID
  • sessionData: User session data

Security

  • Session identity derived from signed tokens (zero trust)
  • Query normalization prevents AI exploits
  • Field-level permissions in resources
  • Cost model enforces limits
  • Mutation guardrails with confirmation tokens

About

No description, website, or topics provided.

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages