MCP Integrations (Beta)
Connect remote MCP servers to Panther AI
Overview
MCP integrations are in closed beta starting with Panther version 1.120. To request access to this feature, please contact your Panther support team.
Panther AI supports MCP (Model Context Protocol) integrations, allowing you to connect external tools and services directly to Panther AI. With MCP integrations, Panther AI can list and use tools provided by third-party remote MCP servers—such as creating Jira issues, querying PagerDuty incidents, or searching Notion pages—all from within the Panther AI chat experience.
Only remote MCP servers that use OAuth 2.0 authentication and comply with the latest official MCP specification are supported. Local MCP servers are not supported.
When someone adds, updates, or removes an MCP server, it may take up to 10 minutes for the changes to be reflected in Panther AI.
How it works
MCP integrations follow a two-step workflow:
An admin configures which MCP servers are available. A user with MCP write access adds MCP servers to Panther from the MCP catalog, including a Custom MCP Server tile for connecting to any MCP-compatible server by URL. The admin can enable or disable servers at any time.
Each user connects individually. Users with MCP read access can see the servers the admin has configured. Each user then connects to the servers they want to use by completing an OAuth authorization flow with the third-party provider. Once connected, users configure which tools are enabled, blocked, or require approval.
This separation ensures that admins control which integrations are available to the organization, while individual users control their own connections and tool preferences.
Permissions
MCP integrations use two permissions:
MCP Server Modify
Add new MCP servers from the catalog or by URL, edit server details, rotate OAuth credentials, enable or disable servers, and delete servers.
MCP Server Read
View available MCP servers, connect to them via OAuth, disconnect, and configure personal tool settings.
The MCP Server Read permission is included in the default Admin, Analyst, and Analyst Read Only roles. The MCP Server Modify permission is included in the default Admin role and can be explicitly assigned to other roles.
See Role-Based Access Control for more information on updating role permissions.
MCP server catalog
Panther provides a catalog of pre-configured MCP servers that can be added with minimal setup:
Custom MCP Server
(user-provided)
Connect to any MCP-compatible server by entering its URL
When adding a server from the catalog, the server URL is pre-filled. For the Custom MCP Server tile, you provide the server URL manually.
Adding an MCP server
You must have the MCP Server Modify permission to add an MCP server.
In the upper-right corner of your Panther Console, click the gear icon (Settings) > Panther AI.
Navigate to the MCP Servers tab.
Click Add MCP Server.
Choose a server from the catalog. To connect to a server not listed, select the Custom MCP Server tile and enter the server URL.
Fill in the following fields:
Server Name: Enter a name for the server (up to 24 characters, alphanumeric with spaces, underscores, and dashes). The name is used to group and prefix the tools provided by this server inside Panther AI, so choose a name that clearly identifies it.
This is especially important when adding multiple servers of the same type—for example, if you add two GitHub servers, name them Production GitHub and Development GitHub so that their tools are clearly distinguished.
Remote MCP server URL: Pre-filled and non-editable if adding a pre-configured MCP server. Enter the MCP server URL if setting up a custom MCP server.
Only remote MCP servers that use OAuth 2.0 authentication and comply with the latest official MCP specification are supported. Local MCP servers are not supported.
Description (Optional): The description is passed to Panther AI as context whenever it uses this server's tools, so use it to provide details that help the AI make better decisions.
For example, for a Jira server you might write:
Use account ID 123456 and limit actions to the SEC and OPS projects unless otherwise specified.
Click Next. Panther will discover the server's OAuth metadata.
If the server supports automatic registration, no further credentials are needed.
If the server requires manual credentials, you will be prompted to enter an OAuth Client ID and Client Secret. The server's OAuth redirect URL will be displayed for you to use when registering your OAuth application with the provider.
Click Create to add the server.
The server is now available for users with MCP read access to connect to.
Connecting to an MCP server
You must have the MCP Server Read permission to connect to an MCP server.
In the upper-right corner of your Panther Console, click the gear icon (Settings) > Panther AI.
Navigate to the MCP Servers tab.
Find the server you want to connect to and click Connect.
You will be redirected to the third-party provider's OAuth authorization page. Sign in and grant the requested permissions.
After authorization, you will be redirected back to Panther and taken to the tool permissions page for that server.
Each user connects individually with their own OAuth credentials. This means Panther AI performs actions on the external service as the authenticated user, respecting that user's permissions on the provider side.
Configuring tool permissions
After connecting to an MCP server, you can configure how Panther AI uses each tool provided by that server. Navigate to the tool permissions page by clicking Configure on a connected server.
All tools are Blocked by default. You must explicitly enable each tool you want Panther AI to use.
Tool states
Each tool can be set to one of three states:
Always allow
Panther AI can use this tool without prompting for approval.
Needs approval
Panther AI will pause and ask for your approval before using this tool. You can approve or deny each invocation.
Blocked
Panther AI will not use this tool.
Tool categories
Tools are grouped into two categories:
Read-only tools: Tools that only read data (e.g., searching issues, listing pages).
Write/delete tools: Tools that create, modify, or delete data (e.g., creating issues, updating pages). Consider setting these to needs approval to maintain human oversight.
You can set permissions for an entire category at once, or configure individual tools within a category.
Connection status
Each MCP server connection has a status that indicates the health of the connection:
Healthy
The connection is working normally. Panther AI can discover and use tools.
Pending
OAuth authorization was started but not yet completed. Click Connect to complete the flow.
Auth error
The OAuth token has expired or been revoked. Click Reconnect to re-authorize.
Unreachable
The MCP server URL is not reachable. Check the server URL and the provider's status page.
Disabled
An admin has disabled this server. Tools from this server are not available until an admin re-enables it.
Managing MCP servers
Editing a server
On the MCP Servers page, click the options menu (...) on the server row.
Click Edit.
Update the server name, description, or OAuth credentials (for servers with manual registration).
Click Save Changes.
The server URL cannot be changed after creation. To use a different URL, delete the server and create a new one.
Enabling or disabling a server
On the MCP Servers page, click the options menu (...) on the server row.
Click Enable or Disable.
When a server is disabled, it remains visible to users but its tools are not available in Panther AI.
Deleting a server
On the MCP Servers page, click the options menu (...) on the server row.
Click Delete.
Confirm the deletion.
Deleting a server removes it for all users and disconnects all active connections.
Disconnecting from an MCP server
On the MCP Servers page, click the options menu (...) on the server row.
Click Disconnect.
This revokes your OAuth tokens and removes your personal connection. You can reconnect at any time by clicking Connect.
Panther AI capabilities with MCP tools
When MCP servers are connected, Panther AI can:
List available tools: Panther AI is aware of all tools provided by your connected MCP servers and can describe what each tool does.
Use tools during conversations: When you ask Panther AI a question or give it a task, it can invoke MCP tools as needed. For example, if you ask "Create a Jira ticket for this alert," Panther AI will use the Atlassian MCP server's
createJiraIssuetool.Respect tool permissions: Panther AI follows your configured tool states. It will only use tools set to Always allow or Requires approval (with your explicit consent).
Combine MCP tools with built-in tools: Panther AI can use MCP tools alongside its built-in tools in a single workflow. For example, it can triage an alert using built-in tools, then create a PagerDuty incident using an MCP tool.
Security
All OAuth tokens and secrets are encrypted at rest.
MCP tool output is treated as untrusted input by Panther AI.
MCP server configuration changes and tool invocations are recorded in Panther audit logs.
Panther AI performs actions on external services as the authenticated user, respecting that user's permissions on the provider side.
Only HTTPS MCP server URLs are accepted.
Last updated
Was this helpful?