# MCP Integrations (Beta) ## Overview {% hint style="info" %} MCP integrations are in open beta starting with Panther version 1.120, and is available to all customers with Panther AI. Please share any bug reports and feature requests with your Panther support team. {% endhint %} Panther AI supports MCP (Model Context Protocol) integrations, allowing you to connect external tools and services directly to Panther AI. With MCP integrations, Panther AI can list and use tools provided by third-party remote MCP servers—such as creating Jira issues, querying PagerDuty incidents, or searching Notion pages—all from within the Panther AI chat experience. Only **remote** MCP servers that use **OAuth 2.0 authentication** and comply with the [latest official MCP specification](https://modelcontextprotocol.io/) are supported. Local MCP servers are not supported. {% hint style="warning" %} When someone adds, updates, or removes an MCP server, it may take up to 10 minutes for the changes to be reflected in Panther AI. {% endhint %} ## How it works MCP integrations follow a two-step workflow: 1. **An admin configures which MCP servers are available.** A user with the **Manage MCP Servers** permission adds MCP servers to Panther from the MCP catalog, including a **Custom MCP Server** tile for connecting to any MCP-compatible server by URL. The admin can enable or disable servers at any time. 2. **Each user connects individually.** Users with the **View & Connect to MCP Servers** permission can see the servers the admin has configured. Each user then connects to the servers they want to use by completing an OAuth authorization flow with the third-party provider. Once connected, users configure which tools are enabled, blocked, or require approval. This separation ensures that admins control which integrations are available to the organization, while individual users control their own connections and tool preferences. ## Permissions MCP integrations use two permissions in the **Panther AI** permission group: | Permission | Description | | --------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | **Manage MCP Servers** | Allows the creation, modification, and deletion of MCP server integrations. This includes discovering, creating, updating, and deleting servers, as well as all actions available to **View & Connect to MCP Servers**. | | **View & Connect to MCP Servers** | Allows viewing and connecting to configured MCP server integrations. This includes viewing existing servers, connecting via OAuth, disconnecting, and configuring personal tool settings. | {% hint style="info" %} **View & Connect to MCP Servers** is included in the default **Admin**, **Analyst**, and **Analyst Read Only** roles. **Manage MCP Servers** is included in the default **Admin** role only. See [Role-Based Access Control](https://docs.panther.com/system-configuration/rbac) for more information on managing role permissions. If you have custom roles that need access to MCP server features, you must [update those roles](https://docs.panther.com/system-configuration/rbac#update-a-roles-permissions) to add the appropriate permissions. {% endhint %} ## MCP server catalog Panther provides a catalog of pre-configured MCP servers that can be added with minimal setup: | Server | URL | Description | | ------------------------------------------------------------------------------ | ----------------------------------- | -------------------------------------------------------- | | [Atlassian](https://docs.panther.com/ai/mcp-integrations/atlassian-mcp-server) | `https://mcp.atlassian.com/v1/mcp` | Jira, Confluence, and Compass tools | | [GitHub](https://docs.panther.com/ai/mcp-integrations/github-mcp-server) | `https://api.githubcopilot.com/mcp` | Repository, issue, PR, and Actions tools | | [Notion](https://docs.panther.com/ai/mcp-integrations/notion-mcp-server) | `https://mcp.notion.com/mcp` | Page, database, and workspace tools | | [PagerDuty](https://docs.panther.com/ai/mcp-integrations/pagerduty-mcp-server) | `https://mcp.pagerduty.com/mcp` | Incident, service, and schedule tools | | [Slack](https://docs.panther.com/ai/mcp-integrations/slack-mcp-server) | `https://mcp.slack.com/mcp` | Message, channel, canvas, and user tools | | Custom MCP Server | *(user-provided)* | Connect to any MCP-compatible server by entering its URL | When adding a server from the catalog, the server URL is pre-filled. For the **Custom MCP Server** tile, you provide the server URL manually. ## Adding an MCP server {% hint style="info" %} You must have the **Manage MCP Servers** permission to add an MCP server. {% endhint %} 1. In the upper-right corner of your Panther Console, click the gear icon (**Settings**) > **Panther AI**. 2. Navigate to the **MCP Servers** tab. 3. Click **Add MCP Server**. 4. Choose a server from the catalog. To connect to a server not listed, select the **Custom MCP Server** tile and enter the server URL. 5. Fill in the following fields: 1. **Server Name**: Enter a name for the server (up to 24 characters, alphanumeric with spaces, underscores, and dashes). The name is used to group and prefix the tools provided by this server inside Panther AI, so choose a name that clearly identifies it. * This is especially important when adding multiple servers of the same type—for example, if you add two GitHub servers, name them **Production GitHub** and **Development GitHub** so that their tools are clearly distinguished. 2. **Remote MCP server URL**: Pre-filled and non-editable if adding a [pre-configured MCP server](#mcp-server-catalog). Enter the MCP server URL if setting up a custom MCP server. * Only remote MCP servers that use OAuth 2.0 authentication and comply with the [latest official MCP specification](https://modelcontextprotocol.io/) are supported. Local MCP servers are not supported. 3. **Description** (Optional): The description is passed to Panther AI as context whenever it uses this server's tools, so use it to provide details that help the AI make better decisions. * For example, for a Jira server you might write: `Use account ID 123456 and limit actions to the SEC and OPS projects unless otherwise specified.` 6. Click **Next**. Panther will discover the server's OAuth metadata. * If the server supports automatic registration, no further credentials are needed. * If the server requires manual credentials, you will be prompted to enter an **OAuth Client ID** and **Client Secret**. The server's OAuth redirect URL will be displayed for you to use when registering your OAuth application with the provider. 7. Click **Create** to add the server. The server is now available for users with the **View & Connect to MCP Servers** permission to connect to. ## Connecting to an MCP server {% hint style="info" %} You must have the **View & Connect to MCP Servers** permission to connect to an MCP server. {% endhint %} 1. In the upper-right corner of your Panther Console, click the gear icon (**Settings**) > **Panther AI**. 2. Navigate to the **MCP Servers** tab. 3. Find the server you want to connect to and click **Connect**. 4. You will be redirected to the third-party provider's OAuth authorization page. Sign in and grant the requested permissions. 5. After authorization, you will be redirected back to Panther and taken to the tool permissions page for that server. Each user connects individually with their own OAuth credentials. This means Panther AI performs actions on the external service as the authenticated user, respecting that user's permissions on the provider side. ## Configuring tool permissions After connecting to an MCP server, you can configure how Panther AI uses each tool provided by that server. Navigate to the tool permissions page by clicking **Configure** on a connected server. All tools are **Blocked** by default. You must explicitly enable each tool you want Panther AI to use. ### Tool states Each tool can be set to one of three states: | State | Description | | ------------------ | ---------------------------------------------------------------------------------------------------------------- | | **Always allow** | Panther AI can use this tool without prompting for approval. | | **Needs approval** | Panther AI will pause and ask for your approval before using this tool. You can approve or deny each invocation. | | **Blocked** | Panther AI will not use this tool. | ### Tool categories Tools are grouped into two categories: * **Read-only tools**: Tools that only read data (e.g., searching issues, listing pages). * **Write/delete tools**: Tools that create, modify, or delete data (e.g., creating issues, updating pages). Consider setting these to **needs approval** to maintain human oversight. You can set permissions for an entire category at once, or configure individual tools within a category. ## Connection status Each MCP server connection has a status that indicates the health of the connection: | Status | Description | | --------------- | --------------------------------------------------------------------------------------------------------- | | **Healthy** | The connection is working normally. Panther AI can discover and use tools. | | **Pending** | OAuth authorization was started but not yet completed. Click **Connect** to complete the flow. | | **Auth error** | The OAuth token has expired or been revoked. Click **Reconnect** to re-authorize. | | **Unreachable** | The MCP server URL is not reachable. Check the server URL and the provider's status page. | | **Disabled** | An admin has disabled this server. Tools from this server are not available until an admin re-enables it. | ## Managing MCP servers ### Editing a server 1. On the MCP Servers page, click the options menu (**...**) on the server row. 2. Click **Edit**. 3. Update the server name, description, or OAuth credentials (for servers with manual registration). 4. Click **Save Changes**. {% hint style="info" %} The server URL cannot be changed after creation. To use a different URL, delete the server and create a new one. {% endhint %} ### Enabling or disabling a server 1. On the MCP Servers page, click the options menu (**...**) on the server row. 2. Click **Enable** or **Disable**. When a server is disabled, it remains visible to users but its tools are not available in Panther AI. ### Deleting a server 1. On the MCP Servers page, click the options menu (**...**) on the server row. 2. Click **Delete**. 3. Confirm the deletion. Deleting a server removes it for all users and disconnects all active connections. ### Disconnecting from an MCP server 1. On the MCP Servers page, click the options menu (**...**) on the server row. 2. Click **Disconnect**. This revokes your OAuth tokens and removes your personal connection. You can reconnect at any time by clicking **Connect**. ## Panther AI capabilities with MCP tools When MCP servers are connected, Panther AI can: * **List available tools**: Panther AI is aware of all tools provided by your connected MCP servers and can describe what each tool does. * **Use tools during conversations**: When you ask Panther AI a question or give it a task, it can invoke MCP tools as needed. For example, if you ask "Create a Jira ticket for this alert," Panther AI will use the Atlassian MCP server's `createJiraIssue` tool. * **Respect tool permissions**: Panther AI follows your configured tool states. It will only use tools set to **Always allow** or **Requires approval** (with your explicit consent). * **Combine MCP tools with built-in tools**: Panther AI can use MCP tools alongside its built-in tools in a single workflow. For example, it can triage an alert using built-in tools, then create a PagerDuty incident using an MCP tool. ## Security * All OAuth tokens and secrets are encrypted at rest. * MCP tool output is treated as untrusted input by Panther AI. * MCP server configuration changes and tool invocations are recorded in Panther audit logs. * Panther AI performs actions on external services as the authenticated user, respecting that user's permissions on the provider side. * Only HTTPS MCP server URLs are accepted.