# MCP Security and Architecture

### What is the MCP?

The Violet MCP (Model Context Protocol) server lets AI agents — such as Claude, ChatGPT, Copilot, or your own tools — securely access your Violet data through a standardized interface. It acts as a thin, read-only gateway that sits **on top of** the existing Violet API. The MCP does not store any of your data; every request passes through the same API that already protects your information today.

**The MCP server does not host, run, or communicate with any AI model.** It is purely a data-access gateway. The AI model lives entirely on the agent side (managed by your organization or your model provider). The only part of Violet that interacts with an AI model directly is **Violet Chat**, which is a separate, opt-in feature and is not part of the MCP server.

### How it works

```mermaid
flowchart LR
  client["Your AI agent"]
  edge["Secure HTTPS connection"]

  subgraph gov["AWS GovCloud — all Violet infrastructure"]
    direction TB

    mcp["MCP gateway<br/>translates AI tool calls into<br/>Violet API requests"]
    api["Violet API<br/>authentication, permissions,<br/>and tenant isolation"]

    subgraph data["Encrypted data stores"]
      direction LR
      search["Search index<br/>encrypted at rest"]
      database["Primary database<br/>encrypted at rest"]
    end
  end

  client -->|"Encrypted request"| edge
  edge --> mcp
  mcp -->|"Forwards authenticated<br/>requests only"| api
  api -->|"Reads / writes with<br/>full permission checks"| data
```

**Key takeaway:** the MCP is a passthrough layer. It adds no new data storage, no new user accounts, and no new permission model. It simply gives AI tools a structured way to call the same Violet API your team already uses — with all the same security controls in place.

### Data flow — step by step

```mermaid
sequenceDiagram
  autonumber
  actor User as Your AI agent
  participant Edge as Secure HTTPS endpoint

  box AWS GovCloud
    participant MCP as MCP gateway
    participant API as Violet API
    participant Data as Encrypted data stores
  end

  User->>Edge: Sends an authenticated request
  Edge->>MCP: Routes to MCP inside GovCloud
  MCP->>API: Forwards request to Violet API
  API->>API: Verifies identity, permissions,<br/>and tenant isolation
  API->>Data: Retrieves only the data<br/>the user is authorized to see
  Data-->>API: Returns results
  API-->>MCP: Sends response
  MCP-->>Edge: Returns formatted answer
  Edge-->>User: Delivers result to the AI agent
```

Every step in this flow takes place within AWS GovCloud. No customer data leaves the GovCloud boundary except in the encrypted response back to the requesting AI agent.

> **Important:** once the response reaches the AI agent, that data is outside of Violet's infrastructure. The agent may forward it to the underlying AI model (hosted by the model provider) or to other destinations depending on how the agent is configured. Violet has no control over data after it leaves the MCP response. Your organization's policies for the AI agent and model provider govern what happens to the data from that point forward.

### Security guarantees

#### Authentication and authorization

| Control                          | Description                                                                                                                                              |
| -------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------- |
| **Identity verification**        | Every request must include a valid credential (OAuth token or API key). Unauthenticated requests are rejected before reaching any data.                  |
| **Tenant isolation**             | Each customer's data is strictly separated. Tenant boundaries are enforced redundantly at the API and underlying data layers (search index and database) |
| **Role-based access control**    | The same permission model that governs the Violet web application applies to MCP requests. Users see only what their role allows.                        |
| **No stored credentials in MCP** | The MCP gateway does not store tokens or passwords. It forwards credentials to the API for validation and does not cache them.                           |

#### Data protection

| Control                                   | Description                                                                                                                                                 |
| ----------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------- |
| **Encryption in transit**                 | All traffic between the AI agent and Violet is encrypted with TLS (HTTPS). Internal service-to-service communication also stays within the private network. |
| **Encryption at rest — primary database** | Your source data is stored in Amazon RDS PostgreSQL within AWS GovCloud. Storage is encrypted using AWS-managed keys.                                       |
| **Encryption at rest — search index**     | The search index runs within the same GovCloud environment on encrypted block storage volumes.                                                              |
| **No customer data in the MCP layer**     | The MCP gateway is stateless. It does not write, cache, or log your domain data. It only translates requests and forwards responses.                        |

#### Infrastructure residency

| Component                | Where it runs                                 |
| ------------------------ | --------------------------------------------- |
| MCP gateway              | AWS GovCloud                                  |
| Violet API               | AWS GovCloud                                  |
| Search index and storage | AWS GovCloud, encrypted volumes               |
| Primary database         | Amazon RDS in AWS GovCloud, encrypted storage |

All application and data components reside entirely within AWS GovCloud.

### What the MCP does **not** do

* **Does not host or interface with any AI model.** The MCP server contains no AI model and does not send your data to one. The AI model is entirely on the agent side, managed by your organization or model provider.
* **Does not store your data.** It is a stateless translation layer.
* **Does not create a new attack surface for your data.** It calls the same API endpoints with the same permission checks.
* **Does not bypass permissions.** If a user cannot see something in the Violet web application, they cannot see it through the MCP either.
* **Does not send data outside AWS GovCloud.** All processing and storage happen within the GovCloud boundary. The only outbound path is the encrypted response back to the requesting AI agent. Once that response reaches the agent, the data is governed by the agent's and model provider's own policies — not by Violet.

### Summary

The Violet MCP lets your team use AI agents to query and explore Violet data without compromising the security posture you already have. It is a thin, authenticated, stateless gateway — built on top of the Violet API — with all data remaining encrypted at rest inside AWS GovCloud.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.violetlabs.com/resources/security-and-compliance/mcp-security-and-architecture.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.