MCP Security and Architecture
What is the MCP?
The Violet MCP (Model Context Protocol) server lets AI agents — such as Claude, ChatGPT, Copilot, or your own tools — securely access your Violet data through a standardized interface. It acts as a thin, read-only gateway that sits on top of the existing Violet API. The MCP does not store any of your data; every request passes through the same API that already protects your information today.
The MCP server does not host, run, or communicate with any AI model. It is purely a data-access gateway. The AI model lives entirely on the agent side (managed by your organization or your model provider). The only part of Violet that interacts with an AI model directly is Violet Chat, which is a separate, opt-in feature and is not part of the MCP server.
How it works
Key takeaway: the MCP is a passthrough layer. It adds no new data storage, no new user accounts, and no new permission model. It simply gives AI tools a structured way to call the same Violet API your team already uses — with all the same security controls in place.
Data flow — step by step
Every step in this flow takes place within AWS GovCloud. No customer data leaves the GovCloud boundary except in the encrypted response back to the requesting AI agent.
Important: once the response reaches the AI agent, that data is outside of Violet's infrastructure. The agent may forward it to the underlying AI model (hosted by the model provider) or to other destinations depending on how the agent is configured. Violet has no control over data after it leaves the MCP response. Your organization's policies for the AI agent and model provider govern what happens to the data from that point forward.
Security guarantees
Authentication and authorization
Identity verification
Every request must include a valid credential (OAuth token or API key). Unauthenticated requests are rejected before reaching any data.
Tenant isolation
Each customer's data is strictly separated. Tenant boundaries are enforced redundantly at the API and underlying data layers (search index and database)
Role-based access control
The same permission model that governs the Violet web application applies to MCP requests. Users see only what their role allows.
No stored credentials in MCP
The MCP gateway does not store tokens or passwords. It forwards credentials to the API for validation and does not cache them.
Data protection
Encryption in transit
All traffic between the AI agent and Violet is encrypted with TLS (HTTPS). Internal service-to-service communication also stays within the private network.
Encryption at rest — primary database
Your source data is stored in Amazon RDS PostgreSQL within AWS GovCloud. Storage is encrypted using AWS-managed keys.
Encryption at rest — search index
The search index runs within the same GovCloud environment on encrypted block storage volumes.
No customer data in the MCP layer
The MCP gateway is stateless. It does not write, cache, or log your domain data. It only translates requests and forwards responses.
Infrastructure residency
MCP gateway
AWS GovCloud
Violet API
AWS GovCloud
Search index and storage
AWS GovCloud, encrypted volumes
Primary database
Amazon RDS in AWS GovCloud, encrypted storage
All application and data components reside entirely within AWS GovCloud.
What the MCP does not do
Does not host or interface with any AI model. The MCP server contains no AI model and does not send your data to one. The AI model is entirely on the agent side, managed by your organization or model provider.
Does not store your data. It is a stateless translation layer.
Does not create a new attack surface for your data. It calls the same API endpoints with the same permission checks.
Does not bypass permissions. If a user cannot see something in the Violet web application, they cannot see it through the MCP either.
Does not send data outside AWS GovCloud. All processing and storage happen within the GovCloud boundary. The only outbound path is the encrypted response back to the requesting AI agent. Once that response reaches the agent, the data is governed by the agent's and model provider's own policies — not by Violet.
Summary
The Violet MCP lets your team use AI agents to query and explore Violet data without compromising the security posture you already have. It is a thin, authenticated, stateless gateway — built on top of the Violet API — with all data remaining encrypted at rest inside AWS GovCloud.
Last updated
Was this helpful?