Oso Cloud MCP Server
Understand, develop, and debug authorization policies in Oso Cloud.
Local Development
Oso MCP Server
Use the MCP Server to:
- develop a better understanding of your policy
- use natural language to ask authorization-related questions
- debug why an authorization decision does not match what you expect
This guide assumes you have already installed and set up the CLI.
Connect
In your LLM client of choice, add the following to your MCP config file to run it against a local dev server:
{
"mcpServers": {
"oso": {
"command": "oso-cloud",
"args": ["experimental", "mcp"],
"env": {
"OSO_URL": "http://localhost:8080",
"OSO_AUTH": "e_0123456789_12345_osotesttoken01xiIn"
}
}
}
}
- You may optionally omit the
OSO_URLenvironment variable or set it tohttps://cloud.osohq.comif you want to run it against a live production server. - The provided
OSO_AUTHtoken is for the local dev server. You can obtain your live serverOSO_AUTHtoken from the Oso Cloud UI.
Where can I find my MCP config file?
Here are guides for some common clients:
- Claude Desktop
- Cursor
- VS Code Copilot
- Kiro
Usage
This server is primarily intended for use with dev servers to aid in development. Please use extra caution when using against a live environment.
Once you have your MCP server up and running, you can ask your LLM any authorization related questions and watch it use the tools available. Currently, we expose read tools to:
- Get your policy
- Get all facts
- Run an
authorizequery - Query your facts with pattern matching
- Run policy tests We also expose the following write tools, restricted for use only with local dev servers:
- Update your policy
- Add facts
- Delete facts
- Clear all data Try sending any of the following messages:
- Draw a mermaid diagram of my authorization policy
- What permissions does
<actor>have on<resource>?- e.g. “What permissions does Alice have on Project XYZ?”
- Why doesn’t
<actor>have permission to<action><resource>?
Feedback
We are actively iterating on developer experience and would appreciate all feedback on the Oso MCP Server and the broader development experience with Oso Cloud. Please do not hesitate to reach out on Slack!
Was this page helpful?
YesNo
Oso Migrate (Beta)
Overview of Polar Language and Syntax
Related Servers
MCP Yeoman Server
Search for and run Yeoman generator templates programmatically.
MCP Server Template
A starter template for building a Model Context Protocol (MCP) server using TypeScript and Node.js.
Sequa MCP
A proxy that connects local STDIO with remote MCP servers, enabling IDEs to use MCP without extra infrastructure.
MCP Low-Level Server Streamable HTTP
A low-level MCP server implementation with streamable HTTP support, configured via environment variables.
Croft Laravel
A local MCP server for Laravel developers to boost productivity with artisan commands.
Gemini CLI
Integrates with the unofficial Google Gemini CLI, allowing file access within configured directories.
mcp.shop
A web shop built with MCP, WorkOS AuthKit, and Next.js.
Chart
A Model Context Protocol server for generating visual charts using AntV.
.NET Types Explorer
Provides detailed type information from .NET projects including assembly exploration, type reflection, and NuGet integration for AI coding agents
Binary Ninja
A Binary Ninja plugin, MCP server, and bridge that seamlessly integrates Binary Ninja with your favorite MCP client.