Overview
This MCP server provides a Model Context Protocol interface that lets AI applications and LLMs securely interact with CipherTrust's RESTful Data Protection (CRDP) service. It supports both single-item and bulk protect and reveal operations, with optional versioning support to align with external, internal, or disabled policy configurations defined in CipherTrust. The server routes protect requests to CRDP using policies defined on the CipherTrust manager and returns either the protected data or the corresponding external/internal version values, depending on the policy. Revelation requires proper authorization, either via a username or a JWT token, ensuring that only authorized users can reveal data. Security notes indicate the server runs CRDP in no-tls mode and does not store sensitive data locally, with health and metrics exposed for monitoring. Transport options include stdio (default) and streamable HTTP, configurable via environment variables CRDP_SERVICE_URL, CRDP_PROBES_URL, MCP_TRANSPORT, and MCP_PORT. The project includes integration templates for n8n and supports AI assistant integrations (Cursor AI, Google Gemini, Claude Desktop) for natural-language data protection workflows.
Features
Data Protection
Protect sensitive data using Data Protection policies defined on the Thales CipherTrust manager.
Data Revelation
Securely reveal protected data with proper authorization (username/jwt)
Bulk Operations
Process multiple data items in single batch operations
Versioning Support
Handles external versioned, internal versioned, and version disabled protection policies.
Monitoring
Health checks and metrics collection
Multiple Transports
Support for stdio and HTTP transports
Who Is This For?
- AI developers:Integrate the MCP server to protect and reveal data via CRDP within AI/LLM applications.
- Security engineers:Configure protection policies, authorization, and monitor CRDP integration.
- Automation engineers:Build bulk protection/reveal workflows in automation tools like n8n.
