> ## Documentation Index
> Fetch the complete documentation index at: https://docs.mcpmanager.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Features

> A complete index of MCP Manager capabilities — gateways and server types, identity and OAuth, tool and feature provisioning, threat prevention, DLP filtering, platform security, observability, alerts, and team administration.

**MCP Manager** puts one governed gateway between your AI clients and your MCP servers, giving you fine-grained control over how hosts, agents, and tools connect. This page is the full index of what MCP Manager does today — every distinct capability in one scannable list. Select any card to open the detailed documentation for that feature.

<Info>
  Many features below are gated by a **capability** assigned to your role. If you don't see a page, tab, or button described here, your role likely lacks the relevant capability — ask a workspace administrator. See [Capabilities](/deployment/rbac-and-roles/capabilities).
</Info>

## Deployment and enablement

The gateway is the control point: one governed URL that every host and agent connects to, fronting all of your MCP servers. MCP Manager supports remote, managed, and workstation servers, unlimited gateways, and unlimited servers per gateway.

<CardGroup cols={1}>
  <Card title="MCP Gateway" icon="network-wired" href="/mcp-gateway-concepts/mcp-gateways">
    One governed URL that aggregates many upstream MCP servers behind a single endpoint.
  </Card>

  <Card title="Any AI host, CLI, or agent" icon="robot" href="/mcp-gateway-concepts/apps-and-agents">
    Compatible with Anthropic, OpenAI, and all MCP-compatible environments.
  </Card>

  <Card title="One-click client connection" icon="plug-circle-check" href="/features/connection-experience">
    A guided, reuse-friendly authorization flow for Claude, Cursor, and other clients.
  </Card>

  <Card title="All three server types" icon="server" href="/mcp-gateway-concepts/mcp-servers/overview">
    Deploy Remote, Managed, and Workstation MCP servers.
  </Card>

  <Card title="Remote MCP servers" icon="cloud" href="/mcp-gateway-concepts/mcp-servers/remote">
    Connect any HTTPS MCP endpoint, whether a SaaS vendor's or your own self-hosted server.
  </Card>

  <Card title="Managed servers in your infra" icon="cubes" href="/mcp-gateway-concepts/mcp-servers/managed">
    Launch a server in your infrastructure with a command MCP Manager generates.
  </Card>

  <Card title="Managed stdio and HTTP" icon="terminal" href="/mcp-gateway-concepts/mcp-servers/managed">
    Run both command-based (stdio) and URL-based servers as managed endpoints.
  </Card>

  <Card title="Workstation MCP servers" icon="laptop" href="/mcp-gateway-concepts/mcp-servers/workstation">
    Reach servers on a local machine through an encrypted tunnel, never exposed to the internet.
  </Card>

  <Card title="Server containers" icon="layer-group" href="/mcp-gateway-concepts/mcp-servers/overview">
    Group multiple managed or workstation servers into one logical unit.
  </Card>

  <Card title="Unlimited gateways" icon="infinity" href="/deployment/gateway-deployment-strategies">
    Spin up gateways for dev, staging, production, or per-team use.
  </Card>

  <Card title="Unlimited servers per gateway" icon="boxes-stacked" href="/mcp-gateway-concepts/mcp-gateways">
    Scale without limits or concurrency concerns.
  </Card>

  <Card title="Auto URL and token creation" icon="link" href="/features/api-tokens-and-headless-agents">
    Secure endpoints and access tokens are generated for you.
  </Card>

  <Card title="Automatic feature discovery" icon="wand-magic-sparkles" href="/features/feature-provisioning">
    MCP Manager learns and previews each server's live tools, prompts, resources, and templates.
  </Card>

  <Card title="Deployment strategies" icon="sitemap" href="/deployment/gateway-deployment-strategies">
    Run one org-wide gateway, one per team, one per server, or one per use case.
  </Card>

  <Card title="Gateway archiving" icon="box-archive">
    Soft-delete and later restore gateways without losing their history.
  </Card>
</CardGroup>

## Identity and authentication

MCP Manager brokers identity between hosts and servers so credentials never live in the client. An administrator chooses, per server, between each user's own identity and a shared service account.

<CardGroup cols={1}>
  <Card title="Enforced OAuth for all servers" icon="key" href="/security/authentication-and-identity">
    Every server uses secure, standards-based authentication.
  </Card>

  <Card title="Dynamic client registration" icon="user-plus" href="/mcp-gateway-concepts/mcp-servers/remote">
    Automates identity onboarding for new servers (RFC 7591).
  </Card>

  <Card title="Metadata discovery" icon="compass" href="/security/authentication-and-identity">
    Detects authorization endpoints from well-known metadata (RFC 8414 / RFC 9728).
  </Card>

  <Card title="Token refresh and rotation" icon="arrows-rotate" href="/security/authentication-and-identity">
    Automatically refreshes and rotates tokens to eliminate stale credentials.
  </Card>

  <Card title="Admin-controlled identity scheme" icon="user-gear" href="/features/identity-controls">
    Choose a shared service account or per-user identity for each server on a gateway.
  </Card>

  <Card title="Bring-your-own-identity" icon="id-card" href="/features/identity-controls">
    Each user authenticates with their own downstream identity; no shared keys in clients.
  </Card>

  <Card title="Identity forwarding and token exchange" icon="id-badge" href="/advanced/agents-passing-identities">
    Pass the end user's identity to upstream servers so an agent acts as the real user.
  </Card>

  <Card title="Per-agent (machine) identity" icon="robot" href="/features/api-tokens-and-headless-agents">
    Issue each headless agent its own identity, scoped to a gateway connection.
  </Card>

  <Card title="JWT validation and header forwarding" icon="file-shield" href="/security/authentication-and-identity">
    Validate caller JWTs and forward auth headers to upstream servers per request.
  </Card>

  <Card title="Header and API-key authentication" icon="code" href="/mcp-gateway-concepts/mcp-servers/remote">
    Support servers that authenticate with custom headers or API keys.
  </Card>

  <Card title="SSO via your identity provider" icon="right-to-bracket" href="/enterprise/sso">
    Broker enterprise single sign-on through Okta, Entra ID, and other IdPs.
  </Card>
</CardGroup>

## Tool and feature provisioning

Decide exactly which tools, prompts, and resources each agent can reach. The allowlist mode is fail-closed by design — once you limit a feature type to selected capabilities, anything you haven't allowed is blocked. (A newly assigned server starts by allowing all of its capabilities, so a simple setup works without curation.)

<CardGroup cols={1}>
  <Card title="Block, allow, or condition features" icon="filter" href="/features/feature-provisioning">
    Allow-all, allow-selected, or block-all for tools, resources, and prompts per server.
  </Card>

  <Card title="Governs all four feature types" icon="list-check" href="/features/feature-provisioning">
    Tools, prompts, resources, and resource templates, uniformly.
  </Card>

  <Card title="Tool metadata filtering" icon="filter-circle-xmark" href="/features/feature-provisioning">
    Limit the metadata agents receive to cut token usage, context overload, and cost.
  </Card>

  <Card title="Tool-change protection" icon="lock" href="/security/feature-governance">
    Pin a tool by name, title, or description so unreviewed changes stop passing the gateway.
  </Card>

  <Card title="Fail-closed allowlists" icon="ban" href="/security/feature-governance">
    In allow-if-conditions-met mode, anything you haven't explicitly allowed is blocked.
  </Card>

  <Card title="Tool namespacing" icon="tag" href="/features/feature-provisioning">
    Prefix tool names to prevent collisions between servers on the same gateway.
  </Card>

  <Card title="Per-team and per-identity scoping" icon="users-gear" href="/deployment/teams">
    Different teams or users see different curated tool sets.
  </Card>

  <Card title="Admin permissions for provisioning" icon="user-shield" href="/deployment/rbac-and-roles/capabilities">
    Assign fine-grained provisioning control to specific roles.
  </Card>
</CardGroup>

## Threat prevention

MCP Manager neutralizes the MCP-specific attack classes that put agents and data at risk, from prompt injection to rug pulls and server spoofing.

<CardGroup cols={1}>
  <Card title="Prompt injection" icon="syringe" href="/security/runtime-protections">
    Blocks malicious prompt content — including indirect, second-order injection in tool results.
  </Card>

  <Card title="Rug pull attacks" icon="hand" href="/security/feature-governance">
    Detects and halts when a server or tool changes behavior after initial approval.
  </Card>

  <Card title="Tool poisoning" icon="skull-crossbones" href="/security/feature-governance">
    Prevents modified or malicious tools from being served to agents.
  </Card>

  <Card title="Anti-mimicry" icon="clone" href="/security/overview">
    Stops attackers from creating look-alike servers that impersonate trusted ones.
  </Card>

  <Card title="Server spoofing" icon="id-card-clip" href="/security/overview">
    Authenticates each server connection using signed tokens and verifiable origins.
  </Card>

  <Card title="Cross-server shadowing" icon="diagram-project" href="/security/overview">
    Prevents one server from secretly invoking another server's tools without authorization.
  </Card>

  <Card title="Break-glass kill switches" icon="power-off" href="/features/api-tokens-and-headless-agents">
    Instantly disable a host, connection, or identity when something looks wrong.
  </Card>

  <Card title="Secret redaction" icon="eye-slash" href="/security/audit-and-observability">
    Sensitive payload keys are scrubbed before logs and alerts are stored.
  </Card>
</CardGroup>

## Filtering and data loss prevention

Gateway rules inspect MCP messages in flight and pass, modify, or block them, with five enforcement actions and a choice of detection methods.

<CardGroup cols={1}>
  <Card title="Regex-based filtering" icon="asterisk" href="/features/gateway-rules/regex">
    Detect and block sensitive patterns — phone numbers, SSNs, API keys, project IDs.
  </Card>

  <Card title="Inline masking and redaction" icon="marker" href="/features/gateway-rules/regex">
    Five enforcement actions on detected content: block, redact, replace, mask, and hash.
  </Card>

  <Card title="Microsoft Presidio" icon="user-shield" href="/features/gateway-rules/presidio">
    Pre-trained PII detection and anonymization, run as a managed add-on.
  </Card>

  <Card title="Custom DLP endpoints" icon="plug" href="/features/gateway-rules/custom-rules-engines">
    Connect internal DLP systems or third-party review workflows via custom rule engines.
  </Card>

  <Card title="Lakera Guard" icon="shield-check" href="/features/lakera-guard">
    Managed prompt-injection, jailbreak, PII, and toxic-content detection.
  </Card>

  <Card title="Amazon Bedrock Guardrails" icon="aws" iconType="brands" href="/features/amazon-bedrock">
    Apply Bedrock guardrails as a gateway rule engine.
  </Card>

  <Card title="Jailbreak detection" icon="lock-open" href="/features/lakera-guard">
    Detect and block jailbreak attempts via Lakera Guard and Bedrock Guardrails.
  </Card>

  <Card title="Pass, modify, or block verdicts" icon="code-branch" href="/features/gateway-rules/overview">
    Every rule engine returns an enforcement action the gateway applies inline.
  </Card>

  <Card title="Fail-open or fail-closed rules" icon="toggle-on" href="/features/gateway-rules/overview">
    Choose whether a rule-engine outage allows or blocks traffic.
  </Card>

  <Card title="Custom resource blockers" icon="folder-tree" href="/advanced/building-a-custom-rule-engine">
    Build a custom rule engine to block sensitive content or paths, such as a specific folder.
  </Card>
</CardGroup>

## Platform security and trust

The gateway is hardened as the single control point in the path of every call, with encryption at rest and in transit, static egress IPs, and negligible added latency.

<CardGroup cols={1}>
  <Card title="AES-256-GCM credential vault" icon="vault" href="/mcp-gateway-concepts/architecture-and-trust">
    All stored credentials are encrypted at rest with authenticated encryption.
  </Card>

  <Card title="Automatic key rotation" icon="rotate" href="/mcp-gateway-concepts/architecture-and-trust">
    Encryption keys are rotated without operator intervention.
  </Card>

  <Card title="Encryption in transit" icon="lock" href="/mcp-gateway-concepts/architecture-and-trust">
    Every connection is terminated and re-originated over TLS by design.
  </Card>

  <Card title="Static egress IPs" icon="location-crosshairs" href="/mcp-gateway-concepts/architecture-and-trust">
    Lock down upstream servers to MCP Manager's fixed egress IPs, with per-server shared secrets.
  </Card>

  <Card title="Network isolation" icon="shield-halved" href="/mcp-gateway-concepts/mcp-servers/workstation">
    Workstation servers stay private behind an encrypted tunnel, never exposed to the internet.
  </Card>

  <Card title="Negligible added latency" icon="gauge-high" href="/mcp-gateway-concepts/architecture-and-trust">
    The gateway adds roughly 150 ms or less, until inline rule engines run.
  </Card>
</CardGroup>

## Observability and reporting

Every request and response is logged with rich context, attributed to the real user, and rolled up into charts and exports.

<CardGroup cols={1}>
  <Card title="Server registry" icon="table-list" href="/features/viewing-logs">
    View and manage all connected servers from one dashboard.
  </Card>

  <Card title="Host and agent inventory" icon="list-ul" href="/mcp-gateway-concepts/apps-and-agents">
    See every host and agent connecting through your gateways, attributed to an identity.
  </Card>

  <Card title="Contextual audit logs" icon="rectangle-list" href="/features/viewing-logs">
    Logs full requests and responses alongside 20+ metadata fields per call.
  </Card>

  <Card title="Identity attribution" icon="fingerprint" href="/security/audit-and-observability">
    Every call is attributed to the real user behind it, supporting non-repudiation.
  </Card>

  <Card title="Four-leg correlation" icon="diagram-project" href="/features/viewing-logs">
    Correlate a single request across client, gateway, and downstream server legs.
  </Card>

  <Card title="Per-request token accounting" icon="coins" href="/features/reporting">
    Token counts are estimated per call.
  </Card>

  <Card title="Usage attribution by user and team" icon="chart-simple" href="/features/reporting">
    Token counts and feature calls grouped by user, team, and server.
  </Card>

  <Card title="Observability charts" icon="chart-pie" href="/features/reporting">
    Token use, feature calls, server popularity, error rates, and latency percentiles.
  </Card>

  <Card title="Response-time percentiles" icon="gauge" href="/features/reporting">
    Median and 95th-percentile call duration per feature.
  </Card>

  <Card title="Log export" icon="file-export" href="/features/viewing-logs">
    Export audit data as CSV or JSON.
  </Card>

  <Card title="Export to your SIEM" icon="tower-broadcast" href="/enterprise/export-to-siem">
    Forward structured logs and request traces to any OpenTelemetry (OTLP) collector.
  </Card>

  <Card title="Pre-built SIEM connectors" icon="plug-circle-bolt" href="/enterprise/export-to-siem">
    Datadog, Grafana Cloud, Honeycomb, New Relic, and a self-hosted collector for any backend.
  </Card>
</CardGroup>

## Monitoring and alerts

MCP Manager surfaces operational and security events as alerts so administrators stay aware of access requests, new tools, policy violations, and outages.

<CardGroup cols={1}>
  <Card title="Gateway approval requests" icon="bell" href="/features/alerts">
    Receive alerts when users request new gateway access.
  </Card>

  <Card title="New feature provisioned" icon="circle-plus" href="/features/alerts">
    Get notified when new tools are added to your servers.
  </Card>

  <Card title="Content filter triggers" icon="triangle-exclamation" href="/features/alerts">
    Monitor sensitive data or policy violations in real time.
  </Card>

  <Card title="Outages and connection failures" icon="plug-circle-xmark" href="/features/alerts">
    Stay aware of broken connections or downtime instantly.
  </Card>

  <Card title="OAuth failure alerts" icon="circle-exclamation" href="/features/alerts">
    Get notified when a server's OAuth callback or client registration fails.
  </Card>

  <Card title="Request rate limiting" icon="gauge-high" href="/mcp-gateway-concepts/architecture-and-trust">
    Per-origin and per-key rate limits protect the gateway from abuse.
  </Card>
</CardGroup>

## Administration, teams, and access control

Provision people, scope access by team and capability, and integrate your identity provider for SSO and SCIM.

<CardGroup cols={1}>
  <Card title="SSO support" icon="right-to-bracket" href="/enterprise/sso">
    Log in through your corporate identity provider.
  </Card>

  <Card title="SCIM provisioning" icon="arrows-rotate" href="/enterprise/scim">
    Automate user provisioning and de-provisioning (SCIM 2.0).
  </Card>

  <Card title="SCIM group-to-team mapping" icon="people-group" href="/enterprise/scim">
    Map Okta or Entra ID groups to MCP Manager teams, with just-in-time provisioning.
  </Card>

  <Card title="Capability-based RBAC" icon="user-shield" href="/deployment/rbac-and-roles/overview">
    Build custom roles from granular capabilities across every area of the product.
  </Card>

  <Card title="Read-only auditor roles" icon="glasses" href="/deployment/rbac-and-roles/capabilities">
    Compose view-only roles — view reports, see alerts, view logs — for compliance reviewers.
  </Card>

  <Card title="Gateway access control" icon="users-gear" href="/deployment/teams">
    Define who can view or edit each gateway.
  </Card>

  <Card title="Gateway privacy settings" icon="eye-slash" href="/deployment/gateway-deployment-strategies">
    Restrict visibility and data access within a workspace.
  </Card>

  <Card title="Tool and server access control" icon="lock" href="/deployment/rbac-and-roles/capabilities">
    Control what each team can deploy or modify.
  </Card>

  <Card title="Host and connection management" icon="key" href="/features/api-tokens-and-headless-agents">
    Register hosts, issue and revoke API tokens, and enable or disable connections.
  </Card>

  <Card title="Enterprise lockdown controls" icon="building-lock" href="/deployment/enterprise-strategy-and-lockdown">
    Funnel all MCP usage through the gateway with connector allowlists, MDM/EDR, and static IPs.
  </Card>

  <Card title="Workspace settings" icon="gear">
    Configure workspace name, date and time formats, and your plan.
  </Card>

  <Card title="User invitations and deactivation" icon="user-plus" href="/deployment/rbac-and-roles/overview">
    Invite users and revoke workspace access.
  </Card>
</CardGroup>

For the security model behind these features — authentication, feature governance, runtime protections, and audit — see the [Security](/security/authentication-and-identity) section.

## Further reading

<CardGroup cols={2}>
  <Card title="Connection Experience" icon="plug-circle-check" href="/features/connection-experience">
    What an end user experiences when connecting a gateway, step by step.
  </Card>

  <Card title="Security model" icon="shield-halved" href="/security/authentication-and-identity">
    Authentication, feature governance, runtime protections, and audit.
  </Card>

  <Card title="Gateway deployment strategies" icon="sitemap" href="/deployment/gateway-deployment-strategies">
    Choose a gateway topology — org-wide, per team, per server, or per use case.
  </Card>
</CardGroup>
