Security & permissions (MCP)
API keys, tenancy, and review practices for Onboard hosted MCP.
MCP inherits the same authority as the Onboard credentials configured in the client. Treat hosted MCP as a production integration surface, not an experiment on shared laptops without policy.
API key vs OAuth (who gets access)
Onboard hosted MCP supports two connection models. Pick the one your AI client actually supports—they are not interchangeable.
| Model | Who configures MCP | Who authenticates | Effective access |
|---|---|---|---|
| API key | Admin (Integrations → API) | Nobody per session—the key is baked into the client config | Everyone who can use that MCP/chat surface in the platform runs tools as that one key (full org scope of the key) |
| OAuth | Admin (connector URL, Client ID, callbacks) | Each end user signs in with their own account | Tools run as that signed-in user (their Onboard permissions), not a shared admin key |
API key — org-wide integration key. An admin creates or copies a key once, pastes it into Amazon Quick, Cursor, Raycast, cURL, etc. Anyone with access to that app’s MCP or chat feature inherits the key’s power. Rotate the key when someone leaves or the config may have leaked.
OAuth — per-user sign-in. An admin registers the hosted MCP connector (URL, OAuth Client ID from Integrations → API, allowed callbacks). Each person completes browser login before tools work. Better when you need individual accountability and least privilege per user.
Claude / Anthropic: Custom connectors and org-level MCP setup use user-based OAuth per Anthropic connector authentication. They do not offer an org-wide “paste one API key, everyone shares it” model like API-key-first desktop tools. Plan onboarding around per-user OAuth, not a single shared REST token in the connector UI.
See MCP desktop clients for which clients use which model, and Connecting to Onboard MCP for setup steps.
API keys and tenancy
- Use an Onboard Admin–managed API key from Integrations → API (or Company settings → API key where your org creates keys). Only people who should administer integrations should rotate or copy it.
- The key is scoped to your company in Onboard; MCP tools cannot escape that tenancy.
- Rotate keys after offboarding, suspected exposure, or vendor review findings—same discipline as REST-only integrations.
Client and network hygiene
- Prefer company-managed devices and approved MCP clients.
- Do not paste production keys into public chats, shared screen recordings, or untested third-party extensions.
- Use TLS only (
https://rest.onboard.io); avoid HTTP or unknown proxies that terminate TLS without your security team’s approval.
Reviews and compliance
- For a practical pre-launch checklist, use the Security checklist.
- For SOC 2 materials, subprocessors, and trust artifacts, see Compliance & trust and the Trust Center.
Operational logging
Hosted MCP may generate support or audit logs depending on your deployment. Clarify with [email protected] what is logged for your tenant and how long logs are retained.
Related
- MCP setup — endpoints and token placement
- Authentication — REST
Authorization: Tokensemantics - MCP introduction — conceptual overview
How is this guide?