PalveronPalveronDocs

Server Management

Register, scan, and monitor MCP servers connected to your Palveron project.

Register a Server

Via the dashboard

Navigate to MCP Gateway → MCP Servers and click Register Server. Provide:

  • Name — Human-readable identifier (e.g. "GitHub MCP")
  • Server URL — The MCP server's SSE endpoint
  • Connector type — Custom, Salesforce, Copilot, ServiceNow, Cursor, Windsurf, or Claude Code
  • Description — Optional context for your team

New servers start in the PENDING_APPROVAL state. Activate them via the dashboard or API after review.

Via the API

curl -X POST /api/v1/mcp/servers \
  -H "Authorization: Bearer {api_key}" \
  -d '{
    "name": "GitHub MCP Server",
    "server_url": "https://mcp.github.com/sse",
    "connector_type": "custom"
  }'

The response contains the server id; the governed endpoint agents connect to is POST /api/v1/mcp/proxy/{id}.

Create from a template

For any of the 11 connector templates (Salesforce, Microsoft Copilot, ServiceNow, Slack AI, Teams Copilot, Zendesk AI, Intercom Fin, AWS Bedrock, Azure AI, Cursor, Claude Code), use the template endpoint to automatically create the server with recommended policies:

curl -X POST /api/v1/mcp/servers/from-template \
  -H "Authorization: Bearer {api_key}" \
  -d '{ "template": "salesforce" }'

Tool Discovery Scan

After registration, scan the server to discover its tools:

POST /api/v1/mcp/servers/{id}/scan

The scan connects to the MCP server, calls tools/list, and for each tool:

  1. Registers the tool with name, description, and input schema
  2. Hashes the tool description (SHA-256) for rug-pull detection
  3. Automatically classifies risk based on tool name and description:
Risk LevelTriggers
CRITICALexec, shell, command, eval, "execute arbitrary"
HIGHwrite, delete, remove, drop, modify, update, insert
MEDIUMDefault for unrecognized tools
LOWread, get, list, search, query, "read-only"
  1. Poisoning detection — if a tool's description hash has changed since the last scan, it is marked is_poisoning_suspect: true

Server Status

StatusMeaning
PENDING_APPROVALNewly registered, not yet active
ACTIVEOperational — tool calls are proxied
BLOCKEDManually or emergency-stopped — all tool calls rejected
SCANNINGTool discovery in progress
ERRORServer unreachable or scan failed

Monitoring

The Command Center displays MCP KPIs in near real time:

  • Tool calls and block rate
  • Active vs. total servers
  • Number of pending approvals
  • Poisoning alerts
  • Server errors

MCP tool calls appear in the Live Activity Feed as MCP_TOOL_CALL trace type.

On this page