Server Management
Register, scan, and monitor MCP servers connected to your Palveron project.
Register a Server
Via the dashboard
Navigate to MCP Gateway → MCP Servers and click Register Server. Provide:
- Name — Human-readable identifier (e.g. "GitHub MCP")
- Server URL — The MCP server's SSE endpoint
- Connector type — Custom, Salesforce, Copilot, ServiceNow, Cursor, Windsurf, or Claude Code
- Description — Optional context for your team
New servers start in the PENDING_APPROVAL state. Activate them via the dashboard or API after review.
Via the API
curl -X POST /api/v1/mcp/servers \
-H "Authorization: Bearer {api_key}" \
-d '{
"name": "GitHub MCP Server",
"server_url": "https://mcp.github.com/sse",
"connector_type": "custom"
}'The response contains the server id; the governed endpoint agents connect to is POST /api/v1/mcp/proxy/{id}.
Create from a template
For any of the 11 connector templates (Salesforce, Microsoft Copilot, ServiceNow, Slack AI, Teams Copilot, Zendesk AI, Intercom Fin, AWS Bedrock, Azure AI, Cursor, Claude Code), use the template endpoint to automatically create the server with recommended policies:
curl -X POST /api/v1/mcp/servers/from-template \
-H "Authorization: Bearer {api_key}" \
-d '{ "template": "salesforce" }'Tool Discovery Scan
After registration, scan the server to discover its tools:
POST /api/v1/mcp/servers/{id}/scanThe scan connects to the MCP server, calls tools/list, and for each tool:
- Registers the tool with name, description, and input schema
- Hashes the tool description (SHA-256) for rug-pull detection
- Automatically classifies risk based on tool name and description:
| Risk Level | Triggers |
|---|---|
| CRITICAL | exec, shell, command, eval, "execute arbitrary" |
| HIGH | write, delete, remove, drop, modify, update, insert |
| MEDIUM | Default for unrecognized tools |
| LOW | read, get, list, search, query, "read-only" |
- Poisoning detection — if a tool's description hash has changed since the last scan, it is marked
is_poisoning_suspect: true
Server Status
| Status | Meaning |
|---|---|
PENDING_APPROVAL | Newly registered, not yet active |
ACTIVE | Operational — tool calls are proxied |
BLOCKED | Manually or emergency-stopped — all tool calls rejected |
SCANNING | Tool discovery in progress |
ERROR | Server unreachable or scan failed |
Monitoring
The Command Center displays MCP KPIs in near real time:
- Tool calls and block rate
- Active vs. total servers
- Number of pending approvals
- Poisoning alerts
- Server errors
MCP tool calls appear in the Live Activity Feed as MCP_TOOL_CALL trace type.