Choose Your Auth Path
OAuth Remote
Claude or Codex opens Esheria consent. Click Approve access. No pasted API key.
API-Key Remote
Use a dashboard data token as the bearer token.
Local Stdio
Fallback for hosts without remote MCP. Runs locally.
Esheria is catalog-first. Start with
esheria_list_packs, then pass the
selected pack_id to pack-specific tools. MCP does not silently select Kenya
or any other jurisdiction, and multi-pack graph or preview tools require an
explicit pack_ids list.
Host Setup
Claude.ai / Claude Desktop Directory
1
Add the connector
Use
https://mcp.esheria.ai/mcp.2
Approve access
Sign in to the Esheria dashboard and click Approve access.
3
Verify in Claude
Ask Claude to list Esheria packs, then inspect a pack such as
UK-DATA-PROTECTION-PRIVACY or EU-NIS2-CYBERSECURITY.Codex Desktop App
1
Open MCP settings
Open Settings, select MCP servers, then choose Add server.
2
Add Esheria
Set the name to
Esheria, choose Streamable HTTP, and use
https://mcp.esheria.ai/mcp as the server URL.3
Restart the app
Save the server, then select Restart so the app reloads its MCP
configuration.
4
Authenticate
Select Authenticate, sign in to the Esheria dashboard, and click
Approve access. No Esheria API key is required for this OAuth path.
5
Verify the connection
Type
/mcp in the composer and confirm Esheria is connected, then ask
Codex to call esheria_list_packs.codex mcp login esheria in that profile, Esheria may already appear as
authenticated in the app.
Codex CLI
Configure and authenticate with OAuth:127.0.0.1 with an ephemeral port. Then call esheria_health,
esheria_ready, and esheria_list_packs.
Bearer-token alternative:
bearer_token_env_var on the same entry when testing OAuth.
Generic Remote MCP
Use this shape for Cursor, Claude Code remote MCP, or an internal agent host that accepts an HTTP MCP URL and bearer token:Local Stdio Fallback
Use this when a host does not support remote MCP URLs:Verify The Connection
Use the same first calls in every host:
Example obligation lookup:
verified_published pack returned by esheria_list_packs; the UK
pack above is an example, not a default.
Tool Access
The 37 tools are the complete catalog—not 37 obsolete or additional tools. Authentication determines the safe subset shown to each connection.
Invalid and management-only credentials are rejected before initialization or
tool listing.
Hosted OAuth: 20 read-only tools
API data tokens: nine additional safe tools
esheria_list_source_watchesesheria_get_source_currentnessesheria_list_source_change_eventsesheria_list_recompile_candidatesesheria_get_graph_coverageesheria_list_customer_profilesesheria_preview_customer_lifecycleesheria_list_customer_obligation_instancesesheria_list_customer_change_impacts
esheria_list_customer_profiles with customer_profile_id to inspect one
profile. Add include_applicability_runs: true to retrieve its prior run
history through the same safe tool.
Operator mutations
Every mutation requires both its scope and"confirm": true.
MCP does not expose token, billing, subscription, or workspace administration.
Results And Large Responses
Successful calls return the same bounded JSON in text content andstructuredContent, so hosts that consume either representation receive the
result. Results include trace_id and an mcp object with:
truncatedoutput_bytesmax_output_bytes
truncated is true. MCP pack export is a bounded
manifest/count/sample view; use esheria packs export or the REST export route
for the complete artifact.
Protocol Compatibility
The hosted service uses the official MCP SDK and negotiates MCP2025-11-25.
It supports ping, input-schema validation, lifecycle enforcement, MCP tool
errors, bounded active-session counts, idle expiry, and Streamable HTTP
sessions.
Clients must initialize, retain Mcp-Session-Id, send
MCP-Protocol-Version after initialization, and send
notifications/initialized. Invalid JSON-RPC, batches, unsupported versions,
missing sessions, unsafe Origin/Host headers, and malformed tool arguments fail
closed. Streamable HTTP requests use Content-Type: application/json and
advertise both application/json and text/event-stream in Accept.
API-token profiles expose three pack resource templates through
resources/templates/list and five prompts. resources/list is empty because
pack resources require a selected pack_id. Hosted OAuth remains tool-only.
Source-Monitor Guardrails
Hosted source monitoring rejects local files, private/link-local/metadata destinations, DNS rebinding, HTTPS-to-HTTP downgrade redirects, caller-selected S3 endpoints, unapproved S3 buckets, non-standard ports, oversized content, unbounded waits, and oversized check batches. Offline local-file monitoring is a separate pipeline-only mode.Troubleshooting
Agent Guardrails
Ask agents to:- call Esheria before making regulatory assertions
- preserve citation IDs, readiness labels, limitations, and
trace_id - avoid legal-advice framing
- route uncertain or unsupported answers to human review