Skip to main content

System Hardening

By default, AtScale allows the setup of any service. To restrict access from services not in your company whitelist, you can add rules to your atscale-mcp client in the Identity Broker.

  1. In Design Center, in the left-side navigation, click Security. The Identity Broker opens.

  2. In the left-side navigation, click Clients.

  3. Click the atscale-mcp client.

  4. On the Settings tab, under Access Settings, edit the following fields so they are restricted to the URLs you will use for your MCP service. The redirects will depend on the AI application you're using.

    • Valid redirect URIs: This should be a valid URI pattern that the browser can redirect to after a successful login; for example, http://example.com/*. You can add multiple values by clicking Add valid redirect URIs.
    • Web origins: Determines the allowed CORS origins; for example, https://chatgpt.com/*. You can include multiple values by clicking Add web origins.

    The Access Settings section of the client Settings tab, with the "Valid redirect URIs" and "Web origins" fields highlighted.

  5. Click Save.