MCP Security for SaaS: API Keys, OAuth, Scopes, and Audit Logs
When AI assistants can read and modify your project data via MCP, security becomes critical. This guide covers best practices for securing MCP integrations in team environments, from API key management to safe write operations.
The Security Challenge
MCP gives AI assistants powerful capabilities:
⚠️ Risks
- AI can create, update, delete tasks
- Access to sensitive project data
- Time tracking and billing information
- Team member data and permissions
- Potential for accidental bulk changes
✅ Mitigations
- API key authentication
- Least privilege access
- Confirmation patterns
- Audit logging
- Key rotation policies
API Key Management
Separate Keys Per Client
Create a unique API key for each AI assistant or machine. This provides:
- Granular Control: Revoke access for one client without affecting others
- Audit Trail: Know which client made which changes
- Security Isolation: If one key is compromised, others remain safe
- Usage Tracking: Monitor usage per client
Naming Convention
Use descriptive names for your API keys:
claude-desktop-macbook-procursor-work-laptopwindsurf-dev-machinecontinue-personal-pc
This makes it easy to identify which key to revoke if a device is lost or compromised.
Key Rotation Schedule
Regularly rotate API keys to limit exposure:
Recommended Rotation Schedule
- High Security: Every 30-60 days
- Standard: Every 90 days
- Low Risk: Every 180 days
- Immediate: If key is suspected to be compromised
Revocation Process
When you need to revoke an API key:
- Go to Settings → Integrations → Public API
- Find the key you want to revoke
- Click Delete or Revoke
- Create a new key for the client
- Update the client's configuration with the new key
- Restart the AI client
⚠️ Important
Revoking a key immediately stops all access. The AI client will start getting 401 errors. Make sure you have the new key ready before revoking the old one, or coordinate with team members who use that key.
Environment Separation
Use different API keys for different environments to prevent accidents:
Development
For testing and experimentation:
- Test workflows
- Try new prompts
- Safe to make mistakes
Staging
For pre-production testing:
- Validate workflows
- Test with real data
- Verify integrations
Production
For live team use:
- Strict access control
- Full audit logging
- Confirmation required
Least Privilege Principle
Grant only the minimum permissions needed. While Corcava API keys currently provide full workspace access, you can enforce least privilege through:
Read-First Pattern
Always read before writing:
- AI reads current state (e.g.,
get_task) - AI analyzes and proposes changes
- User reviews the proposal
- User confirms before write operation
Confirm-Before-Write Pattern
Require explicit confirmation before any write operation:
Example: Safe Task Creation
User: "Create a task to follow up with Acme Corp"
AI (with confirmation):
I'll create a task with these details:
- Title: "Follow up with Acme Corp"
- Project: [Selected project]
- Due date: [Suggested date]
Type "CONFIRM" to create this task, or tell me what to change.
Learn more about implementing these patterns in our least-privilege workflows guide.
Safe Write Operations
Write operations (create, update, delete) are the highest risk. Here's how to make them safer:
1. Preview Before Write
Always show what will change before executing:
- Display the task that will be created
- Show the diff for updates
- List what will be deleted
2. Confirmation Tokens
Require a specific confirmation phrase:
- "Type CONFIRM to proceed"
- "Reply YES to create"
- "Say 'create task' to continue"
3. Dry-Run Mode
Test workflows without making changes:
- Show what would happen
- Validate logic before execution
- No actual data changes
4. Audit-Friendly Comments
When making changes, add comments explaining why:
- "Created via MCP: Weekly planning workflow"
- "Updated by AI assistant: Status change requested"
- Include context and reasoning
Logging and Auditing
Comprehensive logging helps you:
- Track who did what and when
- Debug issues and errors
- Comply with audit requirements
- Detect suspicious activity
- Understand usage patterns
What to Log
- Tool Name: Which MCP tool was called
- User/API Key: Which key made the request
- Timestamp: When the operation occurred
- Status: Success or error
- Parameters: What inputs were provided (sanitize sensitive data)
- Result: What was returned or changed
- IP Address: Where the request came from
Reviewing Audit Logs
Regularly review logs to:
- Verify expected usage patterns
- Identify unusual activity
- Debug user-reported issues
- Optimize workflows
OAuth and Advanced Authentication
While API keys are the current standard for MCP, OAuth provides additional benefits:
API Keys (Current)
- ✅ Simple to implement
- ✅ Works immediately
- ✅ Good for personal use
- ⚠️ Manual rotation
- ⚠️ Full workspace access
OAuth (Future)
- ✅ Granular scopes
- ✅ Automatic token refresh
- ✅ Better for enterprise
- ⚠️ More complex setup
- ⚠️ Requires OAuth flow
For now, API keys with proper management provide strong security. OAuth support may be added in the future for enterprise customers who need fine-grained permissions.
Scopes and Permissions
While Corcava API keys currently provide full workspace access, you can implement scope-like restrictions through:
- Separate Workspaces: Use different workspaces for different access levels
- Team Permissions: Leverage Corcava's team permission system
- Prompt Engineering: Instruct AI to only access certain projects/boards
- Workflow Design: Create workflows that respect existing permissions
Incident Response
If an API key is compromised or you suspect unauthorized access:
Immediate Actions
- Revoke the key immediately in Settings → Integrations
- Review recent activity in audit logs
- Check for unauthorized changes (tasks created, data modified)
- Notify team members who may be affected
- Create new keys for legitimate clients
- Update configurations with new keys
- Review security practices to prevent future incidents
Best Practices Summary
Security Checklist
- ✅ Use separate API keys per client/machine
- ✅ Name keys descriptively for easy identification
- ✅ Rotate keys regularly (every 90 days recommended)
- ✅ Use confirmation patterns for write operations
- ✅ Enable audit logging and review regularly
- ✅ Separate keys for dev/staging/production
- ✅ Revoke keys immediately if compromised
- ✅ Never commit API keys to version control
- ✅ Store keys securely (password manager, env variables)
- ✅ Monitor usage for unusual patterns
For a printable checklist, see our MCP security checklist.
Additional Resources
API Key Best Practices
Detailed guide on rotation, revocation, and separation
Least-Privilege Workflows
Design safe write workflows with confirmation patterns
Secure Your MCP Integration
Follow these practices to keep your data safe
No credit card required