packages/kilo-docs/pages/contributing/features/enterprise-mcp-controls.md
{% callout type="info" title="Status" %} Proposal - no matching organization MCP allowlist implementation exists yet. Schema, endpoints, dashboard flows, and client enforcement described here are tentative. {% /callout %}
Developers can configure MCP (Model Context Protocol) servers, including marketplace servers and custom servers. Enterprise customers may need organization policy for which MCP servers their developers can use.
This proposal adds an organization-managed allowlist of approved marketplace MCP servers and dashboard-managed member configuration. It is a design document, not current architecture.
This resolves two distinct cases: local entries rejected by policy need not be activated, while dashboard-managed configuration replacement is proposed behavior only when policy is enabled.
{% image src="/docs/img/enterprise-mcp-controls-today.png" alt="Current MCP configuration flow" /%}
{% image src="/docs/img/enterprise-mcp-controls-with-ent-control.png" alt="Proposed enterprise MCP controls flow" /%}
When organization policy is enabled, client pulls dashboard-managed configuration instead of using end-user filesystem definitions. Policy-disabled organizations keep existing local behavior.
{% callout type="warning" title="Tentative design" %} Following schema has not shipped. Names, storage layout, encryption approach, and API shape may change during implementation review. {% /callout %}
Organization settings could hold allowlist policy:
const OrganizationSettings_MCPControls = z.object({
mcp_controls_enabled: z.boolean().optional(),
mcp_controls_allowed_marketplace_servers: z.string().optional(),
})
Dashboard-managed member configuration may require encrypted storage:
create table if not exists organization_member_mcp_configs (
id uuid not null default uuid_generate_v4(),
organization_id uuid not null references organizations(id),
kilo_user_id text not null references kilocode_users(id),
config bytea not null,
created_at timestamptz not null default now()
)
Payload shape could start with:
const OrganizationMemberMCPConfig = z
.object({ mcp_id: z.string(), parameters: z.record(z.string(), z.string()) })
.array()
| Surface | Proposed behavior |
|---|---|
/organizations/:id/mcp-control | Let owners manage allowlist and members configure approved MCP servers |
GET /api/marketplace/mcps | Retrieve marketplace MCP list for policy UI |
| Organization settings API | Read and update enabled state and allowlist |
| Member MCP config API | Store encrypted approved MCP configuration |
These routes and endpoints are placeholders for implementation design. They are not documented as available APIs.
| Area | Proposed work |
|---|---|
| Backend | Add policy schema, encrypted member config storage, audit logging, and organization/member APIs |
| Dashboard | Add administrator allowlist UI and member configuration UI |
| Client | Fetch policy-enabled configuration, ignore disallowed local entries, and link to dashboard configuration |