Introducing Akto’s Agentic AI Suite for API Security. Learn More.

Introducing Akto’s Agentic AI Suite for API Security. Learn More.

Introducing Akto’s Agentic AI Suite for API Security. Learn More.

Introducing Akto MCP Server

A new way to bring real-time API security data into Claude, Cursor, and any MCP-compatible client — built for modern, AI-driven AppSec teams.

Trusha

May 15, 2025

We’re excited to launch the Akto MCP Server — a major step toward making API security truly AI-native.

Built for modern AppSec teams, the Akto MCP Server securely connects your API data to AI clients like Claude, Cursor, and others that support the Model Context Protocol (MCP). For the first time, you can inspect endpoints, detect vulnerabilities, analyze sensitive data, and monitor runtime traffic — all from inside your AI tools.

No exports. No dashboards. Just direct, real-time access to the API security data that powers your decisions.

What is the Akto MCP Server?

The Akto MCP Server is a lightweight connector that enables AI agents to securely access your Akto data in real time — using structured function calls.

It’s powered by the Model Context Protocol (MCP), an open standard that allows AI models to interact with software systems in a predictable, structured way. Instead of guessing, your AI tools know exactly how to retrieve API details, surface issues, and navigate complex security contexts.

Once set up, your AI assistant can ask things like:

  • “List all APIs in the Payments collection”

  • “What are the top 5 high-severity issues?”

  • “Which endpoints expose sensitive data?”

Behind the scenes, the Akto MCP Server handles the request, fetches live data from your Akto instance, and returns a secure, structured response — just like a human would.

What Can AI Clients Do with Akto MCP?

Once connected, your AI client becomes API-aware — able to explore, analyze, and act on your API security data in real time. Here’s what that looks like:

Explore API Inventory

Your agent can list API collections, endpoints, and metadata — including activity, hostnames, and classification.

Examples:

  • “List active API collections”

  • “How many endpoints are in the staging environment?”

  • “Show all newly discovered parameters this week”

Investigate Vulnerabilities

Agents can surface test results, filter issues by severity or status, and track remediation progress — using live data from Akto.

Examples:

  • “List all critical vulnerabilities in the Auth collection”

  • “Summarize issues by status and severity”

  • “Get the last 5 test runs for /signup

Detect Sensitive Data

Agents can identify sensitive parameters and monitor where exposed fields (like emails, tokens, or PII) appear in API responses.

Examples:

  • “Which endpoints return email or phone number?”

  • “List sensitive fields in /login

  • “Show sample values for sensitive parameters”

Monitor Runtime Traffic

Agents can inspect endpoint activity, view traffic trends by collection or hostname, and monitor what’s live in production.

Examples:

  • “Which APIs received traffic in the last 24 hours?”

  • “How many unique endpoints were active last week?”

  • “Show traffic breakdown by collection”

How It Works

Setting up the Akto MCP Server takes just a few steps. All you need is:

  • Docker installed and running

  • Your Akto API key

Then follow this workflow:

  1. Generate an API Key: Log in to your Akto dashboard and create an API key.

  2. Launch the Akto MCP Server: Use the following Docker configuration:

    json
CopyEdit
{
  "mcpServers": {
    "akto-mcp-server": {
      "command": "docker",
      "args": [
        "run",
        "--rm",
        "-i",
        "-e",
        "AKTO_API_KEY",
        "aktosecurity/akto-mcp-server:latest"
      ],
      "env": {
        "AKTO_API_KEY": "your_api_key"
      }
    }
  }
}

    Replace your_api_key with your actual Akto API key.


  3. Configure Your Client

    • In Cursor, go to Settings → MCP tab → Add MCP Server

    • In Claude Desktop, add the configuration to claude_desktop_config.json

    • Restart your tool and check that akto-mcp-server appears under active servers

See full setup guide →

Why This Matters

Akto MCP Server brings your API security data into your AI environment — without breaking workflows or creating friction. It allows AppSec teams to investigate, explore, and make decisions faster using tools they already rely on.

Instead of switching between dashboards or exporting data, your AI agents get secure, structured access to the information that matters.

This helps you:

  • Move faster during security reviews

  • Detect and resolve vulnerabilities sooner

  • Monitor changes in real time

  • Power AI-native tooling with real data

Whether you’re building internal copilots, running agent-driven monitoring, or streamlining manual security tasks — the Akto MCP Server gives your tools the context they need to act intelligently.

What’s Next

We’re just getting started. Akto MCP Server will continue to expand with deeper access to your collections, vulnerabilities, and traffic — making it easier to investigate issues, monitor changes, and build AI-native security workflows.

The goal isn’t just to connect Akto to AI. It’s to make every API decision faster, clearer, and backed by real data.

Resources

Need help getting started? Reach out via sales@akto.io.

Follow us for more updates

Want to learn more?

Subscribe to Akto's educational emails for essential insights on protecting your API ecosystem.

Experience enterprise-grade API Security solution

Book a demo

Book a demo

Start now

Start now