MCP.so
Sign In

Hejdar

@ARKALDA

About Hejdar

Hejdar MCP Server — runtime policy enforcement for AI agents

Basic information

Category

Other

License

MIT

Runtime

python

Transports

stdio

Publisher

ARKALDA

Submitted by

ARKALDA

Config

Add this server to your MCP-compatible client using the configuration below.

{
  "mcpServers": {
    "hejdar": {
      "command": "uvx",
      "args": [
        "hejdar-mcp"
      ],
      "env": {
        "HEJDAR_API_KEY": "your-api-key",
        "HEJDAR_API_URL": "https://api.hejdar.com"
      }
    }
  }
}

Tools

No tools detected

We auto-extract tools from the README. The maintainer can list them under a ## Tools heading to populate this section.

Overview

What is Hejdar?

Hejdar is an MCP server that exposes the hejdar_evaluate tool to allow MCP-compatible AI agents (e.g., Claude, ChatGPT, Cursor) to check whether an intended action is permitted by organizational policy before executing it. It is a thin wrapper around the Hejdar API (POST /v1/evaluate) and contains no policy logic itself — all decisions come from the user's Hejdar organization's configured policies.

How to use Hejdar?

Install via pip install hejdar-mcp or run directly with uvx hejdar-mcp. Obtain an API key from app.hejdar.com (Settings → API Keys). Configure your MCP client (Claude Desktop, Claude Code, or direct stdio) by setting the HEJDAR_API_KEY environment variable and pointing to the hejdar-mcp command. Once configured, your agent can call hejdar_evaluate with parameters action_type, resource, and optional agent_name and context.

Key features of Hejdar

  • Exposes hejdar_evaluate as a single MCP tool.
  • Wraps the Hejdar API; no policy logic in the server.
  • Supports five action types: READ, WRITE, DELETE, TRANSFER, EXECUTE.
  • Returns decisions: ALLOW, DENY, or WOULD_DENY with reason and risk level.
  • API key is read from environment variables only; never hardcoded.
  • All API calls enforce TLS for secure communication.

Use cases of Hejdar

  • Prevent an AI agent from deleting customer data without manager approval.
  • Enforce that a code-generation agent can only read, not write, to production databases.
  • Block a file-transfer agent from moving sensitive data to an unauthorized server.
  • Alert on actions that would be denied (WOULD_DENY) for auditing purposes.
  • Integrate runtime policy checks into any MCP-compatible client workflow.

FAQ from Hejdar

What does the Hejdar MCP server

Comments

More Other MCP servers