# Cerbos MCP for AI Agents MCP

> Cerbos helps your AI agents manage complex, policy-driven resource access control. Connect this MCP to any client to evaluate permissions and generate optimized query plans instantly through natural language conversation.

## Overview
- **Category:** developer-tools
- **Price:** Free
- **Tags:** authorization, rbac, abac, policy-engine, access-control

## Description

Authorization logic is usually the messiest part of an application. You write it once, but you spend hours debugging it across different services and user roles. This MCP lets your AI agent handle that complexity directly in your chat window. Instead of calling five separate endpoints to check if a resource is visible or editable by a certain role, you just ask. The system evaluates the policies instantly and tells you the outcome. You can even generate full query plans, so your downstream database calls are automatically filtered down to only what the user is authorized to see. Because this functionality handles core security logic, it's a perfect fit for Vinkius; you connect once from any compatible client and get access to robust policy management tools without writing boilerplate code.

## Tools

### get_authzen_config
Retrieves the specific endpoint URLs needed for using the AuthZEN APIs.

### authzen_evaluation
Performs a single, focused evaluation of an access request using the standardized AuthZEN model.

### authzen_evaluations
Handles batch evaluations for multiple access requests, supporting complex compliance rules like deny-on-first-deny.

### check_resources
Performs a read-only check to determine if a principal has permission on a defined set of resources.

### plan_resources
Generates an Abstract Syntax Tree (AST) query plan that filters database results based only on the user's allowed access.

### get_server_info
Returns version and build details, helping you verify the status of your Cerbos instance.

## Prompt Examples

**Prompt:** 
```
Hey, can I check if my marketing manager role can view expense reports for department 'Seattle'?
```

**Response:** 
```
**Access Check Result:**

*   **Principal:** Marketing Manager
*   **Action:** View
*   **Resource Filter:** Expense Reports
*   **Outcome:** **ALLOWED**

The policy allows viewing, but only if the resource's 'department' attribute matches the user's assigned department.
```

**Prompt:** 
```
What query plan do I need to view all documents related to project Alpha?
```

**Response:** 
```

Here is the optimized AST filter for your database query:

```json
{
  "WHERE": "resource.project == 'Alpha' AND (user.role == 'Editor' OR user.department == resource.department)"
}
```
You can apply this exact condition to limit results, ensuring users only see data they are authorized for.

```

**Prompt:** 
```
Can I run a bulk check on 10 different roles against the 'invoice' resource?
```

**Response:** 
```
**Batch Evaluation Summary:**

| Role | Action | Resource | Status |
| :--- | :----- | :------- | :----- | 
| Viewer | Read | Invoice | ALLOWED |
| Editor | Write | Invoice | DENIED |
| Admin | Delete | Invoice | ALLOWED |

This confirms that the 'Editor' role cannot delete invoices, which matches our policy.
```

## Capabilities

### Verify specific permissions
Check if a user is allowed to perform an action on a given resource using `check_resources`.

### Generate database query filters
Produce detailed, optimized query plans that restrict results based on the principal's permissions using `plan_resources`.

### Process batch access requests
Evaluate multiple complex access policies at once using `authzen_evaluations` for standardized compliance checks.

### Execute single policy evaluations
Run a single, focused access check against the system model via `authzen_evaluation`.

### Inspect instance configuration
Retrieve vital metadata about your Cerbos setup and its current policies using `get_server_info` or `get_authzen_config`.

## Use Cases

### A user needs to see all sensitive documents for a department
Instead of writing complex SQL with multiple `JOIN` statements and manual role checks, the agent runs `plan_resources`. It returns an optimized query plan that automatically filters results so only records matching the user's department attribute are visible.

### A new feature needs to check permissions for 20 different actions
Manually calling a permission endpoint twenty times is painful. The agent uses `authzen_evaluations` to run all 20 checks in one go, giving you an immediate pass/fail report for the entire feature set.

### The team needs to debug why a specific user can't access a resource
Instead of asking three different developers to check their policies, the agent runs `check_resources` with the principal and resource details. It immediately pinpoints if the policy itself is blocking the action.

### Need quick confirmation on system health before deployment
The engineer uses `get_server_info` to confirm that the Cerbos instance is running the expected version, making sure the policies haven't been compromised by an outdated build.

## Benefits

- Instantly verify permissions using `check_resources`. You no longer have to manually write API calls just to see if a user can edit a specific record.
- `plan_resources` creates query plans that automatically filter database results. This means your application queries only pull data the user is actually allowed to see.
- The batch evaluation tools, like `authzen_evaluations`, let you run full compliance checks across multiple policies at once—a huge time saver for security audits.
- You get system visibility with simple calls like `get_server_info`. This lets your agent confirm the policy engine's version and build details on demand.
- The standardized AuthZEN tools ensure your access requests meet industry compliance standards, reducing friction when building regulated applications.

## How It Works

The bottom line is that your AI agent handles all the complicated API calls; you just talk to it like talking to a teammate.

1. Subscribe to this MCP and provide your specific Cerbos instance base URL.
2. Your AI client connects, allowing you to interact with the policy engine through natural conversation.
3. You ask a question—for example, 'Can user X view resource Y?'—and the system returns a clear, definitive ALLOWED or DENIED result.

## Frequently Asked Questions

**How does Cerbos MCP help me manage user permissions without writing complex code?**
It lets you talk to your AI agent and ask questions like 'Can this person do X on Y?' The system handles the entire policy evaluation, giving you a definitive answer. This cuts out hours of manual API scripting.

**Is Cerbos MCP better than just using database roles for access control?**
Yes. Database roles are static; this MCP allows dynamic, attribute-based checks. You can enforce policies based on things like a user's department or the resource's creation date, which is much more flexible.

**What if I need to see all resources for a given project? Does Cerbos MCP handle that?**
It does. You can use the query planning tools within the MCP. It generates an optimized filter you can apply directly to your database, so you only retrieve authorized records.

**Does connecting the Cerbos MCP affect my existing application logic?**
No. The MCP acts as a policy layer that your AI agent calls when needed. It enhances your current workflow by providing an external source of truth for all access decisions, so you don't have to change core business logic.

**Can I check compliance across many different users at once using Cerbos MCP?**
Absolutely. You can use the batch evaluation tools in the MCP. This lets you run large-scale audits, checking hundreds of potential access combinations with a single prompt.