# Openli MCP

> Openli MCP Server connects your AI client to robust legal compliance tools. It handles Data Subject Access Requests (DSARs), generates privacy policies, and manages cookie consent records for global regulations like GDPR and CCPA. Your agent uses this server to automate audit trails, track vendor data processors, and maintain a single source of truth for all your site's legal agreements.

## Overview
- **Category:** industry-titans
- **Price:** Free
- **Tags:** openli, privacy-compliance, gdpr-api, cookie-consent, dsar-management, legal-orchestration, audit-trail, vendor-compliance, consent-recording, mcp

## Description

**Openli** connects your AI client directly to robust legal compliance tools. You'll manage everything from Data Subject Access Requests (DSARs) to global cookie consent records without pulling your hair out over regulatory fines. Your agent uses this server to automate complex audit trails, track every third-party data processor you use, and keep a single source of truth for all your site’s legal agreements.

When you connect Openli, your AI client acts like a dedicated privacy officer on demand. You don't just talk about compliance; you *do* it. It handles the full lifecycle of user consent records: you can pull specific details using `get_consent` or save proof of consent directly to the ledger with `save_consent`. To see what’s on file, you just run `list_consents`, giving you a complete picture of every record you've ever kept.

Dealing with DSARs is where Openli shines. You initiate and track these requests using natural language commands; you can create a new request ledger entry with `create_dsar` and, when needed, pull all the required metadata for an existing case via `get_dsar`. To oversee your current regulatory workload, simply run `list_dsars`, which gives you a clean list of every open or closed Data Subject Access Request. You'll never miss a deadline because this server manages the whole process.

Keeping your legal agreements current is critical. Openli lets you maintain an organized archive of all published contracts. To see what’s active, run `list_agreements`. When you need to check the fine print on one document, use `get_agreement` to retrieve detailed information about a specific agreement. You can also create and record new legal documents or agreement records using `create_agreement`, ensuring every term is captured in the system.

For monitoring your compliance posture, your agent runs deep into the audit logs and vendor data relationships. Running `list_audit_logs` provides a chronological list of every system activity and compliance event that happened—you get a clear trail. You can track all third-party processors using `list_vendors`, which lists every vendor and data processor attached to your company. If you need the deep details on one specific partner, run `get_vendor`. And before you start anything big, running `check_openli_status` confirms that the connection is live and working right.

This setup means you're always in control. You get a complete overview of your data processing relationships, manage user consent proof points, automate DSAR responses, and keep every legal document versioned—all through simple commands. It’s what you need to stay out of trouble.

## Tools

### check_openli_status
Verifies that the connection to Openli is active and working correctly.

### create_agreement
Generates a new legal document or agreement record within the system.

### create_dsar
Initiates and records a new Data Subject Access Request (DSAR) in the compliance ledger.

### get_agreement
Retrieves detailed information about a specific, existing legal agreement.

### get_consent
Fetches the details and status of a specific user's consent record.

### get_dsar
Retrieves all necessary metadata related to a specific Data Subject Access Request.

### get_vendor
Gets detailed information about a particular third-party data vendor or processor.

### list_agreements
Lists all published legal agreements currently held by the organization.

### list_audit_logs
Provides a chronological list of system activities and compliance audit events.

### list_consents
Retrieves a summary list of all user consent records on file.

### list_dsars
Lists all open and closed Data Subject Access Requests that have been submitted.

### list_vendors
Provides a list of all third-party vendors and data processors used by the company.

### save_consent
Saves proof of user consent, creating an immutable record for audit purposes.

## Prompt Examples

**Prompt:** 
```
List all my current legal agreements in Openli.
```

**Response:** 
```
I've retrieved your agreements. You have 3 active documents: 'Privacy Policy', 'Terms of Service', and 'Cookie Policy'. Which one would you like to see the public key for?
```

**Prompt:** 
```
Show me all active legal documents that need review before their renewal date.
```

**Response:** 
```
You have 7 legal documents approaching renewal. Your Privacy Policy expires June 30th and requires GDPR Article 13 updates. The Terms of Service for your mobile app need revision by July 15th. 3 cookie consent banners are flagged for reconfiguration due to recent regulatory changes in France and Germany.
```

**Prompt:** 
```
Generate a compliance report for my website covering GDPR and cookie consent status.
```

**Response:** 
```
Compliance scan complete for example.com. GDPR status: 89% compliant. Missing items: data processing agreement update and explicit consent for analytics tracking. Cookie consent: 23 cookies detected, 19 properly categorized, 4 require reclassification (2 marketing cookies miscategorized as functional). Overall risk level: Medium.
```

## Capabilities

### Manage User Consent Records
The agent retrieves specific user consent details or saves evidence of consent directly to the ledger.

### Handle Data Subject Access Requests (DSARs)
You initiate and track DSAR lifecycles using natural language, ensuring faster responses and better regulatory compliance.

### Audit Legal Agreements
The server lists all published legal agreements and retrieves metadata to ensure every term is synchronized with current standards.

### Monitor Compliance Audits
You pull detailed audit logs and can list third-party vendors, giving you a clear view of data processing relationships.

## Use Cases

### The PR Crisis: User asks, 'What data do you have on me?'
A user sends a request for their personal data. Instead of manually logging it, the agent runs `create_dsar` to initiate the record. The DPO then uses `get_dsar` to track all required internal steps—from gathering records to sending the final package—ensuring regulatory deadlines are met.

### The Legal Audit: Checking policy versions
Legal Counsel needs to prove that their Privacy Policy hasn't changed since a specific date. They use `list_agreements` to pull the list and then use `get_agreement` to retrieve version metadata, proving compliance for an audit.

### The Cookie Consent Fix: Capturing proof
A PM needs to prove that a user explicitly consented to analytics tracking on a specific day. They use the chat interface and `save_consent` with the AI agent, generating an instant, time-stamped record of the user's agreement.

### The Vendor Review: Mapping data flow
You need to know if a new marketing partner gets access to sensitive PII. You use `list_vendors` to see all current partners and then run `get_vendor` on the suspect party to determine exactly what data they are authorized to touch.

## Benefits

- Audit your full data footprint using `list_vendors` and `get_vendor`. You immediately see who has access to which piece of user data, solving the blind spot problem with third-party services.
- Maintain a legally defensible record by running `save_consent`. This action creates an immutable audit trail every time a user gives or revokes consent for tracking cookies.
- Stop chasing paperwork. Use `list_agreements` to get an instant overview of your Terms of Service, Privacy Policy, and Cookie Policy status without opening any document management system.
- Speed up DSAR handling with `create_dsar`. You can generate the request record instantly via chat, tracking it through its entire lifecycle using `get_dsar`.
- Simplify compliance checks by running `list_audit_logs`. This gives you a single point of truth to review exactly when and how data was accessed or modified across the system.

## How It Works

The bottom line is that your AI client manages complex legal tasks by calling specific Openli functions, letting you talk to your compliance data instead of navigating a dashboard.

1. First, subscribe to the Openli server and enter your API Key in the Vinkius dashboard.
2. Second, prompt your AI client with a compliance query (e.g., 'List all active vendor agreements').
3. Third, the agent uses the tools—like `list_vendors` or `get_agreement`—to pull the data and present it back to you in natural language.

## Frequently Asked Questions

**Can my AI automatically find the latest version of my Privacy Policy?**
Yes! Use the `list_agreements` tool. Your agent will respond with complete metadata for all published legal documents, including their unique public keys and last update timestamps in seconds.

**How do I find my Openli API Key?**
Log in to your Openli account, navigate to **Settings** > **API**, and you will find your unique secret API key there.

**Can I use the AI to record consent for a new user?**
Absolutely. Use the `save_consent` tool. Provide the user's email and the public key of the agreement they accepted, and the agent will securely log the evidence in your Openli audit trail.

**When I run `check_openli_status`, what does it tell me if my connection fails?**
It confirms the server's operational status immediately. The tool returns a clear success or failure code, and if there's an error, it provides the specific API message. This tells you exactly where to fix things without guesswork.

**How can I use `list_vendors` to get an overview of all my data processors?**
It generates a complete list of every vendor linked in your Openli account. From that initial list, your AI client can then select individual vendors to run through `get_vendor`, giving you detailed compliance metrics for each one.

**If I need an audit trail of past changes, how do I use `list_audit_logs`?**
It pulls a chronological record of every action taken through the Openli system. This log includes timestamps and descriptions of changes, which is absolutely essential for passing formal compliance audits.

**I need to start a Data Subject Access Request; how do I use `create_dsar`?**
You invoke `create_dsar`, providing the required identifying data points. This action generates a unique, tracked DSAR record in your Openli account, immediately triggering internal tracking workflows.

**How do I use `list_consents` to check every user consent record?**
It retrieves all historical and current consent entries in bulk. Your agent client processes this list, allowing you to filter by date range or specific document type for efficient compliance reporting.