Allow-listing trusted MCP servers

Last update:

May 18, 2026

Restrict your MCP client to a controlled set of trusted servers to prevent unauthorized or unintended remote tool access.

Overview

Your MCP client should communicate only with servers that you explicitly trust and intend to use. Allow-listing prevents arbitrary remote code pathways from appearing in an agent’s available tool list and reduces the risk of unintended integrations.

Maintain a controlled server list

Configure a fixed list of approved MCP servers in your application settings.
Define each server by name and URL or command.
Ensure that any server not on the approved list is unavailable, regardless of model suggestions or prompts.

Prefer HTTPS and verified identities

Access remote MCP servers over HTTPS with valid TLS certificates.
Validate certificates to prevent man-in-the-middle attacks.
For high-risk workflows, consider hostname or certificate pinning to prevent silent redirection caused by DNS or network manipulation.

Avoid user-driven server registration

Do not allow end-user prompts or configuration fields to register arbitrary MCP endpoint URLs.
Require server definitions to be created, reviewed, and approved by developers or administrators.

Separate environments

Allow experimental or test servers only in development and staging environments.
Restrict production environments to reviewed, monitored, and officially supported MCP servers.

Was this page helpful?

We're glad. Tell us how this page helped.

Found the answer to my problem Understood the instructions Liked the feature

Other suggestions

We're sorry. Can you tell us what didn't work for you?

Didn't find the answer to my problem Couldn't understand the instructions Didn't like the feature

Other suggestions

Thank you for your feedback. Your response will help improve this page.

Was this helpful?

We are sorry the content didn't meet your needs.

Share additional feedback to help us improve.

0/255 | Character limit exceeded.

Thank you so much for sharing your feedback!