Herald·Step 3 · MCP Server

The control plane your AI agent operates.

Federated authorization, queryable from any AI agent.

Herald exposes EnforceAuth’s full authorization signal — decisions, audit, entities, policies, deployments, fleet — as MCP tools. Same RBAC as the human Console. Same audit log. Connect Claude Code, Cursor, Cline, or any MCP-capable client.

Start with free tier See it in use

mock mcp exampleCompliance

❯

The shift

Authorization is a question
you can finally ask out loud.

Herald is the third step of the EnforceAuth journey: once Zift extracted authz from your code and Writ governs it, Herald lets you interrogate it.

Yesterday01

Authorization data was a silo.

Decision logs lived in a SIEM nobody opened, audit logs in a vault nobody read, RBAC matrices in a Confluence page from 2023. Cross-cutting questions — “Did anyone who left this quarter still have prod access?” — meant a Jira ticket and three engineers.

Today02

Herald federates it.

An MCP tool surface over EnforceAuth’s full authorization signal — decisions, audit, entities, policies, deployments, fleet. Same RBAC as the human Console. Same audit log. Connect any AI agent: Claude Code, Cursor, Cline, your own.

Now possible03

Join it to the rest of your business.

Your IdP, HRIS, data warehouse, tickets, SIEM, and CRM already expose MCP servers. Herald is one more peer in that mesh. An agent can ask a question that crosses all of them in one prompt — and the answer becomes a Slack reply, a Jira ticket, a SOC 2 export.

Eighteen prompts that didn’t fit in last quarter’s access review.

None of these would have shipped as a feature. They’re questions, not products. Herald lets the agent assemble each one on demand.

audit

> Build the SOC 2 CC6.1 evidence packet for Q1: every prod policy change, with author, reviewer, and bundle hash.

audit

> For every "deny" on customer-data access last month, show whether a Jira ticket was opened within 24h.

audit

> List every external auditor who had read access in the past 90 days, plus the entities they were scoped to.

risk

> Which entities have the highest 30-day deny-rate growth? Cluster by team and surface the top 5.

risk

> Find policies that allow > 95% of decisions — are they doing real work or just rubber-stamping?

risk

> Show me principals whose action mix changed materially in the last two weeks vs. their 90-day baseline.

compliance

> Map every active API key to a named owner in Workday. Flag the orphans.

compliance

> Which prod entities have no four-eyes policy on destructive actions? Open a Jira epic for the gap.

compliance

> Generate the ISO 27001 A.9 access-control evidence for the audit committee meeting Friday.

security

> Compare the last 24h of decisions against the prior 7d baseline — surface anomalies by entity.

security

> Cross-reference EnforceAuth admin actions with Splunk-flagged anomalous IPs in the same window.

security

> Find every secret rotated in the last 30 days that’s still referenced by an active CI job.

incident

> For incident INC-3318, list every policy that returned "error" in the 15 minutes prior.

incident

> Build a postmortem timeline that joins audit, deployments, GitHub, and the PagerDuty incident.

incident

> Which bundles were in production during the elevated 5xx window? Who promoted them?

provisioning

> Compare a new hire’s access to peers in their Workday job profile. Generate the access request.

provisioning

> Which roles are held by fewer than 3 people? Identify single-points-of-failure for offboarding planning.

provisioning

> Recommend role consolidation: which roles overlap > 80% in granted permissions across all entities?

Examples

Splunk · Datadog · AWS CloudTrail · Microsoft Sentinel

What Herald joins to

network signal, IP reputation, cloud-control plane events

Example combinations

Herald alone covers a lot.
Pair it with four MCP peers — unlock four more domains.

Each combo below pairs Herald with one or two of the connector categories above. None require new EnforceAuth integration work — the agent assembles the join at runtime.

salesforce+ea · herald

CRM × Account audit

> For accounts that churned last quarter, surface every internal user who viewed their data in the prior 90 days — and whether each access was ticketed.

Joins CRM customer status with the audit log + ticket trail.

datadog+ea · herald+github

APM × Incident root-cause

> When p99 on /retail-api crossed 800ms yesterday, which policy bundle was active and which commit shipped it? Link the GitHub PR.

Latency window → bundle in prod → commit + reviewer.

snowflake+ea · herald+workday

Warehouse × Risk drift

> Engineers whose Snowflake reads on PII columns doubled this month — did their RBAC scope or manager change in the same window?

Query volume + RBAC delta + HRIS reorg, all in one prompt.

stripe+ea · herald+jira

Billing × Compliance

> For customers in payment dispute status, who internally viewed their billing record in the last 30 days — and was a Jira ticket opened for each access?

Billing record access + audit trail + change-management ticket.

MCP’s value compounds: every peer the customer adds becomes a join Herald can participate in — no extra integration work on our side. We bring the authorization signal; the rest of the stack provides the business context.

Step 3 in the EnforceAuth journey

Point your agent at Herald.
Ask it the question.

Herald is live on every paid tenant. Free tier gets a read-only OAuth scope for evaluation. Connect Claude Code, Cursor, Cline, or any MCP-capable client.

Start with free tier

Herald is step 3 of 3. See also:

← Writ · govern·Verdict · the agentic firewall

The control plane your AI agent operates.

Federated authorization, queryable from any AI agent.

Authorization is a questionyou can finally ask out loud.

Authorization data was a silo.

Herald federates it.

Join it to the rest of your business.

Eighteen prompts that didn’t fit in last quarter’s access review.

Herald is one peer. You bring the rest.

Identity & HRIS

SCM & build

Data warehouse

ITSM & on-call

CRM & commerce

SIEM & cloud audit

Herald alone covers a lot.Pair it with four MCP peers — unlock four more domains.

Point your agent at Herald.Ask it the question.

Authorization is a question
you can finally ask out loud.

Herald alone covers a lot.
Pair it with four MCP peers — unlock four more domains.

Point your agent at Herald.
Ask it the question.