MCP server and CLI for governed AI data
Plug any AI agent into your verified business events through the DataInbox MCP server. Manage rules, schemas, and the semantic catalog as code with the DataInbox CLI. Same governance, same audit log, same deterministic policy engine.
DataInbox MCP server
A Model Context Protocol server that exposes governed inbox operations to any MCP-compatible AI agent. Tools are scoped per tenant and per role. Every call passes through the same policy engine that powers the UI.
# Add to your MCP client config
{
"mcpServers": {
"datainbox": {
"url": "https://mcp.datainbox.ai",
"auth": { "type": "bearer", "token": "$DATAINBOX_TOKEN" }
}
}
}Exposed tools
list_eventsSearch the inbox by topic, schema, time range, or status.get_eventFetch a single verified business event with full lineage.propose_ruleDraft a routing, validation, or approval rule for human review.simulate_ruleDry-run a rule against historical events before deploy.request_approvalOpen a human-in-the-loop approval ticket for a pending action.get_audit_logRead the immutable audit trail for any event, rule, or agent action.list_catalogBrowse the semantic catalog: schemas, owners, privacy tags.
DataInbox CLI
A first-class command line for engineers, SREs, and platform teams. Stream events, deploy rules from Git, export the audit log, and manage the semantic catalog as code.
# Install
npm install -g @datainbox/cli
# or
brew install datainbox/tap/datainbox
datainbox login
datainbox events tail --topic stripe.paymentsCommon commands
datainbox loginAuthenticate with SSO or a personal access token.datainbox events tailLive stream events from any topic, filter by schema or rule.datainbox events replayReplay a time range into a sandbox or staging tenant.datainbox rules deployPromote rule definitions from a Git repo to any environment.datainbox rules diffCompare rule versions across environments before promotion.datainbox catalog pullSync the semantic catalog to local YAML for version control.datainbox audit exportExport the audit log to S3, GCS, or your SIEM.
Built on the same governance as the UI
Scoped and auditable
Every MCP call and CLI command is scoped by RBAC and written to the immutable audit log.
Deterministic enforcement
Agents propose, the policy engine decides. LLMs never bypass rules, even through the MCP.
GitOps friendly
Rules and catalog live as YAML. Validate in CI with simulate, promote with deploy.
Developer FAQ
What is the DataInbox MCP server?
A Model Context Protocol server that lets any MCP-compatible AI client (Claude Desktop, Cursor, OpenAI Agents SDK, custom agents) safely query and act on the inbox. The MCP server speaks the same governance rules as the UI: every tool call is scoped, every action is logged, every write goes through the deterministic policy engine.
Which AI clients work with the MCP server?
Any client that implements the Model Context Protocol standard. Tested with Claude Desktop, Cursor, Windsurf, the OpenAI Agents SDK, LangChain, LlamaIndex, and custom agents built on the Anthropic and OpenAI SDKs.
Is the CLI safe for production?
Yes. The CLI is the same control plane the web UI uses. It enforces RBAC, SSO, and the immutable audit log. CI/CD-friendly: tokens are short-lived, every command is logged with actor, environment, and diff.
Can rules be managed as code?
Yes. The CLI supports a GitOps workflow. Rules and catalog definitions live as YAML in your repo, are validated in CI with simulate, then promoted across dev, staging, and production with deploy. Every promotion creates a versioned audit entry.