Skip to content

Model Context Protocol (MCP)

Overview

The Escape platform supports the Model Context Protocol (MCP), enabling seamless integration between AI assistants and Escape's security platform. MCP provides standardized access to application management, security scanning, and vulnerability analysis directly from your development environment or AI interface.

What is the Model Context Protocol?

The Model Context Protocol (MCP) is an open standard developed by Anthropic to facilitate seamless integration between large language models (LLMs) and external tools, services, and data sources. Often likened to the "USB-C of AI applications," MCP provides a universal interface that allows AI systems to interact with various resources in a standardized manner.

MCP enables AI assistants to:

  • Access real-time data from external systems
  • Execute operations through standardized APIs
  • Provide context-aware responses based on your specific data
  • Automate complex workflows across multiple services

Escape MCP Server

The Escape MCP server is hosted at https://mcp.escape.tech/mcp and provides authenticated access to the Escape platform through the Public API.

Two authentication flows are supported, both backed by the same User.apiKey. Pick the one that matches your client:

  • OAuth 2.1 (recommended for AI assistants and IDEs) — your client opens a browser, you click Allow on a consent page hosted on app.escape.tech, and the client receives a bearer token transparently. Spec-compliant with the MCP 2025-06-18 Authorization spec and RFC 9728 Protected Resource Metadata. No copy-pasting of API keys.
  • Authorization: Key <api-key> (for CLI, CI, scripts, custom integrations) — pass your API key as a static HTTP header. Same path used since day one of the MCP server; unchanged for backward compatibility.

Key Features:

  • Application Management: Create, update, and manage security scan profiles
  • Scan Operations: Initiate scans, monitor status, and retrieve results
  • Domain Management: Manage monitored domains and FQDNs
  • Vulnerability Analysis: Access detailed security findings and recommendations
  • Archive Access: Retrieve scan exchange archives for deep analysis

Authentication flows

For AI assistants and IDEs that natively implement the MCP 2025-06-18 Authorization spec. The client discovers the OAuth endpoints, opens a browser to https://app.escape.tech/oauth/mcp/authorize, you click Allow, and the client receives a bearer token. You never paste an API key into the client.

Configuration is just the URL:

{
  "mcpServers": {
    "escape": {
      "type": "http",
      "url": "https://mcp.escape.tech/mcp"
    }
  }
}

On first use the client opens a browser, the consent page reuses your existing app.escape.tech session (or asks you to log in), and you click Allow. The token is cached by the client; subsequent sessions skip the consent page.

Compatible MCP clients (verified):

Vendor Supported callback origins
Anthropic claude.ai, *.anthropic.com
Cowork cowork.ai, *.cowork.ai
Cursor cursor.com, *.cursor.com, cursor.sh, *.cursor.sh
OpenAI / ChatGPT openai.com, *.openai.com, chatgpt.com, *.chatgpt.com
Continue.dev continue.dev, *.continue.dev
Zed zed.dev, *.zed.dev
Windsurf / Codeium windsurf.com, *.windsurf.com, codeium.com, *.codeium.com
Localhost (any client) http://127.0.0.1:*, http://localhost:*, http://[::1]:*

Clients running their callback on a custom URI scheme (vscode://, cline://, …) typically fall back to a loopback redirect, which the loopback entries above already accept.

How the OAuth handshake works under the hood

  1. Client posts to /mcp without credentials → server returns 401 + WWW-Authenticate: Bearer realm="mcp", resource_metadata="https://mcp.escape.tech/.well-known/oauth-protected-resource".
  2. Client reads the Protected Resource Metadata (RFC 9728) and the Authorization Server Metadata (RFC 8414).
  3. Client performs Dynamic Client Registration (RFC 7591 no-op — everyone gets the same public client_id = escape-mcp-public).
  4. Browser is opened at /oauth/mcp/authorize with PKCE S256; you click Allow.
  5. Client redeems the authorization code at /oauth/mcp/token and receives the bearer token.
  6. Subsequent /mcp calls send Authorization: Bearer <token>.

For headless or scripted use cases — CI jobs, custom integrations, your own MCP client, or any environment where launching a browser to consent isn't practical. Continues to work exactly as before; no migration required for existing setups.

Pass your API key in either of these two equivalent header forms:

Authorization: Key <your-api-key>

Or, equivalently:

X-ESCAPE-API-KEY: <your-api-key>

Example MCP client config:

{
  "mcpServers": {
    "escape": {
      "type": "http",
      "url": "https://mcp.escape.tech/mcp",
      "headers": {
        "Authorization": "Key <your-api-key>"
      }
    }
  }
}

Treat your API key like a password

The API key inherits your full user permissions on the Escape Public API. Never commit it to version control — store it in a secrets manager (Vault, GitHub Actions secrets, GitLab CI variables, AWS Secrets Manager, …) and inject it at runtime.

Generate / rotate your API key

Both flows use the same User.apiKey. Generate or rotate it from your User Settings on the Escape dashboard. Rotating the key invalidates every client that cached it (including OAuth clients) and forces a new consent flow on next use — useful as a panic-button revocation.

Use Cases

IDE Integration

Integrate the Escape MCP server directly into your development environment to access security capabilities alongside your coding workflow.

Supported IDEs:

  • Visual Studio Code
  • Cursor
  • Any MCP-compatible editor

Capabilities:

  • Query application security status without leaving your IDE
  • Initiate security scans from your editor
  • Review vulnerability findings in context
  • Manage scan configurations programmatically

Learn how to configure IDE integration →

Escape Copilot

Interact with the Escape platform through natural language using the Escape Copilot, an AI assistant specialized in cybersecurity workflows.

Capabilities:

  • Natural language application management
  • Conversational scan initiation and monitoring
  • Intelligent vulnerability analysis and recommendations
  • Automated security workflow orchestration

Explore Escape Copilot capabilities →

Getting Started

  1. Choose your auth flow (see Authentication flows above):
    • OAuth 2.1 if your client is Claude (Desktop / Code / web), Cursor, ChatGPT, Continue.dev, Zed, Windsurf, Codeium, or any other MCP-2025-06-18-compliant client.
    • Authorization: Key if you're scripting against MCP from CI, a custom integration, or any headless context.
  2. Generate an API key (only required for the legacy header flow — OAuth handles this for you): User Settings → API Key.
  3. Configure your client:
  4. Start using MCP — your client will discover the available tools automatically.

Security Considerations

  • API key protection: The API key inherits your full Escape account permissions. Store it in a secrets manager and never commit it to version control. The OAuth flow avoids this risk entirely — no API key ever leaves the dashboard.
  • OAuth scope: The hosted MCP server publishes a single scope (mcp) covering full Public API access. There is no per-tool scoping today.
  • Scoped access: API keys inherit your user permissions. Ensure your account has only the necessary access level.
  • Key rotation as panic button: Rotating the API key from the dashboard immediately invalidates every cached bearer token (OAuth and legacy alike). On the next call, OAuth clients will redo the consent flow with the new key.
  • Network security: All MCP communication (and the OAuth handshake) is HTTPS-only. Loopback (http://127.0.0.1, http://localhost, http://[::1]) is permitted only for the OAuth callback step, which is what local MCP clients need for their redirect_uri.

Technical Details

Field Value
Resource endpoint https://mcp.escape.tech/mcp
Protocol HTTP-based MCP (JSON-RPC over POST, SSE over GET)
Authorization server https://app.escape.tech (advertised at /.well-known/oauth-authorization-server)
Protected Resource Metadata https://mcp.escape.tech/.well-known/oauth-protected-resource (RFC 9728)
Token endpoint https://mcp.escape.tech/oauth/mcp/token
Authentication methods OAuth 2.1 PKCE S256 bearer token, Authorization: Key <api-key>, X-ESCAPE-API-KEY: <api-key>
PKCE code_challenge_method = S256 (only supported method)
API scope mcp — full Public API access
Rate limits Subject to standard Public API rate limits

Support

For questions or issues with MCP integration: