# MCP Governance

### Admin-Enforced MCP Server Whitelisting

Admins have the ability to limit what kind of MCP servers are permitted in the organization.

Beneath the <mark style="color:red;">**//**</mark>**&#x20;MCP Governance&#x20;**<mark style="color:red;">**//**</mark> title of the page, Admins will be able to see a menu of control options will appear that include:

* **Allow all** – No restrictions
* **Allow only remote** – Only StreamableHTTP/SSE transports will be permitted
* **Allow-list only** – Only MCP servers in the allow list can be used
* **Block all** – Admins can disallow any MCP servers

<figure><img src="/files/W5XaLWFegbkGewcsnwNM" alt=""><figcaption></figcaption></figure>

### Adding an MCP Server

Under MCP Governance, you have the option to catalog MCP servers for use in an **Allow List.**

Simply go to the blue <mark style="background-color:blue;">**+ Add MCP**</mark> button in the upper righthand corner of the screen and select.

A window will appear where you must input the server’s information.

If it is a remote MCP server, it must include the following:

* Server location (local or remote)
* The MCP server name\*\*
* The MCP server URL

{% hint style="info" %}
\*\*If the user specifies this server name in the `mcp_servers.json` file, then the associated configuration must be remote and have this URL.
{% endhint %}

<figure><img src="/files/ftWEo3SFJXlBOR2eFZXg" alt=""><figcaption></figcaption></figure>

If from a local (i.e. STDIO) server, it must **also** include:

* Command Regex
* `args`
  * ‘Exact match’ toggle (Default is "no")\*\*\*

{% hint style="info" %}
\*\*\*

* "No" args in `mcp_servers.json` *must* contain those that occur in the **Allow List**.
* "Yes" means that those `args` must be used in the `mcp_servers.json` file.
  {% endhint %}

Once you do that, hit <mark style="background-color:blue;">**Save**</mark>.

<figure><img src="/files/s2f692ggeJhoKVNVjyn0" alt=""><figcaption></figcaption></figure>

<br>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.tabnine.com/main/administering-tabnine/managing-your-team/settings/mcp-governance.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.