MCP Data Policy

What MCP tools can access

The ForthAI Work MCP server exposes read-only tools scoped to the modules you grant access to:

• read:finance — Finance KPIs, AR aging, GL balances, close status, P&L snapshots, journal entries.
• read:sales — CRM pipeline, deal details, forecast, activity feed, lead queue.
• read:knowledge — Knowledge base entries via hybrid search; text snippets only, attachments are not exposed.

No write operations are exposed via MCP in v3.3. All tool calls return data from your own organization's tenant only.

Who can issue MCP keys

Only users with the org_admin role can issue, list, and revoke MCP API keys from Admin → API Keys. Keys are scoped at issuance time and cannot be upgraded later — to add a scope, issue a new key.

Audit logging & retention

All MCP tool calls are logged in your organization's audit trail (Admin → Audit Log). Logs include the key ID, tool name, scope, and timestamp — never the full response payload. Retention follows your plan's standard audit policy.

Third-party AI clients

When you configure your MCP API key in a third-party AI client (Claude Desktop, ChatGPT, Cursor, etc.), that client's own privacy policy governs how it handles your conversation context. ForthAI Work does not receive or store conversation history from those clients.

Revoking access

You can revoke any MCP API key instantly from Admin → API Keys. Revoked keys are rejected on the next tool call with a structured error envelope. Active sessions on third-party clients will see a graceful failure rather than silent data loss.

Versioning & deprecations

Breaking changes to the MCP surface follow a 60-day sunset policy — see /api/changelog.json for the live deprecation feed.

Contact

Questions or incident reports? hello@forth.ai