Delinea launched an Mannequin Context Protocol (MCP) server that allow AI-agent entry to credentials saved in Delinea Secret Server and the Delinea Platform. The server applies identification checks and coverage guidelines on each name, aiming to maintain long-lived secrets and techniques out of agent reminiscence whereas retaining full auditability
What’s new for me?
The GitHub undertaking DelineaXPM/delinea-mcp (MIT-licensed) exposes a constrained MCP instrument floor for credential retrieval and account operations, helps OAuth 2.0 dynamic shopper registration per the MCP spec, and affords each STDIO and HTTP/SSE transports. The repo contains Docker artifacts and instance configs for editor/agent integrations
The way it works?
The server exposes MCP instruments that proxy to Secret Server and (optionally) the Delinea Platform: secret and folder retrieval/search, inbox/access-request helpers, person/session admin, and report execution; secrets and techniques themselves stay vaulted and are by no means introduced to the agent. Configuration separates secrets and techniques into surroundings variables (e.g., DELINEA_PASSWORD) and non-secrets into config.json, with scope controls (enabled_tools, allowed object sorts), TLS certs, and an non-obligatory registration pre-shared key.
Clarify me why precisely it issues to me
Enterprises are quickly wiring brokers to operational methods via MCP. Current incidents—reminiscent of a rogue MCP package deal exfiltrating electronic mail—underscore the necessity for registration controls, TLS, least-privilege instrument surfaces, and traceable identification context on each name. Delinea’s server claims to implement these controls in a PAM-aligned sample (ephemeral auth + coverage checks + audit), lowering credential sprawl and simplifying revocation.
Abstract
Delinea’s MIT-licensed MCP server provides enterprises an ordinary, auditable approach for AI-agent credential entry—short-lived tokens, coverage analysis, and constrained instruments—to cut back secret publicity whereas integrating with Secret Server and the Delinea Platform. It’s accessible now on GitHub, with preliminary protection and technical particulars confirming OAuth2, STDIO/HTTP(SSE) transports, and scoped operations.
Michal Sutter is a knowledge science skilled with a Grasp of Science in Knowledge Science from the College of Padova. With a stable basis in statistical evaluation, machine studying, and knowledge engineering, Michal excels at remodeling complicated datasets into actionable insights.
